Mandriva Linux Security Advisory 2015-173 - Updated ffmpeg packages fix multiple security vulnerabilities.
c679fbd0c531ef8119e61d4cb4851058b9194dbb1b4ca0a0849f92169bdd271eMandriva Linux Security Advisory 2015-172 - Updated firebird packages fix a remote denial of service vulnerability.
de0a9e6377dad5f7163508b2d18e732e76ff1f3ab2850aa7d7f24687b2a7d431Mandriva Linux Security Advisory 2015-171 - Integer overflows in memory allocations in client/X11/xf_graphics.c in FreeRDP through 1.0.2 allows remote RDP servers to have an unspecified impact through unspecified vectors. Integer overflow in the license_read_scope_list function in libfreerdp/core/license.c in FreeRDP through 1.0.2 allows remote RDP servers to cause a denial of service or possibly have unspecified other impact via a large ScopeCount value in a Scope List in a Server License Request packet.
29063fe4e6de7743857d4550e95f2ba8d96631bab28fb313d0b41130c92c715cMandriva Linux Security Advisory 2015-168 - Updated glibc packages fix multiple security vulnerabilities.
0412f59ba60e6f3546c153206b4f490e8e4d6187358607bb442d3ffcaa511903Mandriva Linux Security Advisory 2015-170 - Multiple integer overflow issues were found in libgfortran, the run-time support library for the Fortran compiler. These could possibly be used to crash a Fortran application or cause it to execute arbitrary code. The gcc rtl-optimization sched2 miscompiles syscall sequence which can cause random panic in glibc and kernel clang++ fails to find cxxabi.h and cxxabi_tweaks.h during build
35fc5bd02a45bc115828edb8420fb43e8bf3a96069ea2d6869252a2afe7f265eMandriva Linux Security Advisory 2015-169 - It was reported that git, when used as a client on a case-insensitive filesystem, could allow the overwrite of the.git/config file when the client performed a git pull. Because git permitted committing.Git/config , on the pull this would replace the user's.git/config. If this malicious config file contained defined external commands (such as for invoking and editor or an external diff utility) it could allow for the execution of arbitrary code with the privileges of the user running the git client.
3d2e5be41e9078bea5ab6f6cc66bb8d225c3913892ae0f3c43bfd3fb44ff1607Mandriva Linux Security Advisory 2015-167 - Due to a bug in GLPI before 0.84.7, a user without access to cost information can in fact see the information when selecting cost as a search criteria. An issue in GLPI before 0.84.8 may allow arbitrary local files to be included by PHP through an autoload function. SQL injection vulnerability in ajax/getDropdownValue.php in GLPI before 0.85.1 allows remote authenticated users to execute arbitrary SQL commands via the condition parameter.
e3b1d38067d3fcf135b2a6c7247cd928213897e8ebe6436e2ff172e8f2302927Core Security Technologies Advisory - VAMPSET version 2.2.145 is vulnerable to a stack-based and heap-based buffer overflow attack, which can be exploited by attackers to execute arbitrary code, by providing a malicious CFG or DAT file with specific parameters.
57fc076cced40621b525e0c4d60739b93696cbf99216bd6939f718ba48293d6dFuzzing libtasn1 led to the discovery of a stack write overflow in the function _asn1_ltostr (file parser_aux.c). It overflows a temporary buffer variable on certain inputs.
6564e0941811d6f26c35eb0f2deeda26a4f79f67cc76157b329dea8a102e4fd7Mandriva Linux Security Advisory 2015-153 - The gdImageCreateFromXpm function in gdxpm.c in the gd image library allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted color table in an XPM file. A buffer read overflow in gd_gif_in.c in the php #68601 bug referenced in the PHP 5.5.21 ChangeLog has been fixed in the libgd package.
a3750e0e421fe88f4eaaad5c05512b32595ca9f6b63ea6e4f9a0aaf8a89492e3Mandriva Linux Security Advisory 2015-154 - Updated gnupg, gnupg2 and libgcrypt packages fix security GnuPG versions before 1.4.17 and 2.0.24 are vulnerable to a denial of service which can be caused by garbled compressed data packets which may put gpg into an infinite loop. The libgcrypt library before version 1.5.4 is vulnerable to an ELGAMAL side-channel attack. GnuPG before 1.4.19 is vulnerable to a side-channel attack which can potentially lead to an information leak. GnuPG before 1.4.19 is vulnerable to a side-channel attack on data-dependent timing variations in modular exponentiation, which can potentially lead to an information leak. The gnupg and gnupg2 package has been patched to correct these issues. GnuPG2 is vulnerable to these issues through the libgcrypt library. The issues were fixed in libgcrypt 1.6.3. The libgcrypt package in Mandriva, at version 1.5.4, was only vulnerable to the CVE-2014-3591 issue. It has also been patched to correct this issue.
867cc5c461189e5765485dc6b4a2f63d57c6e6d920cb79fec12513b4629f0ba2Mandriva Linux Security Advisory 2015-148 - Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSH_MSG_KEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in the middle a real server and cause a client using the libssh2 library to crash or otherwise read and use unintended memory areas in this process.
d9d2fd19be97a30bea44e233e81ce1fdb672ee14eb24ed3d3a69eb1b9469843fMandriva Linux Security Advisory 2015-152 - Passing a specially crafted jpeg file to libjpeg-turbo could lead to stack smashing.
134bc9d71ef166ce7592acebc58ee1da0c42703e9028a13a27d81c0424807e80Mandriva Linux Security Advisory 2015-147 - The libtiff image decoder library contains several issues that could cause the decoder to crash when reading crafted TIFF images.
be85bb21292acb6ae194a30c1aaaf068377776f5a1ea1ca59167bb7fa2962e6fMandriva Linux Security Advisory 2015-149 - libsndfile contains multiple buffer-overflow vulnerabilities in src/sd2.c because it fails to properly bounds-check user supplied input, which may allow an attacker to execute arbitrary code or cause a denial of service. libsndfile contains a divide-by-zero error in src/file_io.c which may allow an attacker to cause a denial of service.
19f33c5d2e367936033f7cc0befc11f06a2822b214bfb14b210f98a1f21fd9d7Debian Linux Security Advisory 3208-1 - Jodie Cunningham discovered multiple vulnerabilities in freexl, a library to read Microsoft Excel spreadsheets, which might result in denial of service or the execution of arbitrary code if a malformed Excel file is opened.
574e54a248936b0715d96b94454306f243c390abc8d6cb3b8727031db5cbe6b2Mandriva Linux Security Advisory 2015-158 - There are serveral problems with the way Jython creates class cache files, potentially leading to arbitrary code execution or information disclosure.
48e4f8acb75a2c0fd15696506d26f142c6239afa41adef070928d48b3d08dbecMandriva Linux Security Advisory 2015-157 - Alexander Cherepanov discovered that bsdcpio, an implementation of the cpio program part of the libarchive project, is susceptible to a directory traversal vulnerability via absolute paths.
aafcb56be45cf84fdb1cab4300635f80336bb74b80271f3cf0446fecb12f1f36Mandriva Linux Security Advisory 2015-156 - capng_lock() in libcap-ng before 0.7.4 sets securebits in an attempt to prevent regaining capabilities using setuid-root programs. This allows a user to run setuid programs, such as seunshare from policycoreutils, as uid 0 but without capabilities, which is potentially dangerous.
9187dfcabef78d898af50d16246d6437951c8b7149a016e74ca228a3510a0e20Mandriva Linux Security Advisory 2015-017 - Andrew Bartlett of Catalyst reported a defect affecting certain applications using the Libevent evbuffer API. This defect leaves applications which pass insanely large inputs to evbuffers open to a possible heap overflow or infinite loop. In order to exploit this flaw, an attacker needs to be able to find a way to provoke the program into trying to make a buffer chunk larger than what will fit into a single size_t or off_t.
37d784031ae48e29994057c675fed2574429ffa8db1c8f64699b2756dfbdeb52Mandriva Linux Security Advisory 2015-155 - GnuPG before 1.4.19 is vulnerable to a side-channel attack which can potentially lead to an information leak. GnuPG before 1.4.19 is vulnerable to a side-channel attack on data-dependent timing variations in modular exponentiation, which can potentially lead to an information leak. The gnupg package has been patched to correct these issues. GnuPG2 is vulnerable to these issues through the libgcrypt library. The issues were fixed in libgcrypt 1.6.3. The libgcrypt package in Mandriva, at version 1.5.4, was only vulnerable to the CVE-2014-3591 issue. It has also been patched to correct this issue.
5eae8f870b196fa57b88bc2e5d2121119f611d0f9c814556868d5963d51fe24dMandriva Linux Security Advisory 2015-148 - Mariusz Ziulek reported that libssh2, a SSH2 client-side library, was reading and using the SSH_MSG_KEXINIT packet without doing sufficient range checks when negotiating a new SSH session with a remote server. A malicious attacker could man in the middle a real server and cause a client using the libssh2 library to crash or otherwise read and use unintended memory areas in this process. Packages were missing for Mandriva Business Server 1 with the MDVSA-2015:148 advisory which are now being provided.
43a108dd75415e802700da18907f8eda1002da408a7ff3697f966c331440d789Mandriva Linux Security Advisory 2015-144 - A heap-based overflow vulnerability was found in the way Lua handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution.
ac31acf6c259ead6e52e4fece7f7a93fe4218899d8b08dda8607eb133e8f7679Mandriva Linux Security Advisory 2015-143 - A buffer overflow was reported in mpfr. This is due to incorrect GMP documentation for mpn_set_str about the size of a buffer.
b4cc0a7364c95fc5b69ec302928fb1271eb953c7317abc36b2a5d69a28b3376fMandriva Linux Security Advisory 2015-142 - A memory corruption vulnerability, which results in a denial-of-service, was identified in the versions of V8 that ship with Node.js 0.8 and 0.10. In certain circumstances, a particularly deep recursive workload that may trigger a GC and receive an interrupt may overflow the stack and result in a segmentation fault. For instance, if your work load involves successive JSON.parse calls and the parsed objects are significantly deep, you may experience the process aborting while parsing. Multiple unspecified vulnerabilities in Google V8 before 3.24.35.10, as used in Node.js before 0.10.31, allow attackers to cause a denial of service or possibly have other impact via unknown vectors. The nodejs package has been updated to version 0.10.33 to fix these issues as well as several other bugs.
cdcb058c825c2c65daeca78e8d8e225b7668fb9972028beebe40d4e812c35030
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed