Gentoo Essential and Critical Security Patch Updates - Page 182
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
A remote vulnerability exists that can result in commands can be executed with administrative privileges.
Many of the features supported by popular terminal emulator software can be abused when un-trusted data is displayed on the screen.
Many of the features supported by popular terminal emulator software can be abused when un-trusted data is displayed on the screen.
The VNC server acts as an X server, but the script for starting itgenerates an MIT X cookie (which is used for X authentication) withoutusing a strong enough random number generator. This could allow anattacker to be able to more easily guess the authentication cookie.
The VNC server acts as an X server, but the script for starting itgenerates an MIT X cookie (which is used for X authentication) withoutusing a strong enough random number generator. This could allow anattacker to be able to more easily guess the authentication cookie.
Due to a remotely exploitable security hole being discovered thateffects all previous Webmin releases, version 1.070 is now availablefor download.
A remote root vulnerability in slave setups and some buffer overflowsin the network information server code were discovered by the apcupsddevelopers.
Due to a remotely exploitable security hole being discovered thateffects all previous Webmin releases, version 1.070 is now availablefor download
This update fixes a timing-based attack on CBC cipher suites used in SSL and TLS which OpenSSL was found to be vulnerable to.
PHP contains code for preventing direct access to the CGI binary with configure option "--enable-force-cgi-redirect" and php.ini option "cgi.force_redirect".
Overflowing a buffer in nethack may lead to privelige escalation to games uid.
Security flaws have been found in the SYSLINUX installer when running setuid root.
The email variable and the default error page in mailmain 2.1 contains cross site scripting vulnerabilities.
A wave file will let the attacker to execute all the code he wants on the victim.
All versions < 0.2.2 have a major security vulnerability in the directory parser.
The overflow appears when the slocate is run with two parameters: -c and -r, using as arguments a 1024 bytes string.
An attacker may be able to execute arbitrary code by sending a specially crafted e-mail to a system using SpamAssassin's spamc program in BSMTP mode.
Opening a specially crafted text file with vim can execute arbitrary shell commands and pass parameters to them.