PHP is a well known, widely-used scripting language often used within PHP is a well known, widely-used scripting language often used within web server setups. web server setups. Stefan Esser found a problem with the "memory_limit" handling of PHP which allows remote attackers to execute arbitrary code as the user running the PHP interpreter. This problem has been fixed. Additionally a prob [More...]
Multiple security vulnerabilities are being addressed with this security update of the Linux kernel.Kernel memory access vulnerabilities are fixed in the e1000, decnet,acpi_asus, alsa, airo/WLAN, pss and mpu401 drivers. Thesevulnerabilities can lead to kernel memory read access, write accessand local denial of service conditions, resulting in access to theroot account for an attacker with a loca [More...]
The Dynamic Host Configuration Protocol (DHCP) server is used to The Dynamic Host Configuration Protocol (DHCP) server is used to configure clients that dynamically connect to a network (WLAN configure clients that dynamically connect to a network (WLAN hotspots, customer networks, ...). The CERT informed us about a buffer overflow in the logging code of the server that can be triggered by [More...]
Subversion is a version control system like the well known CVS. Subversion is a version control system like the well known CVS. The subversion code is vulnerable to a remotely exploitable buffer The subversion code is vulnerable to a remotely exploitable buffer overflow on the heap. The bug appears before any authentication took place. An attacker is able to execute arbitray code by abusing [More...]
The Linux kernel is vulnerable to a local denial-of-service attack. By using a C program it is possible to trigger a floating point exception that puts the kernel into an unusable state. To execute this attack a malicious user needs shell access to the victim's machine. The severity of this bug is considered low because local denial-of- service attacks are hard to prevent in general. Addit [More...]
Squid is a feature-rich web-proxy with support for various web-related Squid is a feature-rich web-proxy with support for various web-related protocols. protocols. The NTLM authentication helper application of Squid is vulnerable to a buffer overflow that can be exploited remotely by using a long password to execute arbitrary code. NTLM authentication is enabled by default in the Squid pac [More...]
The Concurrent Versions System (CVS) offers tools which allow developers The Concurrent Versions System (CVS) offers tools which allow developers to share and maintain large software projects. to share and maintain large software projects. Various remotely exploitable conditions have been found during a source code review of CVS done by Stefan Esser and Sebastian Krahmer (SuSE Security-Team) [More...]
The kdelibs3 (kdelibs for SLES7 based products) package is a core package The kdelibs3 (kdelibs for SLES7 based products) package is a core package for the K desktop environment (KDE). The URI handler of the kdelibs3 for the K desktop environment (KDE). The URI handler of the kdelibs3 and kdelibs class library contains a flaw which allows remote attackers to create arbitrary files as the use [More...]
The Concurrent Versions System (CVS) offers tools which allow developers The Concurrent Versions System (CVS) offers tools which allow developers to share and maintain large software projects. to share and maintain large software projects. Stefan Esser reported buffer overflow conditions within the cvs program. They allow remote attackers to execute arbitrary code as the user the cvs server [More...]
The Midnight Commander (mc) is a file manager for the console. The Midnight Commander (mc) is a file manager for the console. The mc code is vulnerable to several security related bugs like buffer The mc code is vulnerable to several security related bugs like buffer overflows, incorrect format string handling and insecure usage of temporary files. These bugs can be exploited by local users [More...]
The freshly released SUSE LINUX 9.1 comes in two variants:* SUSE LINUX 9.1 Professional (5 CD-ROMs, 2 double sided DVDs, printed manuals, for Intel i386 32Bit platform and 1 DVD for the AMD 64Bit platform) * SUSE LINUX 9.1 Personal (2 CD-ROMs: 1 installable CD-ROM, 1 Live CD-ROM for running SUSE LINUX on your PC without actually installing the system.)This SUSE Security Announcement targets the [More...]
Various vulnerabilities have been fixed in the newly available kernel Various vulnerabilities have been fixed in the newly available kernel updates. The updates consist of fixes for the following vulnerabilities: updates. The updates consist of fixes for the following vulnerabilities: - The do_fork() memory leak, which could lead to a local DoS attack.All kernels except for SLES7 are affected [More...]
The Concurrent Versions System (CVS) offers tools which allow developers The Concurrent Versions System (CVS) offers tools which allow developers to share and maintain large software projects. to share and maintain large software projects. During the analyzation of the CVS protocol and their implementation, the SuSE Security Team discovered a flaw within the handling of pathnames. Evil CVS s [More...]
iDEFENSE Inc. informed us about a buffer overflow in the linux 2.4 iDEFENSE Inc. informed us about a buffer overflow in the linux 2.4 kernel code which handles ISO9660 filesystems. The original code is not kernel code which handles ISO9660 filesystems. The original code is not able to handle very long symlink names. The vulnerability can be triggered locally by mounting removable media that [More...]
OpenSSL is an implementation of the Secure Socket Layer (SSL v2/3) OpenSSL is an implementation of the Secure Socket Layer (SSL v2/3) and Transport Layer Security (TLS v1) protocol. and Transport Layer Security (TLS v1) protocol. The NISCC informed us about to failure conditions in openssl that can be triggered to crash applications that use the openssl library. The first bug occurs during [More...]
XFree86 is an open-source X Window System implementation that acts XFree86 is an open-source X Window System implementation that acts as a client-server-based API between different hardware components as a client-server-based API between different hardware components like display, mouse, keyboard and so on. Several buffer overflows were found in the fontfile code that handles a user-supplie [More...]
Another bug in the Kernel's do_mremap() function, which is unrelated to Another bug in the Kernel's do_mremap() function, which is unrelated to the bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz. the bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz. The do_mremap() function of the Linux Kernel is used to manage Virtual Memory Areas (VMAs) which includes moving, removing a [More...]
Gaim is a multi-protocol instant-messaging client. Stefan Esser found Gaim is a multi-protocol instant-messaging client. Stefan Esser found 12 vulnerabilities in gaim that can lead to a remote system compromise 12 vulnerabilities in gaim that can lead to a remote system compromise with the privileges of the user running GAIM. The GAIM package that SUSE LINUX ships is affected by just two of [More...]
The do_mremap() function of the Linux Kernel is used to manage The do_mremap() function of the Linux Kernel is used to manage (move, resize) Virtual Memory Areas (VMAs). By exploiting an incorrect (move, resize) Virtual Memory Areas (VMAs). By exploiting an incorrect bounds check in do_mremap() during the remapping of memory it is possible to create a VMA with the size of 0. In normal opera [More...]
Tcpdump is a well known tool for administrators to analyze network Tcpdump is a well known tool for administrators to analyze network traffic. traffic. There is a bug in the tcpdump code responsible for handling ISAKMP messages. This bug allows remote attackers to destroy a current tcpdump session by tricking the tcpdump program with evil ISAKMP messages to enter an endless loop.
