Red Hat Security Advisory RHSA-2003:073-06 - Sendmail v5.79 to 8.12.7 contains a remote root vulnerability in the parsing of mail headers. MTAs other than Sendmail may pass on the carefully crafted message, causing unpatched versions of Sendmail inside a network could still be at risk even if they do not accept external connections directly. In addition, the restricted shell (SMRSH) in Sendmail allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after "||" sequences or "/" characters, which are not properly filtered or verified, allowing local attackers to execute arbitrary binaries via a .forward file.
cc7bc8f2ea5379e8b7b54cda946161337e85f4143d2b26c682d6e551a5e66667Red Hat Security Advisory RHSA-2003:015-05 - The rm and mv commands from Fileutils 4.1 and below contain race vulnerabilities which allow local users to delete files and directories as the user running mv or cp if the recursive option is used and the user has write access to any part of the directory tree being moved or deleted.
a80cb8fb856398925323c191a299ae9f327213094487b8f51517f9561ce60f3fRed Hat Security Advisory RHSA-2003:035-10 - The pam_xauth module included with the pam package v.75 and below contains a local root vulnerability which can be exploited if root is tricked into su'ing to the attackers account.
ad170f1655423e3feed8d627960d9d2c57d5460e7c4204797296bdff5b821a3cRed Hat Security Advisory RHSA-2003:029-06 - Lynx v2.8.4 contains a CR/LF injection vulnerability which can lead to faked headers being sent to a web server.
e05f3d9f7bdecf8e6fedd79d93868275c3e8c747da2c0507685a694de001e360Red Hat Security Advisory RHSA-2002:202-33 - Python v2.2.1 and below has a temp file vulnerability in os._execvpe from os.py which allows local users to execute arbitrary code via a symlink attack.
822772e745db7d21b2b9bc4fe2db053ac18299cff1d54f0118e3c00554dd3e0eRed Hat Security Advisory RHSA-2003:037-09 - Xpdf v2.01 and below contains remote vulnerabilities which allow attackers to execute code via malformed PDF files.
d36bd83c1e631ca88b084773941fc003645cf2620c32e9cea362d123ae67f368Red Hat Security Advisory RHSA-2003:043-12 - A buffer overflow in Window Maker v0.80.0 and earlier allows remote attackers to execute arbitrary code via an image file that is not properly handled when Window Maker uses width and height information to allocate a buffer. This could be exploited by a user opening a malicious theme.
dcb96d7190a5017b1ad85fba57f8db0ab2b5e205a1b1efcc5fdeb082a66fd3ecRed Hat Security Advisory RHSA-2002-014 - Libldap and the slapd and slurpd servers that come with OpenLDAP v1.2.13 and below contains local and remote buffer overflow vulnerabilities.
d9a0934797365d47e79498ec86e7fcaf8d412e815d2c12f3616bd01c66513348Red Hat Security Advisory RHSA-2003:017-06 - Red Hat released new PHP packages that are no longer affected by the wordwrap() heap overflow vulnerability. These packages are available for Red Hat version 8.0.
65201ac8d85f84a7a6297dd65aa74862be4e863494a472c0612a0d7544f4ae02Red Hat Security Advisory RHSA-2003:025-20 - Updated kernel packages for Red Hat Linux 7.1, 7.2, 7.3, and 8.0 have been made available that fix an information leak from several ethernet drivers (reported by Atstake), and a file system issue.
211f41f3c990e4ed3e36343477ac000e9faf9989b97be3b78b93aa11fa0bdf7aRed Hat Security Advisory RHSA-2003:006-06 - Unpatched versions of libpng 1.2.1 and earlier do not correctly calculate offsets, which leads to a buffer overflow and arbitrary code execution. This can be exploited by an attacker creating a carefully crafted PNG file which executes arbitrary code when the victim views it.
43c61f8f16cfe7fe1dab5612b04579e7a8f93c580803d470a7c8d27182e10496Red Hat Security Advisory RHSA-2002:295-07 - Eight vulnerabilities have been fixed in the CUPS printer software included with Red Hat 7.3 and 8.0.
8bf0911bf79427b7cea9038faf50d6c154fdcccc1125024b8287f7da634fdd4aRed Hat Security Advisory RHSA-2002:290-07 - Ethereal 0.9.7 and earlier allows remote attackers to execute arbitrary code via malformed packets to the LMP, PPP, or TDS dissectors. CVE-2002-1356.
9e1817333d7032f7dc56d6ea0341ee9a15e7a083af46148c013a36fba439d961
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed