Find the information you need for your favorite open source distribution .
Debian: lha Multiple vulnerabilities
Fixes multiple buffer overflows and multiple directory traversal vulnerabilities.
Find the information you need for your favorite open source distribution .
Fixes multiple buffer overflows and multiple directory traversal vulnerabilities.
Due to flushing the TLB too early it is possible for an attacker to trigger a local root exploit. This fix is to the sparc-built kernel and the kernel source.
Exploit could cause arbitrary code to be executed with the privileges of the log2mail process.
A remote user could cause an rsync daemon to write files outside of the intended directory tree, if the daemon is not configured with the 'chroot' option.
A remote attacker could gain access to the gallery "admin" user without proper authentication.
Several buffer overflow vulnerabilities were discovered in ethereal.
A remote user could potentially cause arbitrary code to be executed with the privileges of the jftpgw server process.
If initialization fails due to a missing configuration file, root privileges are not dropped, and xatitv executes the system(3) function without sanitizing user-supplied environment variables.
Bug allows copy of user-supplied data of arbitrary length into a fixed-size buffer in the pcd_open function.
User input is copied into variables not large enough for all cases. This can lead to an overflow of a static heap variable.
User input is copied into variables not large enough for all cases. This can lead to an overflow of a static heap variable.
Stefan Esser discovered a heap overflow in the CVS server, which serves the popular Concurrent Versions System.
This problem could perhaps be exploited to cause the daemon to read a negative amount of data which could lead to unexpected behaviour.
A problem has been discovered in mah-jong that can be utilised to crash the game server after dereferencing a NULL pointer.
These can not be exploited with the default configuration from the Debian system.
Neither of these stack-based buffer overflows is exploitable with the default Debian configuration.
This vulnerability could be exploited by a local user to overwrite files with the privileges of the user running emacs.
Patch fixes issue where a remote user could cause an rsync daemon to write filesoutside of the intended directory tree unless 'chroot' option is on.
This problem could cause the program to crash if a defective or intentionally prepared PNG image file is handled by libpng.
Jacub Jelinek discovered several vulnerabilities in the MidnightCommander, a powerful file manager for GNU/Linux systems.