SuSE Essential and Critical Security Patch Updates - Page 796
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
An adversary could set SHELL to his own program to get local root access to the system by writing directly to the raw HDD device.
An remote adversary could crash gdm or execute his own code, which leads to root compromise of the system running gdm.
A method to bypass ipchains masquerading exists and an update has been issued.
aaa_base is the basic package which comes with any SuSE Linux installation. Corrections to cron scripts and default directories have been made.
kreatecd is a KDE tool used to burn cd-roms. An exploitable buffer overflow was found in this tool.
Local users may gain access to group id 0 and hence may modify files owned and writable by the gid 0.
The package ircii is an irc client which is used to connect to irc servers and chat with other users. A buffer overflow in the dcc chat feature was found which is exploitable by remote users
A vulnerability in the SuSE Linux IMAP Server - which is unrelated to the SuSE Linux Distribution (which is unaffected) - was found which allows remote users to circumvented the imap authentication.
htsearch, a CGI program which is part of htdig, doesn't do proper checking on user input.
A bug in the authentication function of mysql allows anyone who knows a valid username to successfully authenticate as that users in no more than 32 tries.
SUSE advisory states ... " A malicous user could execute commands with the privileges of the user executing make. This security hole could lead to local root compromise if root passes Makefiles to make through stdin."
A security hole was discovered in the package lprold < 3.0.48.
A security hole was discovered in the package Pine < 4.21.
The syslogd server uses a Unix Domain stream socket (/dev/log) for receiving local log messages via syslog(3). Unix Domain stream sockets are non connection-less, that means, that one process is needed to serve one client.
The thttpd web server doesn't do proper bounds checking in the date parsing function tdate_parse().
Several vulnerabilities were found within bind4 and bind8.