Gentoo Linux Security Advisories

GLSA 200406-02 (high) - tripwire: Format string vulnerability
A vulnerability allowing arbitrary code execution under certain circumstances has been found.
GLSA 200406-01 (high) - Ethereal: Multiple security problems
Multiple vulnerabilities including one buffer overflow exist in Ethereal, which may allow an attacker to run arbitrary code or crash the program.
GLSA 200405-25 (normal) - tla: Multiple vulnerabilities in included libneon
tla includes a vulnerable version of the neon library.
GLSA 200405-24 (high) - MPlayer, xine-lib: vulnerabilities in RTSP stream handling
Multiple vulnerabilities, including remotely exploitable buffer overflows, have been found in code common to MPlayer and the xine library.
GLSA 200405-23 (high) - Heimdal: Kerberos 4 buffer overflow in kadmin
A possible buffer overflow in the Kerberos 4 component of Heimdal has been discovered.
GLSA 200405-22 (normal) - Apache 1.3: Multiple vulnerabilities
Several security vulnerabilities have been fixed in the latest release of Apache 1.3.
GLSA 200405-21 (high) - Midnight Commander: Multiple vulnerabilities
Multiple security issues have been discovered in Midnight Commander including several buffer overflows and string format vulnerabilities.
GLSA 200405-20 (normal) - Insecure Temporary File Creation In MySQL
Two MySQL utilities create temporary files with hardcoded paths, allowing an attacker to use a symlink to trick MySQL into overwriting important data.
GLSA 200405-19 (normal) - Opera telnet URI handler file creation/truncation vulnerability
A vulnerability exists in Opera's telnet URI handler that may allow a remote attacker to overwrite arbitrary files.
GLSA 200405-18 (high) - Buffer Overflow in Firebird
A buffer overflow via environmental variables in Firebird may allow a local user to manipulate or destroy local databases and trojan the Firebird binaries.
GLSA 200405-17 (high) - Multiple vulnerabilities in metamail
Several format string bugs and buffer overflows were discovered in metamail, potentially allowing execution of arbitrary code remotely.
GLSA 200405-16 (normal) - Multiple XSS Vulnerabilities in SquirrelMail
SquirrelMail is subject to several XSS and one SQL injection vulnerability.
GLSA 200405-15 (normal) - cadaver heap-based buffer overflow
There is a heap-based buffer overflow vulnerability in the neon library used in cadaver, possibly leading to execution of arbitrary code when connected to a malicious server.
GLSA 200405-14 (normal) - Buffer overflow in Subversion
There is a vulnerability in the Subversion date parsing code which may lead to denial of service attacks, or execution of arbitrary code. Both the client and server are vulnerable.
GLSA 200405-13 (normal) - neon heap-based buffer overflow
A vulnerability potentially allowing remote execution of arbitrary code has been discovered in the neon library.
GLSA 200405-12 (high) - CVS heap overflow vulnerability
CVS is subject to a heap overflow vulnerability allowing source repository compromise.
GLSA 200405-11 (normal) - KDE URI Handler Vulnerabilities
Vulnerabilities in KDE URI handlers makes your system vulnerable to various attacks.
GLSA 200405-10 (normal) - Icecast denial of service vulnerability
Icecast is vulnerable to a denial of service attack allowing remote users to crash the application.
GLSA 200405-09 (high) - ProFTPD Access Control List bypass vulnerability
Version 1.2.9 of ProFTPD introduced a vulnerability that causes CIDR-based Access Control Lists (ACLs) to be treated as "AllowAll", thereby allowing remote users full access to files available to the FTP daemon.
GLSA 200405-08 (high) - Pound format string vulnerability
There is a format string flaw in Pound, allowing remote execution of arbitrary code with the rights of the Pound process.

« Previous 1 ... 126 127 128 129 130 ... 132 Next »

Also available in: Atom

Thank you!