Gentoo Linux Security Advisories

GLSA 200409-03 (high) - Python 2.2: Buffer overflow in getaddrinfo()
Python 2.2 has a vulnerability in DNS handling when IPV6 is disabled and a malformed IPV6 address is encountered by getaddrinfo().
GLSA 200409-02 (normal) - MySQL: Insecure temporary file creation in mysqlhotcopy
The mysqlhotcopy utility can create temporary files with predictable paths, allowing an attacker to use a symlink to trick MySQL into overwriting important data.
GLSA 200409-01 (high) - vpopmail: Multiple vulnerabilities
vpopmail contains several bugs making it vulnerable to several SQL injection exploits as well as one buffer overflow and one format string exploit when using Sybase. This could lead to the execution of arbitrary code.
GLSA 200408-27 (normal) - Gaim: New vulnerabilities
Gaim contains several security issues that might allow an attacker to execute arbitrary code or commands.
GLSA 200408-26 (normal) - zlib: Denial of service vulnerability
The zlib library contains a Denial of Service vulnerability.
GLSA 200408-25 (normal) - MoinMoin: Group ACL bypass
MoinMoin contains a bug allowing anonymous users to bypass ACLs (Access Control Lists) and carry out operations that should be limited to authorized users.
GLSA 200408-24 (normal) - Linux Kernel: Multiple information leaks
Multiple information leaks have been found in the Linux kernel, allowing an attacker to obtain sensitive data which may be used for further exploitation of the system.
GLSA 200408-23 (low) - kdelibs: Cross-domain cookie injection vulnerability
The cookie manager component in kdelibs contains a vulnerability allowing an attacker to potentially gain access to a user's session on a legitimate web server.
GLSA 200408-22 (normal) - Mozilla, Firefox, Thunderbird, Galeon, Epiphany: New releases fix vulnerabilities
New releases of Mozilla, Epiphany, Galeon, Mozilla Thunderbird, and Mozilla Firefox fix several vulnerabilities, including remote DoS and buffer overflows.
GLSA 200408-21 (normal) - Cacti: SQL injection vulnerability
With special configurations of Cacti it is possible to change passwords via a SQL injection attack.
GLSA 200408-20 (normal) - Qt: Image loader overflows
There are several bugs in Qt's image-handling code which could lead to crashes or arbitrary code execution.
GLSA 200408-19 (high) - courier-imap: Remote Format String Vulnerability
There is a format string vulnerability in non-standard configurations of courier-imapd which may be exploited remotely. An attacker may be able to execute arbitrary code as the user running courier-imapd (oftentimes root).
GLSA 200408-18 (normal) - xine-lib: VCD MRL buffer overflow
xine-lib contains an exploitable buffer overflow in the VCD handling code
GLSA 200408-17 (normal) - rsync: Potential information leakage
rsync fails to properly sanitize paths. This vulnerability could allow the listing of arbitrary files and allow file overwriting outside module's path on rsync server configurations that allow uploading.
GLSA 200408-16 (low) - glibc: Information leak with LD_DEBUG
glibc contains an information leak vulnerability allowing the debugging of SUID binaries.
GLSA 200408-15 (normal) - Tomcat: Insecure installation
Improper file ownership may allow a member of the tomcat group to execute scripts as root.
GLSA 200408-14 (normal) - acroread: UUDecode filename buffer overflow
acroread contains two errors in the handling of UUEncoded filenames that may lead to execution of arbitrary code or programs.
GLSA 200408-13 (normal) - kdebase, kdelibs: Multiple security issues
KDE contains three security issues that can allow an attacker to compromise system accounts, cause a Denial of Service, or spoof websites via frame injection.
GLSA 200408-12 (normal) - Gaim: MSN protocol parsing function buffer overflow
Gaim contains a remotely exploitable buffer overflow vulnerability in the MSN-protocol parsing code that may allow remote execution of arbitrary code.
GLSA 200408-11 (normal) - Nessus: "adduser" race condition vulnerability
Nessus contains a vulnerability allowing a user to perform a privilege escalation attack.

« Previous 1 ... 124 125 126 127 128 ... 134 Next »

Also available in: Atom

Thank you!