Mandrake Linux Security Update Advisory - A number of vulnerabilities were fixed in mozilla 1.7.3, the following of which have been backported to mozilla packages for Mandrake Linux 10.0: "Send page" heap overrun, javascript clipboard access, buffer overflow when displaying VCard, BMP integer overflow, javascript: link dragging, Malicious POP3 server III.
9f5db01dbfd4b9ff3f74a73729cb6a0c9bf1c408d1dc95dad30d2132b2454615Mandriva Linux Security Advisory - Ulf Harnhammar discovered a remote buffer overflow in lynx versions 2.8.2 through 2.8.5.
9096ee2561547d48a7c2b2508bb19b5f4973f207aad33445e6c7d603140eeda0Mandriva Linux Security Update Advisory - Ariel Berkman discovered several buffer overflows in xloadimage, which are also present in xli, a command line utility for viewing images in X11, and could be exploited via large image titles and cause the execution of arbitrary code.
ab8941b3a540e289eb42a82f483c7ffbd67af77efba8be26cecb24ffb9d35617Mandriva Linux Security Update Advisory - Yutaka Oiwa discovered a bug in Ruby, the interpreter for the object-oriented scripting language, that can cause illegal program code to bypass the safe level and taint flag protections check and be executed.
df8d7dc5bef1b8661acb2ae9fd7ad34493349baa3daba6e152d7f4fa96136577Mandriva Linux Security Update Advisory - A bug was found in the way the pam_ldap module processed certain failure messages. If the server includes supplemental data in an authentication failure result message, but the data does not include any specific error code, the pam_ldap module would proceed as if the authentication request had succeeded, and authentication would succeed. This affects versions 169 through 179 of pam_ldap.
1c8c93daaa5f913213407f6a73ad9ff723b3821b0c481e4640796f19fd334bd6Mandriva Linux Security Update Advisory - "infamous41md" discovered a buffer overflow in uw-imap, the University of Washington's IMAP Server that allows attackers to execute arbitrary code.
2d5b26da4c2651904587f7e2e1c4a615c6750ac7d289224abbbeb27829f09aeeMandriva Linux Security Update Advisory - Javier Fern
1e8cee6ff1485779117b7c9f67f24678d6f076377f7903083aa290c52eb891f7Mandriva Linux Security Update Advisory - Joxean Koret discovered that the Python SVG import plugin in dia, a vector-oriented diagram editor, does not properly sanitize data read from an SVG file and is hence vulnerable to execute arbitrary Python code.
f000475a6708305f86349410e4b1108f015d991817e44392ae088316b69a934bMandriva Linux Security Update Advisory - Ulf Harnhammar discovered a remote buffer overflow in lynx versions 2.8.2 through 2.8.5
48154abcdff3ecaa89fc76b7d19a1d5210df7e297fbbe99f9d51d9641259ff78Mandriva Linux Security Update Advisory - Chris Evans reported a heap based buffer overflow in the RTF importer of KWord. An attacker could provide a specially crafted RTF file, which when opened in KWord can cause execution of arbitrary code
7a3183c390645fecb2cac0f42f9b73b4f054919dbc1eb75ea65cc15ca3e7262dMandriva Linux Security Update Advisory - Javier Fern
a472be172d6fc469059b32dbc8d04e92cd576537b8caa4a88e1e5ba9d613c3d2Mandriva Linux Security Update Advisory - Squid 2.5.9, while performing NTLM authentication, does not properly handle certain request sequences, which allows attackers to cause a denial of service (daemon restart).
06d0d47bfa360a14185cf60283a9713fa8bf5c27d443c35ba004e0fb4381c8ebMandriva Linux Security Update Advisory - When playing an Audio CD, a xine-lib based media application contacts a CDDB server to retrieve metadata like the title and artist's name. During processing of this data, a response from the server, which is located in memory on the stack, is passed to the fprintf() function as a format string. An attacker can set up a malicious CDDB server and trick the client into using this server instead of the pre- configured one. Alternatively, any user and therefore the attacker can modify entries in the official CDDB server. Using this format string vulnerability, attacker-chosen data can be written to an attacker-chosen memory location. This allows the attacker to alter the control flow and to execute malicious code with the permissions of the user running the application.
aa30859c0d6a7f47a28e0c687d6bf26f4f312e6ce94df28dde0c1458613a57d0Mandriva Linux Security Update Advisory - Yutaka Oiwa discovered vulnerability potentially affects applications that use the SSL/TLS server implementation provided by OpenSSL.
f162a1718a04d64fcdcfa881284798e3240afdc4b36bb8ef9e86a3efbf61ed0eMandriva Linux Security Update Advisory - A cross-site scripting (XSS) vulnerability in add.php in Address Add Plugin 1.9 and 2.0 for Squirrelmail allows remote attackers to inject arbitrary web script or HTML via the IMG tag.
bed652ce606c76c741ba4a9bb11163f7491d679ec4eea0946f730779d582b5dfMandriva Linux Security Update Advisory - faxcron, recvstats, and xferfaxstats in HylaFax 4.2.1 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. In addition, HylaFax has some provisional support for Unix domain sockets, which is disabled in the default compile configuration. It is suspected that a local user could create a fake /tmp/hyla.unix socket and intercept fax traffic via this socket. In testing for this vulnerability, with CONFIG_UNIXTRANSPORT disabled, it has been found that client programs correctly exit before sending any data.
62d8e72fae9a4a68d6e24a2850d05bb819ea9695193453de5c40931f5182a02eMandriva Linux Security Update Advisory - Miniserv.pl in Webmin 1.220, when full PAM conversations is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return).
a2567dded228c5c8e1ec16208f680d5d1cc3614ecdb6712bdc01b2a5284525a6Mandriva Linux Security Update Advisory - Sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts. GSSAPI is only enabled in versions of openssh shipped in LE2005 and greater.
36ff3b7eb497ae29ca47eb6ebb8a464874b5bda235ffd3c5c284b54f5f5fd1f4Mandriva Linux Security Update Advisory - A number of vulnerabilities have been discovered in Mozilla Firefox that have been corrected in version 1.0.7
bb0c0e56a300a55986048b2a72e10d74683868e9f32c036373319828bd7879e3Mandriva Linux Security Update Advisory - A vulnerability was discovered in the pixmap allocation handling of the X server that can lead to local privilege escalation. By allocating a huge pixmap, a local user could trigger an integer overflow that resulted in a memory allocation that was too small for the requested pixmap, leading to a buffer overflow which could then be exploited to execute arbitrary code with full root privileges.
3cf2154b69cec09589d62bdefa8ec6d90c741286aeedc640ff2242cb4a6b34d9Mandriva Linux Security Update Advisory - A stack-based buffer overflow was discovered in the init_syms function in MySQL that allows authenticated users that can create user-defined functions to execute arbitrary code via a long function_name field.
e6803a3044816c86b9cb2e48715440a1ccf90fe4c2461cc9b68cf4cd21ef04ebMandriva Linux Security Update Advisory - A flaw was discovered in mod_ssl's handling of the SSLVerifyClient directive. This flaw occurs if a virtual host is configured using SSLVerifyClient optional and a directive SSLVerifyClient required is set for a specific location. For servers configured in this fashion, an attacker may be able to access resources that should otherwise be protected, by not supplying a client certificate when connecting. A flaw was discovered in Apache httpd where the byterange filter would buffer certain responses into memory. If a server has a dynamic resource such as a CGI script or PHP script that generates a large amount of data, an attacker could send carefully crafted requests in order to consume resources, potentially leading to a Denial of Service.
d8ac7a09a10fda0bcf0e418be47a3e0e0888e664ca28011b661fb6856ae40716Mandriva Linux Security Update Advisory - Ilja van Sprundel from suresec.org notified the KDE security team about a serious lock file handling error in kcheckpass that can, in some configurations, be used to gain root access. In order for an exploit to succeed, the directory /var/lock has to be writeable for a user that is allowed to invoke kcheckpass.
4777c752bcd6597f96c96b1cd0f65480dc336439c93211736685cf7dad59dd1dMandriva Linux Security Update Advisory - Ben Burton notified the KDE security team about several tempfile handling related vulnerabilities in langen2kvtml, a conversion script for kvoctrain. This vulnerability was initially discovered by Javier Fern
a47c7b1147b1d3baf301144a1eadf49cf107afeef603b598d59f027c3dd9368aMandriva Linux Security Update Advisory - buffer overflow in ad_pcm.c in MPlayer 1.0pre7 and earlier allows remote attackers to execute arbitrary code via a video file with an audio header containing a large value in a strf chunk.
7b3e6873b460f03c379d889d6f3bdfa59e23233031a499f5828119f39d23b366Mandriva Linux Security Update Advisory - A severe security issue has been discovered in Smb4K. By linking a simple text file FILE to /tmp/smb4k.tmp or /tmp/sudoers, an attacker could get access to the full contents of the /etc/super.tab or /etc/sudoers file, respectively, because Smb4K didn't check for the existance of these files before writing any contents. When using super, the attack also resulted in /etc/super.tab being a symlink to FILE. Affected are all versions of the 0.4, 0.5, and 0.6 series of Smb4K.
2e7d946d88525e9117a39502618c5c8066182d1bb26b4e22744dea059b24fb60
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed