Gentoo Linux Security Advisories

GLSA 200404-13 (normal) - CVS Server and Client Vulnerabilities
There are two vulnerabilities in CVS; one in the server and one in the client. These vulnerabilities allow the reading and writing of arbitrary files on both client and server.
GLSA 200404-12 (high) - Scorched 3D server chat box format string vulnerability
Scorched 3D is vulnerable to a format string attack in the chat box that leads to Denial of Service on the game server and possibly allows execution of arbitrary code.
GLSA 200404-11 (high) - Multiple Vulnerabilities in pwlib
Multiple vulnerabilities have been found in pwlib that may lead to a remote denial of service or buffer overflow attack.
GLSA 200404-10 (low) - iproute local Denial of Service vulnerability
The iproute package allows local users to cause a denial of service.
GLSA 200404-09 (normal) - Cross-realm trust vulnerability in Heimdal
Heimdal contains cross-realm vulnerability allowing someone with control over a realm to impersonate anyone in the cross-realm trust path.
GLSA 200404-08 (normal) - GNU Automake symbolic link vulnerability
Automake may be vulnerable to a symbolic link attack which may allow an attacker to modify data or elevate their privileges.
GLSA 200404-07 (normal) - ClamAV RAR Archive Remote Denial Of Service Vulnerability
ClamAV is vulnerable to a denial of service attack when processing certain RAR archives.
GLSA 200404-06 (low) - Util-linux login may leak sensitive data
The login program included in util-linux could leak sensitive information under certain conditions.
GLSA 200404-05 (high) - ipsec-tools contains an X.509 certificates vulnerability.
ipsec-tools contains a vulnerability that affects connections authenticated with X.509 certificates.
GLSA 200404-04 (normal) - Multiple vulnerabilities in sysstat
Multiple vulnerabilities in the way sysstat handles symlinks may allow an attacker to execute arbitrary code or overwrite arbitrary files
GLSA 200404-03 (high) - Tcpdump Vulnerabilities in ISAKMP Parsing
There are multiple vulnerabilities in tcpdump and libpcap related to parsing of ISAKMP packets.
GLSA 200404-02 (high) - KDE Personal Information Management Suite Remote Buffer Overflow Vulnerability
KDE-PIM may be vulnerable to a remote buffer overflow attack that may allow unauthorized access to an affected system.
GLSA 200404-01 (normal) - Insecure sandbox temporary lockfile vulnerabilities in Portage
A flaw has been found in the temporary file handling algorithms for the sandboxing code used within Portage. Lockfiles created during normal Portage operation of portage could be manipulated by local users resulting in the truncation of hard linked files; causing a Denial of Service attack on the system.
GLSA 200403-14 (high) - Multiple Security Vulnerabilities in Monit
A denial of service and a buffer overflow vulnerability have been found in Monit.
GLSA 200403-13 (high) - Remote buffer overflow in MPlayer
MPlayer contains a remotely exploitable buffer overflow in the HTTP parser that may allow attackers to run arbitrary code on a user's computer.
GLSA 200403-12 (normal) - OpenLDAP DoS Vulnerability
A failed password operation can cause the OpenLDAP slapd server, if it is using the back-ldbm backend, to free memory that was never allocated.
GLSA 200403-11 (normal) - Squid ACL [url_regex] bypass vulnerability
Squid versions 2.0 through to 2.5.STABLE4 could allow a remote attacker to bypass Access Control Lists by sending a specially-crafted URL request containing '%00': in such circumstances; the url_regex ACL may not properly detect the malicious URL, allowing the attacker to effectively bypass the ACL.
GLSA 200403-10 (normal) - Fetchmail 6.2.5 fixes a remote DoS
Fetchmail versions 6.2.4 and earlier can be crashed by sending a specially-crafted email to a fetchmail user.
GLSA 200403-09 (high) - Buffer overflow in Midnight Commander
A remotely-exploitable buffer overflow in Midnight Commander allows arbitrary code to be run on a user's computer
GLSA 200403-08 (normal) - oftpd DoS vulnerability
A remotely-exploitable overflow exists in oftpd, allowing an attacker to crash the oftpd daemon.

« Previous 1 ... 126 127 128 129 130 Next »

Also available in: Atom

Thank you!