Section: .. / 0807-advisories /
| /// File Name: |
MDVSA-2008-128.txt |
Description:
|
Mandriva Linux Security Advisory - php-cgi in PHP prior to 5.2.6 does not properly calculate the length of PATH_TRANSLATED, which has unknown impact and attack vectors. The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters. Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems. The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request. In addition, the updated packages provide a number of bug fixes. The updated packages have been patched to correct these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 14677 | | Related CVE(s): | CVE-2008-0599, CVE-2008-2051, CVE-2008-2107, CVE-2008-2108, CVE-2008-2829 | | Last Modified: | Jul 9 22:38:33 2008 |
| MD5 Checksum: | 77b688b654f865cec9371c57afbbcbea |
|
| /// File Name: |
MDVSA-2008-129.txt |
Description:
|
Mandriva Linux Security Advisory - Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems. The updated packages have been patched to correct these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3492 | | Related CVE(s): | CVE-2008-2107, CVE-2008-2108 | | Last Modified: | Jul 9 23:45:25 2008 |
| MD5 Checksum: | 9ebaf905d1f62d7dc8139ec7a9e0d6bf |
|
| /// File Name: |
MDVSA-2008-130.txt |
Description:
|
Mandriva Linux Security Advisory - An integer overflow in the zip_read_entry() function in PHP prior to 4.4.5 allowed remote attackers to execute arbitrary code via a ZIP archive containing a certain type of entry that triggered a heap overflow. Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems. The updated packages have been patched to correct these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 3796 | | Related CVE(s): | CVE-2007-1777, CVE-2008-2107, CVE-2008-2108 | | Last Modified: | Jul 9 23:45:53 2008 |
| MD5 Checksum: | cdafdd1023afe885ab7639c39e669bd2 |
|
| /// File Name: |
MDVSA-2008-131.txt |
Description:
|
Mandriva Linux Security Advisory - A few vulnerabilities and security-related issues have been fixed in phpMyAdmin since the 2.11.2.2 release. This update provides version 2.11.7 which is the latest stable release of phpMyAdmin and fixes CVE-2008-1149, CVE-2008-1567, CVE-2008-1924, and CVE-2008-2960. No configuration changes should be required since the previous update (version 2.11.2.2). If upgrading from older versions, it may be necessary to reconfigure phpMyAdmin. The configuration file is located in /etc/phpMyAdmin/. In most cases, it should be sufficient so simply replace config.default.php with config.default.php.rpmnew and make whatever modifications are necessary.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2985 | | Related CVE(s): | CVE-2008-1149, CVE-2008-1567, CVE-2008-1924, CVE-2008-2960 | | Last Modified: | Jul 9 23:54:22 2008 |
| MD5 Checksum: | e6951f2517d53eeba1c9512f5b916242 |
|
| /// File Name: |
MDVSA-2008-132.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability was found in gnome-screensaver prior to 2.22.1 when a remote authentication server was enabled. During a network outage, gnome-screensaver would crash upon an unlock attempt, allowing physically local users to gain access to locked sessions. The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2490 | | Related CVE(s): | CVE-2008-0887 | | Last Modified: | Jul 9 23:54:52 2008 |
| MD5 Checksum: | 9feb3b40d7df8089a181f8bbcb1f4f69 |
|
| /// File Name: |
MDVSA-2008-133.txt |
Description:
|
Mandriva Linux Security Advisory - A denial of service condition was discovered in Sympa versions prior to 5.4 that allowed remote attackers to crash the Sympa daemon via a malformed email message. The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2355 | | Related CVE(s): | CVE-2008-1648 | | Last Modified: | Jul 9 23:55:13 2008 |
| MD5 Checksum: | dc691b2dcda63b70672d8e016f9ecd97 |
|
| /// File Name: |
MDVSA-2008-134.txt |
Description:
|
Mandriva Linux Security Advisory - An incorrect fix for CVE-2007-6239 resulted in Squid not performing proper bounds checking when processing cache update replies. Because of this, a remote authenticated user might have been able to trigger an assertion error and cause a denial of service. The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4596 | | Related CVE(s): | CVE-2008-1612 | | Last Modified: | Jul 9 23:55:30 2008 |
| MD5 Checksum: | e8bff7f4908b0e102f2c90c36b1a09ba |
|
| /// File Name: |
MDVSA-2008-135.txt |
Description:
|
Mandriva Linux Security Advisory - A vulnerability was found in gnome-screensaver 2.20.0 that could possibly allow a local user to read the clipboard contents and X selection data for a locked session by using CTRL-V. The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 2412 | | Related CVE(s): | CVE-2007-6389 | | Last Modified: | Jul 9 23:55:59 2008 |
| MD5 Checksum: | 4d5afeb57c855ddb56de13656bbddaa5 |
|
| /// File Name: |
MDVSA-2008-136.txt |
Description:
|
Mandriva Linux Security Advisory - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.15.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 61180 | | Related CVE(s): | CVE-2008-2798, CVE-2008-2799, CVE-2008-2800, CVE-2008-2801, CVE-2008-2802, CVE-2008-2803, CVE-2008-2805, CVE-2008-2807, CVE-2008-2808, CVE-2008-2809, CVE-2008-2811 | | Last Modified: | Jul 10 03:28:03 2008 |
| MD5 Checksum: | b8a1a03baf75c001f0003e3d76454e50 |
|
| /// File Name: |
MDVSA-2008-137.txt |
Description:
|
Mandriva Linux Security Advisory - Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. Also, according to bug #38874 decimal numbers on Hebrew documents would appear as Arabic characters. Another issue (#39799) is with (Tools -> Options -> OpenOffice.org Writer -> General). Even setting to centimeters on (Indent & Spacing) option it shows as characters (ch) on (Indents & Spacing) configuration on the menu: (Format -> Paragraph -> Indents & Spacing). Moreover, a document holding Notes edited on Microsoft Office would not show when opened with OpenOffice. These and a number of other OpenOffice.org issues were fixed by the new version provided in this update.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 24382 | | Related CVE(s): | CVE-2008-2152 | | Last Modified: | Jul 10 03:28:18 2008 |
| MD5 Checksum: | f17aca78aecb606c95e50310dcb0558d |
|
| /// File Name: |
MDVSA-2008-138-1.txt |
Description:
|
Mandriva Linux Security Advisory - Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. The updated packages have been patched to fix the issue. The OpenOffice.org package for Mandriva Corporate 3 missed the patch application due to a build error. This update fixes that.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6951 | | Related CVE(s): | CVE-2008-2152 | | Last Modified: | Jul 14 20:48:52 2008 |
| MD5 Checksum: | 8bd061d9f1aa04e66a24a47d77511715 |
|
| /// File Name: |
MDVSA-2008-138.txt |
Description:
|
Mandriva Linux Security Advisory - Integer overflow in the rtl_allocateMemory function in sal/rtl/source/alloc_global.c in OpenOffice.org (OOo) 2.0 through 2.4 allows remote attackers to execute arbitrary code via a crafted file that triggers a heap-based buffer overflow. The updated packages have been patched to fix the issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 16501 | | Related CVE(s): | CVE-2008-2152 | | Last Modified: | Jul 10 03:28:57 2008 |
| MD5 Checksum: | 27d4518b612e829b08e04d5dd6ea8a98 |
|
| /// File Name: |
MDVSA-2008-139.txt |
Description:
|
Mandriva Linux Security Advisory - A weakness was found in the DNS protocol by Dan Kaminsky. A remote attacker could exploit this weakness to spoof DNS entries and poison DNS caches. This could be used to misdirect users and services; i.e. for web and email traffic. This update provides the latest stable BIND releases for all platforms except Corporate Server/Desktop 3.0 and MNF2, which have been patched to correct the issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6567 | | Related CVE(s): | CVE-2008-1447 | | Last Modified: | Jul 10 03:29:30 2008 |
| MD5 Checksum: | 068f6b35f288b7b0a32d2ff9a1aa0e78 |
|
| /// File Name: |
MDVSA-2008-140.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.9.0 and earlier, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3). (dot), (4) %2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality and the :DocumentRoot option. Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption. Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors. The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca. Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the REALLOC_N variant. Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the beg + rlen issue. Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. The updated packages have been patched to fix these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5655 | | Related CVE(s): | CVE-2008-1891, CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-2376 | | Last Modified: | Jul 10 03:30:00 2008 |
| MD5 Checksum: | 4839f1ecf4734d39ecd607d5c3efece0 |
|
| /// File Name: |
MDVSA-2008-141.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access arbitrary files via (1).%5c (encoded backslash) sequences or (2) filenames that match patterns in the :NondisclosureName option. Directory traversal vulnerability in WEBrick in Ruby 1.9.0 and earlier, when using NTFS or FAT filesystems, allows remote attackers to read arbitrary CGI files via a trailing (1) + (plus), (2) %2b (encoded plus), (3). (dot), (4) %2e (encoded dot), or (5) %20 (encoded space) character in the URI, possibly related to the WEBrick::HTTPServlet::FileHandler and WEBrick::HTTPServer.new functionality and the :DocumentRoot option. Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption. Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors. The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca. Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the REALLOC_N variant. Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the beg + rlen issue. Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. The updated packages have been patched to fix these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7979 | | Related CVE(s): | CVE-2008-1145, CVE-2008-1891, CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-2376 | | Last Modified: | Jul 10 03:30:46 2008 |
| MD5 Checksum: | 7162bbbcc833489062e4d2f8cf677f2d |
|
| /// File Name: |
MDVSA-2008-142.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple vulnerabilities have been found in the Ruby interpreter and in Webrick, the webserver bundled with Ruby. Directory traversal vulnerability in WEBrick in Ruby 1.8 before 1.8.5-p115 and 1.8.6-p114, and 1.9 through 1.9.0-1, when running on systems that support backslash (\) path separators or case-insensitive file names, allows remote attackers to access arbitrary files via (1).%5c (encoded backslash) sequences or (2) filenames that match patterns in the :NondisclosureName option. Multiple integer overflows in the rb_str_buf_append function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors that trigger memory corruption, a different issue than CVE-2008-2663, CVE-2008-2664, and CVE-2008-2725. Multiple integer overflows in the rb_ary_store function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allow context-dependent attackers to execute arbitrary code or cause a denial of service via unknown vectors, a different issue than CVE-2008-2662, CVE-2008-2664, and CVE-2008-2725. The rb_str_format function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption via unspecified vectors related to alloca, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2725. Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, and 1.8.7 before 1.8.7-p22 allows context-dependent attackers to trigger memory corruption via unspecified vectors, aka the REALLOC_N variant, a different issue than CVE-2008-2662, CVE-2008-2663, and CVE-2008-2664. Integer overflow in the rb_ary_splice function in Ruby 1.8.4 and earlier, 1.8.5 before 1.8.5-p231, 1.8.6 before 1.8.6-p230, 1.8.7 before 1.8.7-p22, and 1.9.0 before 1.9.0-2 allows context-dependent attackers to trigger memory corruption, aka the beg + rlen issue. Integer overflow in the rb_ary_fill function in array.c in Ruby before revision 17756 allows context-dependent attackers to cause a denial of service (crash) or possibly have unspecified other impact via a call to the Array#fill method with a start (aka beg) argument greater than ARY_MAX_SIZE. The updated packages have been patched to fix these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5909 | | Related CVE(s): | CVE-2008-1145, CVE-2008-2662, CVE-2008-2663, CVE-2008-2664, CVE-2008-2725, CVE-2008-2726, CVE-2008-2376 | | Last Modified: | Jul 10 03:31:23 2008 |
| MD5 Checksum: | 431a5039a98cb36d9c29c48aa4a0df90 |
|
| /// File Name: |
MDVSA-2008-143.txt |
Description:
|
Mandriva Linux Security Advisory - An integer overflow flaw was found in Pidgin's MSN protocol handler that could allow for the execution of arbitrary code if a user received a malicious MSN message. In addition, this update provides the ability to use ICQ networks again on Mandriva Linux 2008.0, as in MDVSA-2008:103 (updated pidgin for 2008.1). The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 7955 | | Related CVE(s): | CVE-2008-2927 | | Last Modified: | Jul 10 23:19:52 2008 |
| MD5 Checksum: | 585f78d48977a3a6f020773f8989e0cc |
|
| /// File Name: |
MDVSA-2008-144.txt |
Description:
|
Mandriva Linux Security Advisory - A denial of service vulnerability was discovered in the way the OpenLDAP slapd daemon processed certain network messages. An unauthenticated remote attacker could send a specially crafted request that would crash the slapd daemon. The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 12471 | | Related CVE(s): | CVE-2008-2952 | | Last Modified: | Jul 14 20:49:18 2008 |
| MD5 Checksum: | e067e9635f844806f64c3081f75e1484 |
|
| /// File Name: |
MDVSA-2008-145.txt |
Description:
|
Mandriva Linux Security Advisory - An input validation flaw was found in the Bluetooth Session Description Protocol (SDP) packet parser used in the Bluez bluetooth utilities. A bluetooth device with an already-trusted relationship, or a local user registering a service record via a UNIX socket or D-Bus interface, could cause a crash and potentially execute arbitrary code with the privileges of the hcid daemon. The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 5882 | | Related CVE(s): | CVE-2008-2374 | | Last Modified: | Jul 15 12:44:22 2008 |
| MD5 Checksum: | c256f058c19feaecba12125886f55118 |
|
| /// File Name: |
MDVSA-2008-146.txt |
Description:
|
Mandriva Linux Security Advisory - A memory management issue was found in libpoppler by Felipe Andres Manzano that could allow for the execution of arbitrary code with the privileges of the user running a poppler-based application, if they opened a specially crafted PDF file. The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6044 | | Related CVE(s): | CVE-2008-2950 | | Last Modified: | Jul 15 21:09:57 2008 |
| MD5 Checksum: | 37e194777605bac78445c2e820e31d67 |
|
| /// File Name: |
MDVSA-2008-147.txt |
Description:
|
Mandriva Linux Security Advisory - Tavis Ormandy of the Google Security Team discovered a heap-based buffer overflow when compiling certain regular expression patterns. This could be used by a malicious attacker by sending a specially crafted regular expression to an application using the PCRE library, resulting in the possible execution of arbitrary code or a denial of service. The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4319 | | Related CVE(s): | CVE-2008-2371 | | Last Modified: | Jul 16 14:50:23 2008 |
| MD5 Checksum: | b8e63c1a7fd5d361e566c9cacb751161 |
|
| /// File Name: |
MDVSA-2008-148.txt |
Description:
|
Mandriva Linux Security Advisory - Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.16. This update provides the latest Firefox to correct these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 60625 | | Related CVE(s): | CVE-2008-2785, CVE-2008-2933 | | Last Modified: | Jul 18 04:33:13 2008 |
| MD5 Checksum: | ab9dcc763cd53eb00f2102db6b1ca667 |
|
| /// File Name: |
MDVSA-2008-149.txt |
Description:
|
Mandriva Linux Security Advisory - Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths given in a CREATE TABLE statement; as well it would not, under certain conditions, prevent two databases from using the same paths for data or index files. This could allow an authenticated user with appropriate privilege to create tables in one database to read and manipulate data in tables later created in other databases, regardless of GRANT privileges. The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 4893 | | Related CVE(s): | CVE-2008-2079 | | Last Modified: | Jul 21 15:48:59 2008 |
| MD5 Checksum: | 2bdc41c71cf2f26c4859d39710d22810 |
|
| /// File Name: |
MDVSA-2008-150.txt |
Description:
|
Mandriva Linux Security Advisory - Multiple buffer overflows in yaSSL, which is used in MySQL, allowed remote attackers to execute arbitrary code. a denial of service via a special Hello packet. Sergei Golubchik found that MySQL did not properly validate optional data or index directory paths given in a CREATE TABLE statement; as well it would not, under certain conditions, prevent two databases from using the same paths for data or index files. This could allow an authenticated user with appropriate privilege to create tables in one database to read and manipulate data in tables later created in other databases, regardless of GRANT privileges. The updated packages have been patched to correct these issues.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 10153 | | Related CVE(s): | CVE-2008-0226, CVE-2008-0227, CVE-2008-2079 | | Last Modified: | Jul 21 15:49:13 2008 |
| MD5 Checksum: | 07351dd07cd3e2a27d6bac3909ab4c6f |
|
| /// File Name: |
MDVSA-2008-151.txt |
Description:
|
Mandriva Linux Security Advisory - A buffer overflow vulnerability in libxslt could be exploited via an XSL style sheet file with a long XLST transformation match condition, which could possibly lead to the execution of arbitrary code. The updated packages have been patched to correct this issue.
| | Homepage: | http://www.mandriva.com/security/ | | File Size: | 6918 | | Related CVE(s): | CVE-2008-1767 | | Last Modified: | Jul 22 13:59:37 2008 |
| MD5 Checksum: | 1bcd643704c45767fa68f8d446802e52 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
