Gentoo Essential and Critical Security Patch Updates - Page 182
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
An attacker can prepare a malicious PostScript or PDF file which will provide the attacker with access to the victim's account and privileges.
KDE uses Ghostscript software for processing of PostScript (PS) and PDF files in a way that allows for the execution of arbitrary commands that can be contained in such files.
There is a buffer overflow in the server responds handler of seti at home.
An anonymous user can gain remote root access due to a buffer overflow caused by a StrnCpy() into a char array (fname) using a non-constant length (namelen).
Remote exploitation of a memory leak in the Apache HTTP Server causes the daemon to over utilize system resources on an affected system.
The xdrmem_getbytes() function in the XDR library provided by Sun Microsystems contains an integer overflow.
There is a vulnerability in sendmail that can be exploited to cause a denial-of-service condition and could allow a remote attacker to execute arbitrary code with the privileges of the sendmail daemon, typically root.
A cryptographic weakness in version 4 of the Kerberos protocol allows anattacker to use a chosen-plaintext attack to impersonate any principal in arealm. OpenAFS kaserver implements version 4 of the Kerberos protocol, andtherefore is vulnerable.
The function gzprintf() is similar in behaviour to fprintf() except that by default, this function will smash the stack if called with arguments that expand to more than Z_PRINTF_BUFSIZE (=4096 by default) bytes.
Various conditions may be presented that can permit an attacker to remotelyexploit a service using this vulnerable routine in the XDR library.
Researchers have discovered a timing attack on RSA keys, to whichOpenSSL is generally vulnerable, unless RSA blinding has been turnedon.
Researchers have discovered a timing attack on RSA keys, to which OpenSSL is generally vulnerable, unless RSA blinding has been turned on.
The xdrmem_getbytes() function in the XDR library provided by Sun Microsystems contains an integer overflow.
Bitchx is full of sprintf() calls and relying on BIG_BUFFER_SIZE being large enough.
Several vulnerabilities have been found in the OpenSSL toolkit.
By controlling a malicious IMAP server and providing a specially crafted folder, an attacker can crash the mail reader and possibly force execution of arbitrary commands on the vulnerable system with the privileges of the user running Mutt.
Three vulnerabilities were found that could lead to various forms of exploitation ranging from denying to users the ability to read email, provoke system unstability, bypassing security context checks for email content and possibly execution of arbitrary commands on vulnerable systems.
The Linux 2.2 and Linux 2.4 kernels have a flaw in ptrace. This hole allows local users to obtain full privileges.