Gentoo Linux Security Advisories

GLSA 200402-02 (high) - XFree86 Font Information File Buffer Overflow
Exploitation of a buffer overflow in the XFree86 Project Inc.'s XFree86 X Window System allows local attackers to gain root privileges.
GLSA 200402-01 (normal) - PHP setting leaks from .htaccess files on virtual hosts
If the server configuration "php.ini" file has "register_globals = on" and a request is made to one virtual host (which has "php_admin_flag register_globals off") and the next request is sent to the another virtual host (which does not have the setting) global variables may leak and may be used to exploit the site.
GLSA 200401-04 (normal) - GAIM 0.75 Remote overflows
Various overflows in the handling of AIM DirectIM packets was revealed in GAIM that could lead to a remote compromise of the IM client.
GLSA 200401-03 (low) - Apache mod_python Denial of Service vulnerability
Apache's mod_python module could crash the httpd process if a specific, malformed query string was sent.
GLSA 200401-02 (low) - Honeyd remote detection vulnerability via a probe packet
Identification of Honeyd installations allows an adversary to launch attacks specifically against Honeyd. No remote root exploit is currently known.
GLSA 200401-01 (high) - Linux kernel do_mremap() local privilege escalation vulnerability
A critical security vulnerability has been found in recent Linux kernels which allows for local privelege escalation.
GLSA 200312-08 (high) - CVS: possible root compromise when using CVS pserver
A possible root compromise exists for CVS pservers.
GLSA 200312-07 (low) - Two buffer overflows in lftp
Two buffer overflow problems are found in lftp that, in case the user visits a malicious ftp server, could lead to malicious code being executed.
GLSA 200312-06 (translation missing: en, label_glsa_medium) - XChat: malformed dcc send request denial of service
A bug in XChat could allow malformed dcc send requests to cause a denial of service.
GLSA 200312-05 (translation missing: en, label_glsa_minimal) - GnuPG: ElGamal signing keys compromised and format string vulnerability
A bug in GnuPG allows ElGamal signing keys to be compromised, and a format string bug in the gpgkeys_hkp utility may allow arbitrary code execution.
GLSA 200312-04 (translation missing: en, label_glsa_minimal) - CVS: malformed module request vulnerability
A bug in cvs could allow attempts to create files and directories outside a repository.
GLSA 200312-03 (high) - rsync: exploitable heap overflow
rsync contains a heap overflow vulnerability that can be used to execute arbitrary code.
GLSA 200312-01 (low) - rsync.gentoo.org: rotation server compromised
A server in the rsync.gentoo.org rotation was compromised.
GLSA 200311-08 (normal) - Libnids: remote code execution vulnerability
Libnids contains a bug which could allow remote code execution.
GLSA 200311-07 (normal) - phpSysInfo: arbitrary code execution and directory traversal
phpSysInfo contains two vulnerabilities that can allow arbitrary code execution and local directory traversal.
GLSA 200311-06 (normal) - glibc: getgrouplist buffer overflow vulnerability
glibc contains a buffer overflow in the getgrouplist function.
GLSA 200311-05 (normal) - Ethereal: security problems in ethereal 0.9.15
Ethereal is vulnerable to heap and buffer overflows in the GTP, ISAKMP, MEGACO, and SOCKS protocol dissectors.
GLSA 200311-04 (normal) - FreeRADIUS: heap exploit and NULL pointer dereference vulnerability
FreeRADIUS is vulnerable to a heap exploit and a NULL pointer dereference vulnerability.
GLSA 200311-03 (normal) - HylaFAX: Remote code exploit in hylafax
A format bug condition allows a remote attacjer to execute arbitrary code as the root user.
GLSA 200311-02 (high) - Opera: buffer overflows in 7.11 and 7.20
Buffer overflows exist in Opera 7.11 and 7.20 that can cause Opera to crash, and can potentially overwrite arbitrary bytes on the heap leading to a system compromise.

« Previous 1 ... 126 127 128 129 Next »

Also available in: Atom

Thank you!