SuSE Essential and Critical Security Patch Updates - Page 793
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
The window manager Window Maker was found vulnerable to a buffer overflow due to improper bounds checking when setting the window title.
An adversary could insert MySQL commands along with a password and these commands will be interpreted by MySQL while mod_auth_mysql is doing the password lookup in the database. A positive authentication could be returned.
The telnet server which is shipped with SuSE distributions contains a remotely exploitable buffer-overflow within its telnet option negotiation code.
Cade Cairns of Securityfocus discovered a vulnerability in the sendmail program, the widely spread MTA used in Unix- and Unix-like systems.
Sdbsearch.cgi is Perl script which is part of the sdb package of SuSE Linux was found vulnerable by using untrustworthy client input (HTTP_REFERER)
Fetchmail is a tool for retrieving and forwarding mail. Two vulnerabilities in the code of fetchmail were found in the last weeks.
Cda, a setuid commandline part of xmcd, a X11/Motif audio CD player by Ti Kan , was found vulnerable by a link attack and some bufferoverflows.
Due to missing boundary checks in the xli code a buffer overflow could be triggered by an external attacker to execute commands on the victim's system. An exploit is publically available.
Ntping, a ping/traceroute program, is part of the Scotty package. It's failure is to read a hostname as commandline option without checking the size. This leads to a bufferoverrun, that could be used to gain root privileges
Zen-parse has reported a bug to Bugtraq which allows remote attackers to overflow a buffer in the logging routine of xinetd.
Michal Zalewski discovered that a remote attacker can write to files owned by root if the samba config file /etc/smb.conf contains the %m macro to specify the logfile for logging access to the samba server.
A format string vulnerability in versions of GnuPG before 1.0.6 has been found.
Multiple problems including a format string vulnerability and segmentation fault have been fixed.
Multiple security vulnerabilities have been found in all Linux kernels of version 2.2 before version 2.2.19. Most of the found errors allow a local attacker to gain root privileges.
The previous advisory contained incorrect pathnames and MD5 information.
During operation, the underlying SGML perlmodule creates temporary files in an insecure way.
As long as hfaxd(8c) is installed setuid root, it may be possible to gain root access locally.
When printing a whole text or selected parts of a text, nedit(1) creates a temporary file in an insecure manner. This behavior could be exploited to gain access to other users privileges, even root.
sudo(8) previous to version 1.6.3p6 is vulnerable by a buffer overflow in it's logging code, which could lead to local root compromise.