These updates fix a potential buffer overflow which can occurwhen nss_ldap is set to configure itself using information stored in DNS,a format string bug in logging functions used in pam_ldap, and to properlyhandle truncated DNS responses.
A local buffer overflow was found in gv version 3.5.8 and earlier. ggv versions 1.0.2 and earlier contain code derived from gv and therefore have the same vulnerability. An attacker can create a carefully crafted malformed PDF or PostScript file in such a way that when that file is viewed arbitrary commands can be executed.
A read buffer overflow vulnerability exists in the glibc resolver code in versions of glibc up to and including 2.2.5. The vulnerability is triggered by DNS packets larger than 1024 bytes and can cause applications to crash.
Versions of gaim prior to 0.59.1 contain a bug in the URL handler of the manual browser option. A link can be carefully crafted to contain an arbitrary shell script which will be executed if the user clicks on the link.
It was found that the PXE server could be crashed using DHCP packets from some Voice Over IP (VOIP) phones. This bug could be used to cause a denial of service attack on remote systems by using malicious packets.
Ethereal is a package designed for monitoring network traffic on your system. Several security issues have been found in the Ethereal packages distributed with Red Hat Linux 7.2 and 7.3.
Mailman versions prior to 2.0.12 contain a cross-site scriptingvulnerability in the processing of invalid requests to edit a subscriber'slist subscription options.
This kernel update also fixes a difficult to trigger race inthe dcache (filesystem cache) code, as well as some potential securityholes, although we are not currently aware of any exploits.
Bugzilla is a bug-tracking system from mozilla.org. There are approximately 9 vulnerabilities with Bugzilla. All users of Bugzilla are advised to upgrade to these errata packages containing Bugzilla version 2.14.3 which is not vulnerable to these issues.
PHP versions 4.0.5 through 4.1.0 in safe mode do not properly cleanse the 5th parameter to the mail() function. This vulnerability allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
Versions of libpng prior to 1.0.14 contain a buffer overflow in the progressive reader when the PNG datastream contains more IDAT data than indicated by the IHDR chunk. Such deliberately malformed datastreams would crash applications that are linked to libpng and that use the progressive reading feature.
A heap overflow vulnerability exists in krb5. It is believed that the attacker needs to be able to authenticate to the kadmin daemon for this attack to be successful.
Various versions of the ISC BIND resolver libraries are vulnerable to abuffer overflow attack. Updated BIND packages are now available to fixthis issue.
Updated OpenSSL packages are available for Red Hat Linux 6.2, 7, 7.1, 7.2,and 7.3. These updates fix multiple protocol parsing bugs which may be usedin a denial of service (DoS) attack or cause SSL-enabled applications to crash.
