3816 matches found
Xdg-Utils: Arbitrary command execution
Background Xdg-Utils is a set of tools allowing all applications to easily integrate with the Free Desktop configuration. Description Miroslav Lichvar discovered that the "xdg-open" and "xdg-email" shell scripts do not properly sanitize their input before processing it. Impact A remote attacker...
GNU Emacs: Multiple vulnerabilities
Background GNU Emacs is a highly extensible and customizable text editor. Description Drake Wilson reported that the hack-local-variables function in GNU Emacs 22 does not properly match assignments of local variables in a file against a list of unsafe or risky variables, allowing to override the...
Wireshark: Multiple vulnerabilities
Background Wireshark is a network protocol analyzer with a graphical front-end. Description Wireshark doesn't properly handle chunked encoding in HTTP responses CVE-2007-3389, iSeries capture files CVE-2007-3390, certain types of DCP ETSI packets CVE-2007-3391, and SSL or MMS packets CVE-2007-339...
Fail2ban: Denial of service
Background Fail2ban is a tool for parsing log files and banning IP addresses which make too many password failures. Description A vulnerability has been discovered in Fail2ban when parsing log files. Impact A remote attacker could send specially crafted SSH login banners to the vulnerable host,...
Evolution: User-assisted remote execution of arbitrary code
Background Evolution is the mail client of the GNOME desktop environment. Camel is the Evolution Data Server module that handles mail functions. Description The imaprescan function of the file camel-imap-folder.c does not properly sanitize the "SEQUENCE" response sent by an IMAP server before bei...
MySQL: Two Denial of Service vulnerabilities
Background MySQL is a popular multi-threaded, multi-user SQL server. Description mu-b discovered a NULL pointer dereference in itemcmpfunc.cc when processing certain types of SQL requests. Sec Consult also discovered another NULL pointer dereference when sorting certain types of queries on the...
SILC Server: Denial of service
Background SILC Server is a server for the Secure Internet Live Conferencing SILC protocol. Description Frank Benkstein discovered a possible NULL pointer dereference in apps/silcd/command.c if a new channel is created without specifying a valid hmac or cipher algorithm name. Impact A remote...
STLport: Possible remote execution of arbitrary code
Background STLport is a multi-platform C++ Standard Library implementation. Description Two buffer overflows have been discovered, one in "print floats" and one in the rope constructor. Impact Both of the buffer overflows could result in the remote execution of arbitrary code. Please note that th...
AMD64 x86 emulation Qt library: Integer overflow
Background The AMD64 x86 emulation Qt library for AMD64 emulates the x86 32-bit Qt library on the AMD64 64-bit architecture. Description An integer overflow flaw has been found in the pixmap handling of Qt, making the AMD64 x86 emulation Qt library vulnerable as well. Impact By enticing a user to...
Fail2ban: Denial of service
Background Fail2ban monitors log files for failed authentication attempts and can block hosts responsible for repeated attacks. Description A flaw in the method used to parse log entries allows remote, unauthenticated attackers to forge authentication attempts from other hosts. Impact A remote...
ELinks: Arbitrary Samba command execution
Background ELinks is a text mode web browser. Description Teemu Salmela discovered an error in the validation code of "smb://" URLs used by ELinks, the same issue as reported in GLSA 200612-16 concerning Links. Impact A remote attacker could entice a user to browse to a specially crafted "smb://"...
Centericq: Remote buffer overflow in LiveJournal handling
Background Centericq is a text mode menu-driven and window-driven instant messaging interface. Description When interfacing with the LiveJournal service, Centericq does not appropriately allocate memory for incoming data, in some cases creating a buffer overflow. Impact An attacker could entice a...
DokuWiki: Shell command injection and Denial of service
Background DokuWiki is a wiki targeted at developer teams, workgroups and small companies. It does not use a database backend. Description Input validation flaws have been discovered in the image handling of fetch.php if ImageMagick is used, which is not the default method. Impact A remote attack...
xine-lib: Buffer overflows
Background xine is a high performance, portable and reusable multimedia playback engine. xine-lib is xine's core engine. Description xine-lib contains buffer overflows in the processing of AVI. Additionally, xine-lib is vulnerable to a buffer overflow in the HTTP plugin xinepluginphttp.so via a...
Typespeed: Remote execution of arbitrary code
Background Typespeed is a game to test and practice 10-finger-typing. Network code allows two users to compete head-to-head. Description Niko Tyni discovered a buffer overflow in the addnewword function of Typespeed's network code. Impact By sending specially crafted network packets to a machine...
SpamAssassin: Execution of arbitrary code
Background SpamAssassin is an extensible email filter used to identify junk email. spamd is the daemonized version of SpamAssassin. Description When spamd is run with both the "--vpopmail" -v and "--paranoid" -P options, it is vulnerable to an unspecified issue. Impact With certain configuration...
PeerCast: Buffer overflow
Background PeerCast is a Peer to Peer broadcasting technology for listening to radio and watching video on the Internet. Description INFIGO discovered a problem in the URL handling code. Buffers that are allocated on the stack can be overflowed inside of nextCGIarg function. Impact By sending a...
Crypt::CBC: Insecure initialization vector
Background Crypt::CBC is a Perl module to encrypt data using cipher block chaining CBC. Description Lincoln Stein discovered that Crypt::CBC fails to handle 16 bytes long initializiation vectors correctly when running in the RandomIV mode, resulting in a weaker encryption because the second part ...
MyDNS: Denial of service
Background MyDNS is a DNS server using a MySQL database as a backend. It is designed to allow for fast updates and small resource usage. Description MyDNS contains an unspecified flaw that may allow a remote Denial of Service. Impact An attacker could cause a Denial of Service by sending malforme...
Paros: Default administrator password
Background Paros is an intercepting proxy between a web server and a client meant to be used for security assessments. It allows the user to watch and modify the HTTPS traffic. Description Andrew Christensen discovered that in older versions of Paros the database component HSQLDB is installed wit...
Inkscape: Buffer overflow
Background Inkscape is an Open Source vector graphics editor using the W3C standard Scalable Vector Graphics SVG file format. Description Joxean Koret has discovered that Inkscape incorrectly allocates memory when opening an SVG file, creating the possibility of a buffer overflow if the SVG file...
linux-ftpd-ssl: Remote buffer overflow
Background linux-ftpd-ssl is the netkit FTP server with encryption support. Description A buffer overflow vulnerability has been found in the linux-ftpd-ssl package. A command that generates an excessively long response from the server may overrun a stack buffer. Impact An attacker that has...
Ruby: Security bypass vulnerability
Background Ruby is an interpreted scripting language for quick and easy object-oriented programming. Ruby supports the safe execution of untrusted code using a safe level and taint flag mechanism. Description Dr. Yutaka Oiwa discovered that Ruby fails to properly enforce safe level protections...
Clam AntiVirus: Multiple vulnerabilities
Background Clam AntiVirus is a GPL anti-virus toolkit, designed for integration with mail servers to perform attachment scanning. Clam AntiVirus also provides a command line scanner and a tool for fetching updates of the virus database. Description Clam AntiVirus is vulnerable to a buffer overflo...
zlib: Buffer overflow
Background zlib is a widely used free and patent unencumbered data compression library. Description zlib improperly handles invalid data streams which could lead to a buffer overflow. Impact By creating a specially crafted compressed data stream, attackers can overwrite data structures for...
Ethereal: Numerous vulnerabilities
Background Ethereal is a feature rich network protocol analyzer. Description There are numerous vulnerabilities in versions of Ethereal prior to 0.10.11, including: The ANSI A and DHCP dissectors are vulnerable to format string vulnerabilities. The DISTCC, FCELS, SIP, ISIS, CMIP, CMP, CMS, CRMF,...
f2c: Insecure temporary file creation
Background f2c is a Fortran to C translator. Portage uses this package in some ebuilds to build Fortran sources. Description Javier Fernandez-Sanguino Pena from the Debian Security Audit Team discovered that f2c creates temporary files in world-writeable directories with predictable names. Impact...
ngIRCd: Buffer overflow
Background ngIRCd is a free open source daemon for Internet Relay Chat IRC. Description Florian Westphal discovered a buffer overflow caused by an integer underflow in the ListsMakeMask function of lists.c. Impact A remote attacker can exploit this buffer overflow to crash the ngIRCd daemon and...
GraphicsMagick: PSD decoding heap overflow
Background GraphicsMagick is a collection of tools to read, write and manipulate images in many formats. GraphicsMagick is originally derived from ImageMagick 5.5.2. Description Andrei Nigmatulin discovered that handling a Photoshop Document PSD file with more than 24 layers in ImageMagick could...
Samba: Integer overflow
Background Samba is a freely available SMB/CIFS implementation which allows seamless interoperability of file and print services to other SMB/CIFS clients. Description Samba contains a bug when unmarshalling specific MS-RPC requests from clients. Impact A remote attacker may be able to execute...
Cscope: Insecure creation of temporary files
Background Cscope is a developer utility used to browse and manage source code. Description Cscope creates temporary files in world-writable directories with predictable names. Impact A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere...
BNC: Input validation flaw
Background BNC is an IRC proxying server Description A flaw exists in the input parsing of BNC where part of the sbufgetmsg function handles the backspace character incorrectly. Impact A remote user could issue commands using fake authentication credentials and possibly gain access to scripts...
gettext: Insecure temporary file handling
Background gettext is a set of utilities for the GNU Translation Project which provides a set of tools and documentation to help produce multi-lingual messages in programs. Description gettext insecurely creates temporary files in world-writeable directories with predictable names. Impact A local...
Heimdal: Kerberos 4 buffer overflow in kadmin
Background Heimdal is a free implementation of Kerberos. Description A buffer overflow was discovered in kadmind, a server for administrative access to the Kerberos database. Impact By sending a specially formatted message to kadmind, a remote attacker may be able to crash kadmind causing a denia...
Insecure Temporary File Creation In MySQL
Background MySQL is a popular open-source multi-threaded, multi-user SQL database server. Description The MySQL bug reporting utility mysqlbug creates a temporary file to log bug reports to. A malicious local user with write access to the /tmp directory could create a symbolic link of the name...
Multiple new security vulnerabilities in monit
Background Monit is a system administration utility that allows management and monitoring of processes, files, directories and devices on a Unix system. Description Monit has several vulnerabilities in its HTTP interface : a buffer overflow vulnerability in the authentication handling code and a...
Go: Multiple Vulnerabilities
Background Go is an open source programming language that makes it easy to build simple, reliable, and efficient software. Description Multiple vulnerabilities have been discovered in Go. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE...
Mozilla Thunderbird: Multiple Vulnerabilities
Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...
U-Boot tools: double free vulnerability
Background U-Boot tools provides utiiities for working with Das U-Boot. Description A vulnerability has been discovered in U-Boot tools. Please review the CVE identifier referenced below for details. Impact In Das U-Boot a double free has been found in the cmd/gpt.c dorenamegptparts function...
strongSwan: Multiple Vulnerabilities
Background strongSwan is an IPSec implementation for Linux. Description Multiple vulnerabilities have been discovered in strongSwan. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...
R: Directory Traversal
Background R is a language and environment for statistical computing and graphics. Description The native R package installation mechanisms do not sufficiently validate installed source packages for path traversal. Impact Installation of a malicious R package could result in an arbitrary file...
NASM: Multiple Vulnerabilities
Background NASM is a 80x86 assembler that has been created for portability and modularity. NASM supports Pentium, P6, SSE MMX, and 3DNow extensions. It also supports a wide range of objects formats ELF, a.out, COFF, etc, and has its own disassembler. Description Multiple vulnerabilities have been...
systemd: Multiple Vulnerabilities
Background A system and service manager. Description Multiple vulnerabilities have been discovered in systemd. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this time...
lesspipe: Arbitrary Code Exeecution
Background lesspipe is a preprocessor for less. Description lesspipe has support for parsing Perl storable "PST" files, Impact A crafted Perl storable file which is passed into lesspipe could result in arbitrary code execution. Workaround There is no known workaround at this time. Resolution All...
HarfBuzz: Multiple vulnerabilities
Background HarfBuzz is an OpenType text shaping engine. Description Multiple vulnerabilities have been discovered in HarfBuzz. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround a...
Mozilla Thunderbird: Multiple Vulnerabilities
Background Mozilla Thunderbird is a popular open-source email client from the Mozilla project. Description Multiple vulnerabilities have been discovered in Mozilla Thunderbird. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for...
Chromium, Google Chrome: Multiple vulnerabilities
Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...
Chromium, Google Chrome: Multiple vulnerabilities
Background Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all users to experience the web. Google Chrome is one fast, simple, and secure browser for all your devices. Description Multiple vulnerabilities have been discovered in Chromium and...
Cacti: Multiple vulnerabilities
Background Cacti is a complete frontend to rrdtool. Description Multiple vulnerabilities have been discovered in Cacti. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known workaround at this...
Mutt: Heap-based buffer overflow
Background Mutt is a small but very powerful text-based mail client. Description A heap-based buffer overflow was discovered in Mutt’s muttsubstrdup function. Impact A remote attacker could cause a Denial of Service condition. Workaround There is no known workaround at this time. Resolution All...