SuSE Essential and Critical Security Patch Updates - Page 778
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
To resolve IP addresses to host and domain names and vice versa the To resolve IP addresses to host and domain names and vice versa the DNS service needs to be consulted. The most popular DNS software is DNS service needs to be consulted. The most popular DNS software is the BIND8 and BIND9 suite. The BIND8 code is vulnerable to a remote denial-of-service attack by poisoning the cache with a [More...]
The sane (Scanner Access Now Easy) package provides access to scanners The sane (Scanner Access Now Easy) package provides access to scanners either locally or remotely over the network. either locally or remotely over the network. Several bugs in sane were fixed to avoid remote denial-of-service attacks. These attacks can even be executed if the remote attacker is not allowed to access th [More...]
Hylafax is an Open Source fax server which allows sharing of fax Hylafax is an Open Source fax server which allows sharing of fax equipment among computers by offering its service to clients by equipment among computers by offering its service to clients by a protocol similar to FTP. The SuSE Security Team found a format bug condition during a code review of the hfaxd server. It allows remo [More...]
Two vulnerabilities were found in the "tiny" web-server thttpd. Two vulnerabilities were found in the "tiny" web-server thttpd. The first bug is a buffer overflow that can be exploited remotely The first bug is a buffer overflow that can be exploited remotely to overwrite the EBP register of the stack. Due to memory-alignment of the stack done by gcc 3.x this bug can not be exploited. All th [More...]
While checking the openssl implementation with a tool-kit from NISCC several errors were revealed most are ASN.1 encoding issues that causes a remote denial-of-service attack on the server side and possibly lead to remote command execution.
A remotely exploitable buffer overflow within the authentication code of MySQL has been reported.
There are buffer overflow vulnerabilities that allow attackers to execute arbitrary code as root on un-patched systems.
A remotely exploitable buffer overflow has been found in all versions of sendmail that come with SuSE products. These versions include sendmail-8.11 and sendmail-8.12 releases.
A programming error has been found in code responsible for buffer management.
A programming error has been found in code responsible for buffer management. If exploited by a (remote) attacker, the error may lead to unauthorized access to the system, allowing the execution of arbitrary commands.
The well known and widely used mail client pine is vulnerable to a buffer overflow. The vulnerability exists in the code processing 'message/external-body' type messages.
Dave Airlie informed us about a bug in the authentication code of pam_smb that allows a remote attacker to gain access to a system using pam_smb by issuing a too long password string.
When sendmail receives an invalid DNS response it tries to call free on random data which results in a process crash.
Michal Zalewski has reported problems in postfix which can lead to a remote DoS attack or allow attackers to bounce-scan private networks.
There is a single byte buffer overflow in the WU ftp daemon (wuftpd), a widely used ftp server for Linux-like systems.
There is an off-by-one bug in the xlog() function used by the rpc.mountd. It is possible for remote attackers to use this off-by-one overflow to execute arbitrary code as root.
radiusd-cistron contains a bug allowing a buffer overflow when a long NAS-Port attribute is received.
The PPTP daemon contains a remotely exploitable buffer overflow which was introduced due to a integer overflow in the third argument passed to the read() library call. This bug has been fixed.
The CUPS daemon will stop serving clients if the second carriage return in a request is not sent to complete the header.