what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 145 RSS Feed

Files

RHSA-2004-373.txt
Posted Aug 6, 2004
Site rhn.redhat.com

Red Hat Security Advisory RHSA-2004:373 - Flaws have been found in several of the GNOME VFS extfs backend scripts. Red Hat Enterprise Linux ships with vulnerable scripts, but they are not used by default. An attacker who is able to influence a user to open a specially-crafted URI using gnome-vfs could perform actions as that user.

systems | linux, redhat
advisories | CVE-2004-0494
SHA-256 | ce980c17ce691b47f48bfa02f67018a46a7b2fa7f18478ec835d6baffc3c648b
RHSA-2003:039-06.im
Posted Mar 10, 2003
Site redhat.com

Red Hat Security Advisory RHSA-2003:039-06 - The Internet Message (IM) Package that comes with Red Hat Linux has a vulnerability in the way two IM utilities create temporary files. Anticipating the names used to create files and directories stored in /tmp, it may be possible for a local attacker to corrupt or modify data as another user. Vulnerable versions include 7.0, 7.1, 7.2, 7.3, and 8.0.

tags | local
systems | linux, redhat
SHA-256 | f250f8b7b71beb5e702504e96b737e52c22d1cfc94d031287d32f452c11d8287
RHSA-2003:042-07.squirrelmail
Posted Mar 7, 2003

Red Hat Security Advisory RHSA-2003:042-07 - SquirrelMail, a PHP based webmail package, has two cross-site scripting vulnerabilities. Version 1.2.10 and earlier are affected.

tags | php, vulnerability, xss
systems | linux, redhat
SHA-256 | 5290697c046ca7ec78baf41ebf073cb373b331b0808fdeae53d39737fe3ca223
RHSA-2003:073-06.sendmail
Posted Mar 3, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:073-06 - Sendmail v5.79 to 8.12.7 contains a remote root vulnerability in the parsing of mail headers. MTAs other than Sendmail may pass on the carefully crafted message, causing unpatched versions of Sendmail inside a network could still be at risk even if they do not accept external connections directly. In addition, the restricted shell (SMRSH) in Sendmail allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after "||" sequences or "/" characters, which are not properly filtered or verified, allowing local attackers to execute arbitrary binaries via a .forward file.

tags | remote, arbitrary, shell, local, root
systems | linux, redhat
SHA-256 | cc7bc8f2ea5379e8b7b54cda946161337e85f4143d2b26c682d6e551a5e66667
RHSA-2003:015-05.txt
Posted Feb 19, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:015-05 - The rm and mv commands from Fileutils 4.1 and below contain race vulnerabilities which allow local users to delete files and directories as the user running mv or cp if the recursive option is used and the user has write access to any part of the directory tree being moved or deleted.

tags | local, vulnerability
systems | linux, redhat
SHA-256 | a80cb8fb856398925323c191a299ae9f327213094487b8f51517f9561ce60f3f
RHSA-2003:035-10.txt
Posted Feb 19, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:035-10 - The pam_xauth module included with the pam package v.75 and below contains a local root vulnerability which can be exploited if root is tricked into su'ing to the attackers account.

tags | local, root
systems | linux, redhat
SHA-256 | ad170f1655423e3feed8d627960d9d2c57d5460e7c4204797296bdff5b821a3c
RHSA-2003:029-06.txt
Posted Feb 19, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:029-06 - Lynx v2.8.4 contains a CR/LF injection vulnerability which can lead to faked headers being sent to a web server.

tags | web
systems | linux, redhat
SHA-256 | e05f3d9f7bdecf8e6fedd79d93868275c3e8c747da2c0507685a694de001e360
RHSA-2002:202-33.txt
Posted Feb 13, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2002:202-33 - Python v2.2.1 and below has a temp file vulnerability in os._execvpe from os.py which allows local users to execute arbitrary code via a symlink attack.

tags | arbitrary, local, python
systems | linux, redhat
SHA-256 | 822772e745db7d21b2b9bc4fe2db053ac18299cff1d54f0118e3c00554dd3e0e
RHSA-2003:037-09.txt
Posted Feb 7, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:037-09 - Xpdf v2.01 and below contains remote vulnerabilities which allow attackers to execute code via malformed PDF files.

tags | remote, vulnerability
systems | linux, redhat
advisories | CVE-2002-1384
SHA-256 | d36bd83c1e631ca88b084773941fc003645cf2620c32e9cea362d123ae67f368
RHSA-2003:043-12.txt
Posted Feb 7, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:043-12 - A buffer overflow in Window Maker v0.80.0 and earlier allows remote attackers to execute arbitrary code via an image file that is not properly handled when Window Maker uses width and height information to allocate a buffer. This could be exploited by a user opening a malicious theme.

tags | remote, overflow, arbitrary
systems | linux, redhat
SHA-256 | dcb96d7190a5017b1ad85fba57f8db0ab2b5e205a1b1efcc5fdeb082a66fd3ec
RHSA-2003:040-07.txt
Posted Feb 7, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2002-014 - Libldap and the slapd and slurpd servers that come with OpenLDAP v1.2.13 and below contains local and remote buffer overflow vulnerabilities.

tags | remote, overflow, local, vulnerability
systems | linux, redhat
SHA-256 | d9a0934797365d47e79498ec86e7fcaf8d412e815d2c12f3616bd01c66513348
RHSA-2003:017-06.txt
Posted Feb 5, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:017-06 - Red Hat released new PHP packages that are no longer affected by the wordwrap() heap overflow vulnerability. These packages are available for Red Hat version 8.0.

tags | overflow, php
systems | linux, redhat
advisories | CVE-2002-1396
SHA-256 | 65201ac8d85f84a7a6297dd65aa74862be4e863494a472c0612a0d7544f4ae02
RHSA-2003:025-20.txt
Posted Feb 5, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:025-20 - Updated kernel packages for Red Hat Linux 7.1, 7.2, 7.3, and 8.0 have been made available that fix an information leak from several ethernet drivers (reported by Atstake), and a file system issue.

tags | kernel
systems | linux, redhat
advisories | CVE-2003-0001
SHA-256 | 211f41f3c990e4ed3e36343477ac000e9faf9989b97be3b78b93aa11fa0bdf7a
RHSA-2003:006-06
Posted Jan 17, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2003:006-06 - Unpatched versions of libpng 1.2.1 and earlier do not correctly calculate offsets, which leads to a buffer overflow and arbitrary code execution. This can be exploited by an attacker creating a carefully crafted PNG file which executes arbitrary code when the victim views it.

tags | overflow, arbitrary, code execution
systems | linux, redhat
SHA-256 | 43c61f8f16cfe7fe1dab5612b04579e7a8f93c580803d470a7c8d27182e10496
RHSA-2002:295-07
Posted Jan 17, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2002:295-07 - Eight vulnerabilities have been fixed in the CUPS printer software included with Red Hat 7.3 and 8.0.

tags | vulnerability
systems | linux, redhat
SHA-256 | 8bf0911bf79427b7cea9038faf50d6c154fdcccc1125024b8287f7da634fdd4a
RHSA-2002:290-07
Posted Jan 10, 2003
Authored by Red Hat Security | Site redhat.com

Red Hat Security Advisory RHSA-2002:290-07 - Ethereal 0.9.7 and earlier allows remote attackers to execute arbitrary code via malformed packets to the LMP, PPP, or TDS dissectors. CVE-2002-1356.

tags | remote, arbitrary
systems | linux, redhat
SHA-256 | 9e1817333d7032f7dc56d6ea0341ee9a15e7a083af46148c013a36fba439d961
RHSA-2002:105-09
Posted Jun 6, 2002
Site redhat.com

Red Hat security advisory RHSA-2002:105-09 - Version 9 of ISC BIND prior to 9.2.1 contain a remotely exploitable denial of service vulnerability. This affects Red Hat 7.1, 7.2 and 7.3.

tags | denial of service
systems | linux, redhat
SHA-256 | 37d58624f3376e82ea78d7dea1a9e2a334fe0a7c5c3fb6ac32c50397656b2c86
RHSA-2002:083-22
Posted Jun 6, 2002
Site redhat.com

Red Hat security advisory RHSA-2002:083-22 - A vulnerability found in GNU Ghostscript allows command execution through specially crafted portscript files. This affected Red Hat 6.2, 7.0, 7.1, 7.2 and 7.3.

systems | linux, redhat
advisories | CVE-2002-0363
SHA-256 | c8798f74f8a74cd926142fc381e8c4e837c7a7bf7601363856083aada36bf510
RHSA-2002:084-17
Posted Jun 3, 2002
Site redhat.com

Red Hat Security Advisory RHSA-2002:084-17 - A format string vulnerability found in the pam_ldap module affected Red Hat versions 6.2, 7.0, 7.1,7.2, and 7.3. Red Hat released fixed packages that can be used to counter this vulnerability.

systems | linux, redhat
SHA-256 | fc2c689b4513509af1f8a5e7f2046d6dea50643ccac8e23b7cebe0b1fd61ab30
RHSA-2002:092-11
Posted May 25, 2002
Site redhat.com

Red Hat Security Advisory RHSA-2002:092-11 - A buffer overflow vulnerability has been found in the WU-IMAP daemon prior to v2001a which can be used to remotely execute code via malformed requests if the attacker has a valid IMAP account. This affects Red Hat 6.2, 7.0, 7.1 and 7.2.

tags | overflow, imap
systems | linux, redhat
SHA-256 | 8d45247f59e45aa7710cc18e1b02e6c3ff3cbb8aaa5b104fbe33cc6357f3cdd0
RHSA-2002:081-06
Posted May 13, 2002
Site redhat.com

Red Hat Security Advisory RHSA-2002:081-06 - A bug in utf8 interaction between perl-Digest-MD5 and Perl results in utf8 strings having improper MD5 digests.

tags | perl
systems | linux, redhat
SHA-256 | d11615b5bcc788dfe5676e519a1fe805e3192b4891226b1c53792d0ab3fa59f9
RHSA-2002:086-05
Posted May 13, 2002
Site redhat.com

Red Hat Security Advisory RHSA-2002:086-05 - A vulnerability found in the netfilter package can result in a serious information leak that exposes filter rules and network topology information. There is a workaround but no fixes are included in this advisory.

systems | linux, redhat
SHA-256 | 9bf35b2deb28384a8aac31f4b683b8f54a575d89eaab1cafdd6075f7145843f0
RHSA-2002-018.rsync
Posted Feb 2, 2002
Site redhat.com

Red Hat Security Advisory RHSA-2002:018-1 - New rsync packages are available; these fix a remotely exploitable problem in the I/O functions. These include the security patch from the recently released rsync-2.5.2. It is strongly recommended that all users of rsync upgrade to the fixed packages. More info on this bug available here.

systems | linux, redhat
SHA-256 | faf91340a392a224daa749860c05ada58e071ff7b0a24f13f52efa322669fb87
RHSA-2001:091-07.elm
Posted Jul 18, 2001
Site redhat.com

Red Hat Security Advisory RHSA-2001:091-07 - Elm had a buffer overflow when handling very long message-ids. This overwrote other header fields, and could potentially cause more damage. Red Hat Linux 5.2, 6.2, 7 and 7.1 is vulnerable.

tags | overflow
systems | linux, redhat
SHA-256 | d4b372395a2cdc3ff027c6537d7c9d02e3d327aec80692578de48c794ce48673
RHSA-2001:069-02.man
Posted May 23, 2001
Site redhat.com

Red Hat Security Advisory RHSA-2001:069-02 - The man package which is included with Red Hat 5.x, 6.x, and 7.0 contains a buffer overflow which allows local users to gain gid=man privileges.

tags | overflow, local
systems | linux, redhat
SHA-256 | b3528cab8e9854e0aea2f67b8bfbda58041f4184d82c1caf896cc0386f8802d6
Page 1 of 6
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close