Gentoo Linux Security Advisories

GLSA 200701-28 (low) - thttpd: Unauthenticated remote file access
The default configuration of the Gentoo thttpd package potentially allows unauthenticated access to system files when used with newer versions of baselayout.
GLSA 200701-27 (normal) - ELinks: Arbitrary Samba command execution
ELinks does not properly validate "smb://" URLs, making it vulnerable to the execution of arbitrary Samba commands.
GLSA 200701-26 (normal) - KSirc: Denial of Service vulnerability
KSirc is vulnerable to a Denial of Service attack.
GLSA 200701-25 (normal) - X.Org X server: Multiple vulnerabilities
Sean Larsson from iDefense Labs has found multiple vulnerabilities in the DBE and Render extensions.
GLSA 200701-24 (normal) - VLC media player: Format string vulnerability
VLC media player improperly handles format strings, allowing for the execution of arbitrary code.
GLSA 200701-23 (high) - Cacti: Command execution and SQL injection
Cacti has three vulnerabilities that could allow shell command execution or SQL injection.
GLSA 200701-22 (normal) - Squid: Multiple Denial of Service vulnerabilities
Two vulnerabilities have been found in Squid which make it susceptible to Denial of Service attacks.
GLSA 200701-21 (high) - MIT Kerberos 5: Arbitrary Remote Code Execution
Multiple vulnerabilities in MIT Kerberos 5 could potentially result in the execution of arbitrary code.
GLSA 200701-20 (normal) - Centericq: Remote buffer overflow in LiveJournal handling
Centericq does not properly handle communications with the LiveJournal service, allowing for the remote execution of arbitrary code.
GLSA 200701-19 (low) - OpenLDAP: Insecure usage of /tmp during installation
A shell script commonly released with OpenLDAP makes insecure usage of files in /tmp during the emerge process.
GLSA 200701-18 (normal) - xine-ui: Format string vulnerabilities
xine-ui improperly handles format strings, possibly allowing for the execution of arbitrary code.
GLSA 200701-17 (normal) - libgtop: Privilege escalation
libgtop improperly handles filenames, possibly allowing for the execution of arbitrary code.
GLSA 200701-16 (normal) - Adobe Acrobat Reader: Multiple vulnerabilities
Adobe Acrobat Reader is vulnerable to remote code execution, Denial of Service, and cross-site scripting attacks.
GLSA 200701-15 (normal) - Sun JDK/JRE: Multiple vulnerabilities
Multiple unspecified vulnerabilities have been identified in Sun Java Development Kit (JDK) and Java Runtime Environment (JRE).
GLSA 200701-14 (normal) - Mod_auth_kerb: Denial of Service
Mod_auth_kerb is vulnerable to a buffer overflow possibly allowing a Denial of Service.
GLSA 200701-13 (normal) - Fetchmail: Denial of Service and password disclosure
Fetchmail has been found to have numerous vulnerabilities allowing for Denial of Service and password disclosure.
GLSA 200701-12 (low) - Mono: Information disclosure
Mono does not properly sanitize pathnames allowing unauthorized information disclosure.
GLSA 200701-11 (low) - Kronolith: Local file inclusion
Kronolith contains a flaw that could allow the execution of arbitrary files.
GLSA 200701-10 (normal) - WordPress: Multiple vulnerabilities
WordPress is vulnerable to SQL injection, information disclosure, and cross-site scripting attacks.
GLSA 200701-09 (normal) - oftpd: Denial of Service
An assertion in oftpd could lead to a denial of service vulnerability.

« Previous 1 ... 127 128 129 130 131 ... 173 Next »

Also available in: Atom

Thank you!