Red Hat Security Advisory RHSA-2004:373 - Flaws have been found in several of the GNOME VFS extfs backend scripts. Red Hat Enterprise Linux ships with vulnerable scripts, but they are not used by default. An attacker who is able to influence a user to open a specially-crafted URI using gnome-vfs could perform actions as that user.
ce980c17ce691b47f48bfa02f67018a46a7b2fa7f18478ec835d6baffc3c648b
Red Hat Security Advisory RHSA-2003:039-06 - The Internet Message (IM) Package that comes with Red Hat Linux has a vulnerability in the way two IM utilities create temporary files. Anticipating the names used to create files and directories stored in /tmp, it may be possible for a local attacker to corrupt or modify data as another user. Vulnerable versions include 7.0, 7.1, 7.2, 7.3, and 8.0.
f250f8b7b71beb5e702504e96b737e52c22d1cfc94d031287d32f452c11d8287
Red Hat Security Advisory RHSA-2003:042-07 - SquirrelMail, a PHP based webmail package, has two cross-site scripting vulnerabilities. Version 1.2.10 and earlier are affected.
5290697c046ca7ec78baf41ebf073cb373b331b0808fdeae53d39737fe3ca223
Red Hat Security Advisory RHSA-2003:073-06 - Sendmail v5.79 to 8.12.7 contains a remote root vulnerability in the parsing of mail headers. MTAs other than Sendmail may pass on the carefully crafted message, causing unpatched versions of Sendmail inside a network could still be at risk even if they do not accept external connections directly. In addition, the restricted shell (SMRSH) in Sendmail allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after "||" sequences or "/" characters, which are not properly filtered or verified, allowing local attackers to execute arbitrary binaries via a .forward file.
cc7bc8f2ea5379e8b7b54cda946161337e85f4143d2b26c682d6e551a5e66667
Red Hat Security Advisory RHSA-2003:015-05 - The rm and mv commands from Fileutils 4.1 and below contain race vulnerabilities which allow local users to delete files and directories as the user running mv or cp if the recursive option is used and the user has write access to any part of the directory tree being moved or deleted.
a80cb8fb856398925323c191a299ae9f327213094487b8f51517f9561ce60f3f
Red Hat Security Advisory RHSA-2003:035-10 - The pam_xauth module included with the pam package v.75 and below contains a local root vulnerability which can be exploited if root is tricked into su'ing to the attackers account.
ad170f1655423e3feed8d627960d9d2c57d5460e7c4204797296bdff5b821a3c
Red Hat Security Advisory RHSA-2003:029-06 - Lynx v2.8.4 contains a CR/LF injection vulnerability which can lead to faked headers being sent to a web server.
e05f3d9f7bdecf8e6fedd79d93868275c3e8c747da2c0507685a694de001e360
Red Hat Security Advisory RHSA-2002:202-33 - Python v2.2.1 and below has a temp file vulnerability in os._execvpe from os.py which allows local users to execute arbitrary code via a symlink attack.
822772e745db7d21b2b9bc4fe2db053ac18299cff1d54f0118e3c00554dd3e0e
Red Hat Security Advisory RHSA-2003:037-09 - Xpdf v2.01 and below contains remote vulnerabilities which allow attackers to execute code via malformed PDF files.
d36bd83c1e631ca88b084773941fc003645cf2620c32e9cea362d123ae67f368
Red Hat Security Advisory RHSA-2003:043-12 - A buffer overflow in Window Maker v0.80.0 and earlier allows remote attackers to execute arbitrary code via an image file that is not properly handled when Window Maker uses width and height information to allocate a buffer. This could be exploited by a user opening a malicious theme.
dcb96d7190a5017b1ad85fba57f8db0ab2b5e205a1b1efcc5fdeb082a66fd3ec
Red Hat Security Advisory RHSA-2002-014 - Libldap and the slapd and slurpd servers that come with OpenLDAP v1.2.13 and below contains local and remote buffer overflow vulnerabilities.
d9a0934797365d47e79498ec86e7fcaf8d412e815d2c12f3616bd01c66513348
Red Hat Security Advisory RHSA-2003:017-06 - Red Hat released new PHP packages that are no longer affected by the wordwrap() heap overflow vulnerability. These packages are available for Red Hat version 8.0.
65201ac8d85f84a7a6297dd65aa74862be4e863494a472c0612a0d7544f4ae02
Red Hat Security Advisory RHSA-2003:025-20 - Updated kernel packages for Red Hat Linux 7.1, 7.2, 7.3, and 8.0 have been made available that fix an information leak from several ethernet drivers (reported by Atstake), and a file system issue.
211f41f3c990e4ed3e36343477ac000e9faf9989b97be3b78b93aa11fa0bdf7a
Red Hat Security Advisory RHSA-2003:006-06 - Unpatched versions of libpng 1.2.1 and earlier do not correctly calculate offsets, which leads to a buffer overflow and arbitrary code execution. This can be exploited by an attacker creating a carefully crafted PNG file which executes arbitrary code when the victim views it.
43c61f8f16cfe7fe1dab5612b04579e7a8f93c580803d470a7c8d27182e10496
Red Hat Security Advisory RHSA-2002:295-07 - Eight vulnerabilities have been fixed in the CUPS printer software included with Red Hat 7.3 and 8.0.
8bf0911bf79427b7cea9038faf50d6c154fdcccc1125024b8287f7da634fdd4a
Red Hat Security Advisory RHSA-2002:290-07 - Ethereal 0.9.7 and earlier allows remote attackers to execute arbitrary code via malformed packets to the LMP, PPP, or TDS dissectors. CVE-2002-1356.
9e1817333d7032f7dc56d6ea0341ee9a15e7a083af46148c013a36fba439d961
Red Hat security advisory RHSA-2002:105-09 - Version 9 of ISC BIND prior to 9.2.1 contain a remotely exploitable denial of service vulnerability. This affects Red Hat 7.1, 7.2 and 7.3.
37d58624f3376e82ea78d7dea1a9e2a334fe0a7c5c3fb6ac32c50397656b2c86
Red Hat security advisory RHSA-2002:083-22 - A vulnerability found in GNU Ghostscript allows command execution through specially crafted portscript files. This affected Red Hat 6.2, 7.0, 7.1, 7.2 and 7.3.
c8798f74f8a74cd926142fc381e8c4e837c7a7bf7601363856083aada36bf510
Red Hat Security Advisory RHSA-2002:084-17 - A format string vulnerability found in the pam_ldap module affected Red Hat versions 6.2, 7.0, 7.1,7.2, and 7.3. Red Hat released fixed packages that can be used to counter this vulnerability.
fc2c689b4513509af1f8a5e7f2046d6dea50643ccac8e23b7cebe0b1fd61ab30
Red Hat Security Advisory RHSA-2002:092-11 - A buffer overflow vulnerability has been found in the WU-IMAP daemon prior to v2001a which can be used to remotely execute code via malformed requests if the attacker has a valid IMAP account. This affects Red Hat 6.2, 7.0, 7.1 and 7.2.
8d45247f59e45aa7710cc18e1b02e6c3ff3cbb8aaa5b104fbe33cc6357f3cdd0
Red Hat Security Advisory RHSA-2002:081-06 - A bug in utf8 interaction between perl-Digest-MD5 and Perl results in utf8 strings having improper MD5 digests.
d11615b5bcc788dfe5676e519a1fe805e3192b4891226b1c53792d0ab3fa59f9
Red Hat Security Advisory RHSA-2002:086-05 - A vulnerability found in the netfilter package can result in a serious information leak that exposes filter rules and network topology information. There is a workaround but no fixes are included in this advisory.
9bf35b2deb28384a8aac31f4b683b8f54a575d89eaab1cafdd6075f7145843f0
Red Hat Security Advisory RHSA-2002:018-1 - New rsync packages are available; these fix a remotely exploitable problem in the I/O functions. These include the security patch from the recently released rsync-2.5.2. It is strongly recommended that all users of rsync upgrade to the fixed packages. More info on this bug available here.
faf91340a392a224daa749860c05ada58e071ff7b0a24f13f52efa322669fb87
Red Hat Security Advisory RHSA-2001:091-07 - Elm had a buffer overflow when handling very long message-ids. This overwrote other header fields, and could potentially cause more damage. Red Hat Linux 5.2, 6.2, 7 and 7.1 is vulnerable.
d4b372395a2cdc3ff027c6537d7c9d02e3d327aec80692578de48c794ce48673
Red Hat Security Advisory RHSA-2001:069-02 - The man package which is included with Red Hat 5.x, 6.x, and 7.0 contains a buffer overflow which allows local users to gain gid=man privileges.
b3528cab8e9854e0aea2f67b8bfbda58041f4184d82c1caf896cc0386f8802d6