SuSE Essential and Critical Security Patch Updates - Page 789
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
This bug can be exploited remotely by an attacker to stop the use of tcpdump for analyzing network traffic for signs of security breaches or alike. Another bug may lead to system compromise due to the handling of malformed NFS packets send by an attacker.
This buffer overflow can be exploited by a local user, if the printer system is set up correctly, to gain root privileges. lprold is installed as default package and has the setuid bit set.
Updated Sendmail packages are available to fix a vulnerability thatmay allow remote attackers to gain root privileges by sending acarefully crafted message.
A security weakness has been found, known as "Vaudenay timing attack on CBC"
Under some special circumstances a buffer overflow can be triggered in mod_php4's wordwrap() function.
Some SQL-injection vulnerabilities were found in IMP 2.x that allow an attacker to access the underlying database.
An attacker with CVS read access to compromise a CVS server. Additionally two features ('Update-prog' and 'Checkin-prog') were disabled to stop clients with write access to execute arbitrary code on the server.
The ISC (Internet Software Consortium) dhcp package is an implementation of the Dynamic Host Configuration Protocol (DHCP).
Remote attackers can insert certain characters in CGI queries to the susehelp system tricking it into executing arbitrary code as the "wwwrun" user.
Due to wrong calculation of some loop offset values a buffer overflow can occur.
Within the MySQL server the password checking and a signedness issue has been fixed.
There are several security issues with CUPS that can lead to local and remote root compromise.
Stefan Esser of e-matters reported a bug in fetchmail's mail address expanding code which can lead to remote system compromise.
The cyrus imapd contains a buffer overflow which could be exploited by remote attackers prior to logging in.
Multiple buffer overflow vulnerabilities exist in OpenLDAP2.
While parsing and escaping characters of eMail addresses pine does not allocate enough memory for storing the escaped mailbox part of an address.
There was a bug in the length checking for encrypted password change requests from clients.
The security research company ISS (Internet Security Services) has discovered several vulnerabilities in the BIND8 name server, including a remotely exploitable buffer overflow.