3816 matches found
MIT Kerberos 5: Multiple vulnerabilities
Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. kadmind is the MIT Kerberos 5 administration daemon. Description A stack buffer overflow CVE-2007-3999 has been reported in svcauthgssvalidate of the RPC library of kadmind. Another vulnerability...
ImageMagick: Multiple buffer overflows
Background ImageMagick is a collection of tools allowing various manipulations on image files. Description iDefense Labs has discovered multiple integer overflows in ImageMagick in the functions ReadDCMImage and ReadXWDImage, that are used to process DCM and XWD files. Impact An attacker could...
Evince: Stack overflow in included gv code
Background Evince is a document viewer for multiple document formats, including PostScript. Description Evince includes code from GNU gv that does not properly boundary check user-supplied data before copying it into process buffers. Impact An attacker could entice a user to open a specially...
Asterisk: SIP Denial of service
Background Asterisk is an open source implementation of a telephone private branch exchange PBX. Description The MU Security Research Team discovered that Asterisk contains a NULL-pointer dereferencing error in the SIP channel when handling request messages. Impact A remote attacker could cause a...
DenyHosts: Denial of service
Background DenyHosts is designed to monitor SSH servers for repeated failed login attempts. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that DenyHosts used an incomplete regular expression to parse failed login attempts. Impact A remote unauthenticated attacker ca...
xine-lib: Buffer overflow
Background xine is a portable and reusable multimedia playback engine. xine-lib is xine's core engine. Description A possible buffer overflow has been reported in the Real Media input plugin. Impact An attacker could exploit this vulnerability by enticing a user into loading a specially crafted...
Kile: Incorrect backup file permission
Background Kile is a TeX/LaTeX editor for KDE. Description Kile fails to set the same permissions on backup files as on the original file. This is similar to CVE-2005-1920. Impact A kile user may inadvertently grant access to sensitive information. Workaround There is no known workaround at this...
Ruby: Denial of Service vulnerability
Background Ruby is a dynamic, open source programming language with a focus on simplicity and productivity. Description Zed Shaw, Jeremy Kemper, and Jamis Buck of the Mongrel project reported that the CGI library shipped with Ruby is vulnerable to a remote Denial of Service by an unauthenticated...
Adobe Flash Player: Arbitrary code execution
Background The Adobe Flash Player is a renderer for Flash files - commonly used to provide interactive websites, digital experiences and mobile content. Description The Adobe Flash Player contains multiple unspecified vulnerabilities. Impact An attacker could entice a user to view a malicious Fla...
MIT Kerberos 5: Multiple local privilege escalation vulnerabilities
Background MIT Kerberos 5 is a suite of applications that implement the Kerberos network protocol. It is designed to provide strong authentication for client/server applications by using secret-key cryptography. Description Unchecked calls to setuid in krshd and v4rcp, as well as unchecked calls ...
TunePimp: Buffer overflow
Background The TunePimp library also referred to as libtunepimp is a development library geared towards developers who wish to create MusicBrainz enabled tagging applications. Description Kevin Kofler has reported a vulnerability where three stack variables are allocated with 255, 255 and 100 byt...
Sendmail: Denial of service
Background Sendmail is a popular mail transfer agent MTA. Description Frank Sheiness discovered that the mime8to7 function can recurse endlessly during the decoding of multipart MIME messages until the stack of the process is filled and the process crashes. Impact By sending specially crafted...
JPEG library: Denial of service
Background The JPEG library is able to load, handle and manipulate images in the JPEG format. Description Tavis Ormandy of the Gentoo Linux Auditing Team discovered that the vulnerable JPEG library ebuilds compile JPEG without the --maxmem feature which is not recommended. Impact By enticing a us...
Pound: HTTP request smuggling
Background Pound is a reverse proxy, load balancer and HTTPS front-end. It allows to distribute the load on several web servers and offers a SSL wrapper for web servers that do not support SSL directly. Description Pound fails to handle HTTP requests with conflicting "Content-Length" and...
phpWebSite: Local file inclusion
Background phpWebSite provides a complete web site content management system. Description rgod has reported that the "hubdir" parameter in "index.php" isn't properly verified. When "magicquotesgpc" is disabled, this can be exploited to include arbitrary files from local ressources. Impact If...
NetHack, Slash'EM, Falcon's Eye: Local privilege escalation
Background NetHack is the classic single player dungeon exploration game. Slash'EM and Falcon's Eye are NetHack variants. Description NetHack, Slash'EM and Falcon's Eye have been found to be incompatible with the system used for managing games on Gentoo Linux. As a result, they cannot be played...
Pngcrush: Buffer overflow
Background Pngcrush is an optimizer for PNG files. Description Carsten Lohrke of Gentoo Linux reported that Pngcrush contains a vulnerable version of zlib GLSA 200507-19. Impact By creating a specially crafted data stream, attackers can overwrite data structures for applications that use Pngcrush...
ADOdb: PostgresSQL command injection
Background ADOdb is an abstraction library for PHP creating a common API for a wide range of database backends. Description Andy Staudacher discovered that ADOdb does not properly sanitize all parameters. Impact By sending specifically crafted requests to an application that uses ADOdb and a...
Horde Application Framework: XSS vulnerability
Background The Horde Application Framework is a general-purpose web application framework written in PHP, providing classes for handling preferences, compression, browser detection, connection tracking, MIME, and more. Description The Horde Team reported a potential XSS vulnerability. Horde fails...
Mantis: XSS and SQL injection vulnerabilities
Background Mantis is a web-based bugtracking system written in PHP. Description Mantis fails to properly sanitize untrusted input before using it. This leads to an SQL injection and several cross-site scripting vulnerabilities. Impact An attacker could possibly use the SQL injection vulnerability...
KDE kimgio: PCX handling buffer overflow
Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. kimgio is the KDE image handler provided by kdelibs. Description kimgio fails to properly validate input when handling PCX files. Impact By enticing a user to load a specially-crafted PCX ima...
IPsec-Tools: racoon Denial of service
Background IPsec-Tools is a port of KAME's implementation of the IPsec utilities. It contains a collection of network monitoring tools, including racoon, ping, and ping6. Description Sebastian Krahmer has reported a potential remote Denial of Service vulnerability in the ISAKMP header parsing cod...
MySQL: Multiple vulnerabilities
Background MySQL is a fast, multi-threaded, multi-user SQL database server. Description MySQL fails to properly validate input for authenticated users with INSERT and DELETE privileges CAN-2005-0709 and CAN-2005-0710. Furthermore MySQL uses predictable filenames when creating temporary files with...
ImageMagick: Filename handling vulnerability
Background ImageMagick is a collection of tools and libraries for manipulating a wide variety of image formats. Description Tavis Ormandy of the Gentoo Linux Security Audit Team has identified a flaw in the handling of filenames by the ImageMagick utilities. Impact Successful exploitation may...
Qt: Untrusted library search path
Background Qt is a cross-platform GUI toolkit used by KDE. Description Tavis Ormandy of the Gentoo Linux Security Audit Team has discovered that Qt searches for shared libraries in an untrusted, world-writable directory. Impact A local attacker could create a malicious shared object that would be...
ncpfs: Multiple vulnerabilities
Background ncpfs is a NCP protocol network filesystem driver that allows access to NetWare services, to mount volumes of NetWare servers or print to NetWare print queues. Description Erik Sjolund discovered two vulnerabilities in the programs bundled with ncpfs: there is a potentially exploitable...
MySQL: Insecure temporary file creation
Background MySQL is a fast, multi-threaded, multi-user SQL database server. Description Javier Fernandez-Sanguino Pena from the Debian Security Audit Project discovered that the 'mysqlaccess' script creates temporary files in world-writeable directories with predictable names. Impact A local...
Mozilla, Firefox, Thunderbird: Various vulnerabilities
Background Mozilla is a popular web browser that includes a mail and newsreader. Mozilla Firefox and Mozilla Thunderbird are respectively the next-generation browser and mail client from the Mozilla project. Description Maurycy Prodeus from isec.pl found a potentially exploitable buffer overflow ...
Apache 1.3: Buffer overflow vulnerability in mod_include
Background The Apache HTTP server is one of the most popular web servers on the internet. modinclude is an Apache module to handle Server Side Includes SSI. Description A possible buffer overflow exists in the gettag function of modinclude.c. Impact If Server Side Includes SSI are enabled, a loca...
Foomatic: Arbitrary command execution in foomatic-rip filter
Background Foomatic is a system for connecting printer drivers with spooler systems such as CUPS and LPD. The foomatic-filters package contains wrapper scripts which are designed to be used with Foomatic. Description There is a vulnerability in the foomatic-filters package. This vulnerability is...
mpg123: Buffer overflow vulnerability
Background mpg123 is a MPEG Audio Player. Description mpg123 contains a buffer overflow in the code that handles layer2 decoding of media files. Impact An attacker can possibly exploit this bug with a specially-crafted mp3 or mp2 file to execute arbitrary code with the permissions of the user...
Python 2.2: Buffer overflow in getaddrinfo()
Background Python is an interpreted, interactive, object-oriented, cross-platform programming language. Description If IPV6 is disabled in Python 2.2, getaddrinfo is not able to handle IPV6 DNS requests properly and a buffer overflow occurs. Impact An attacker can execute arbitrary code as the us...
Pavuk: Digest authentication helper buffer overflow
Background Pavuk is web spider and website mirroring tool. Description Pavuk contains several buffer overflow vulnerabilities in the code handling digest authentication. Impact An attacker could cause a buffer overflow, leading to arbitrary code execution with the rights of the user running Pavuk...
Shorewall : Insecure temp file handling
Background Shorewall is a high level tool for configuring Netfilter, the firewall facility included in the Linux Kernel. Description Shorewall uses temporary files and directories in an insecure manner. A local user could create symbolic links at specific locations, eventually overwriting other...
Multiple remote buffer overflow vulnerabilities in Courier
Background Courier MTA is a multiprotocol mail server suite that provides webmail, mailing lists, IMAP, and POP3 services. Courier-IMAP is a standalone server that gives IMAP access to local mailboxes. Description The vulnerabilities have been found in the 'SHIFTJIS' converter in 'shiftjis.c' and...
CVS: malformed module request vulnerability
Background CVS, which stands for Concurrent Versions System, is a client/server application which tracks changes to sets of files. It allows multiple users to work concurrently on files, and then merge their changes back into the main tree which can be on a remote system. It also allows branching...
Libnids: remote code execution vulnerability
Background Libnids is a component of a network intrusion detection system. Description There is a bug in the part of libnids code responsible for TCP reassembly. The flaw probably allows remote code execution. Impact A remote attacker could possibly execute arbitrary code. Workaround There is no...
SSSD: Command Injection
Background SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms such as LDAP, Kerberos or FreeIPA. It provides an NSS and PAM interface toward the system and a pluggable backend system to connect to multiple different account sources. Description A...
Kubelet: Privilege Escalation
Background Kubelet is a Kubernetes Node Agent. Description A vulnerability has been discovered in Kubelet. Please review the CVE identifier referenced below for details. Impact A security issue was discovered in Kubernetes where a user that can create pods and persistent volumes on Windows nodes...
LibreOffice: Multiple Vulnerabilities
Background LibreOffice is a powerful office suite; its clean interface and powerful tools let you unleash your creativity and grow your productivity. Description Multiple vulnerabilities have been discovered in LibreOffice. Please review the CVE identifiers referenced below for details. Impact...
NBD Tools: Multiple Vulnerabilities
Background The NBD Tools are the Network Block Device utilities allowing one to use remote block devices over a TCP/IP network. It includes a userland NBD server. Description Multiple vulnerabilities have been discovered in NBD Tools. Please review the CVE identifiers referenced below for details...
LibRaw: Heap Buffer Overflow
Background LibRaw is a library for reading RAW files obtained from digital photo cameras. Description A vulnerability has been discovered in LibRaw. Please review the CVE identifier referenced below for details. Impact A heap-buffer-overflow in raw2imageex caused by a maliciously crafted file may...
Leptonica: Multiple Vulnerabilities
Background Leptonica is a C library for image processing and analysis. Description Multiple vulnerabilities have been discovered in Leptonica. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no...
GNU Libmicrohttpd: Buffer Overflow Vulnerability
Background GNU libmicrohttpd is a small C library that makes it easy to run an HTTP server as part of another application. GNU Libmicrohttpd is free software and part of the GNU project. Description A buffer overflow vulnerability has been discovered in GNU Libmicrohttpd. Please review the CVE...
Wireshark: Multiple Vulnerabilities
Background Wireshark is a versatile network protocol analyzer. Description Multiple vulnerabilities have been discovered in Wireshark. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
Requests: Information Leak
Background Requests is an HTTP library for human beings. Description Requests is vulnerable to potentially leaking Proxy-Authorization headers to destination servers, specifically during redirects to an HTTPS origin with authentication credentials encoded into the URL. Impact Users' proxy...
exif: Denial of Service
Background libexif is a library for parsing, editing and saving Exif metadata from images. exif is a small command line interface for libexif. Description There is a bug in exif's XML output format which can result in a null pointer dereference when outputting crafted JPEG EXIF data. Impact A...
Deluge: Cross-Site Scripting
Background Deluge is a BitTorrent client. Description Deluge does not sufficiently sanitize crafted torrent file data, leading to the application interpreting untrusted data as HTML. Impact An attacker can achieve XSS via a crafted torrent file. Workaround There is no known workaround at this tim...
yaml-cpp: Denial of service
Background yaml-cpp is a YAML parser and emitter in C++. Description The function Scanner::peek in scanner.cpp may have an assertion failure. Impact An attacker could cause a possible Denial of Service condition. Workaround There is no known workaround at this time. Resolution All yaml-cpp users...
HylaFAX: Multiple vulnerabilities
Background HylaFAX is an enterprise-class system for sending and receiving facsimile messages and for sending alpha-numeric pages. Description Multiple vulnerabilities have been discovered in HylaFAX. Please review the CVE identifiers referenced below for details. Impact Please review the...