SuSE Linux Distribution - Page 97.75

Find the information you need for your favorite open source distribution .

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-026: foomatic-filters shellcode injection Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A bug in cupsomatic/foomatic-filters that allowed remote printer A bug in cupsomatic/foomatic-filters that allowed remote printer users to execute arbitrary commands with the UID of the printer users to execute arbitrary commands with the UID of the printer daemon has been fixed (CVE-2004-0801). While the same problem was fixed in earlier products, the fix got lost during package upgrade of fooma [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-025: cyrus-sasl-digestmd5 denial of service attack Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

If a server or client is using DIGEST-MD5 authentication via the cyrus-sasl If a server or client is using DIGEST-MD5 authentication via the cyrus-sasl libraries it is possible to cause a denial of service attack against the other libraries it is possible to cause a denial of service attack against the other side (client or server) by leaving out the "realm=" header in the authentication. This is [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-024: php4,php5 various security problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update fixes the following security issues in the scripting languages This update fixes the following security issues in the scripting languages PHP4 and PHP5: PHP4 and PHP5: - copy() and tempnam() functions could bypass open_basedir restrictions (CVE-2006-1494) - Cross-Site-Scripting (XSS) bug in phpinfo() (CVE-2006-0996) - mb_send_mail() lacked safe_mode checks (CVE-2006-1014, CVE-2006-101 [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-023: xorg-x11-server Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Miscalculation of a buffer size in the X Render extension of the Miscalculation of a buffer size in the X Render extension of the X.Org X11 server could potentially be exploited by users to cause a X.Org X11 server could potentially be exploited by users to cause a buffer overflow and run code with elevated privileges. 2) Solution or Work-Around

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-021: Mozilla Firefox, Mozilla Suite various problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A number of security issues have been fixed in the Mozilla browser A number of security issues have been fixed in the Mozilla browser suite and the Mozilla Firefox browser. suite and the Mozilla Firefox browser. These problems could be used by remote attackers to gain privileges, gain access to confidential information or to cause denial of service attacks. The updates of the Firefox packages bri [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-020: clamav various problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Clamav was updated to version 0.88.1 to fix the following security Clamav was updated to version 0.88.1 to fix the following security problems: problems: - An integer overflow in the PE header parser (CVE-2006-1614). - Format string bugs in the logging code could potentially beexploited to execute arbitrary code (CVE-2006-1615).

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-019: freeradius authentication bypass Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Insufficient input validation was being done in the EAP-MSCHAPv2 Insufficient input validation was being done in the EAP-MSCHAPv2 state machine of the FreeRADIUS authentication server. state machine of the FreeRADIUS authentication server. A malicious attacker could manipulate their EAP-MSCHAPv2 client state machine to potentially convince the server to bypass authentication checks. This bypassin [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-018: RealPlayer security problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update fixes the following security problems in Realplayer: This update fixes the following security problems in Realplayer: - Specially crafted SWF files could cause a buffer overflow andcrash RealPlayer (CVE-2006-0323). - Specially crafted web sites could cause heap overflow and lead toexecuting arbitrary code (CVE-2005-2922). This was already fixedwith the previously released 1.0.6 versi [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-017: sendmail remote code execution Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The popular MTA sendmail is vulnerable to a race condition when handling The popular MTA sendmail is vulnerable to a race condition when handling signals. signals. Under certain circumstances this bug can be exploited by an attacker to execute commands remotely. Sendmail was the default MTA in SuSE Linux Enterprise Server 8. Later products use postfix as MTA.

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-016: xorg-x11-server local privilege escalation Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A programming flaw in the X.Org X Server allows local attackers to A programming flaw in the X.Org X Server allows local attackers to gain root access when the server is setuid root, as is the default gain root access when the server is setuid root, as is the default in SUSE Linux 10.0. This flaw was spotted by the Coverity project. Only SUSE Linux 10.0 is affected, older products do not include [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-015: flash-player buffer overflow Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A critical security vulnerability has been identified in the Adobe A critical security vulnerability has been identified in the Adobe Macromedia Flash Player that allows an attacker who successfully Macromedia Flash Player that allows an attacker who successfully exploits these vulnerabilities to take control of the application running the flash player. A malicious SWF must be loaded in the Flash [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-014: gpg signature checking problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The GNU Privacy Guard (GPG) allows crafting a message which could The GNU Privacy Guard (GPG) allows crafting a message which could check out correct using "--verify", but would extract a different, check out correct using "--verify", but would extract a different, potentially malicious content when using "-o --batch". The reason for this is that a .gpg or .asc file can contain multiple plain tex [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-013: gpg,liby2util signature checking problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This is a reissue of SUSE-SA:2006:009, after we found out that also This is a reissue of SUSE-SA:2006:009, after we found out that also gpg version < 1.4.x are affected by the signature checking problem gpg version < 1.4.x are affected by the signature checking problem of CVE-2006-0455. With certain handcraft-able signatures GPG was returning a 0 (valid signature) when used on command-line with o [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-012: kernel various security problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The Linux kernel has been updated to fix various security problems. The Linux kernel has been updated to fix various security problems. All SUSE Linux versions and products are affected, the exact affected versions are listed per entry. A SUSE Linux 10.0 kernel update was released 2 weeks ago, also fixing the issues listed in here. (SUSE Linux Enterprise Server is abbreviated as SLES, Novell Linu [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-011: heimdal Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Heimdal is a Kerberos 5 implementation from the Royal Institut of Techno- Heimdal is a Kerberos 5 implementation from the Royal Institut of Techno- logy in Stockholm. logy in Stockholm. This update fixes two bugs in heimdal. The first one occurs in the rsh daemon and allows an authenticated malicious user to gain ownership of files that belong to other users (CVE-2006-0582). The second bug affects [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-010: heimdal Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Heimdal is a Kerberos 5 implementation from the Royal Institut of Techno- Heimdal is a Kerberos 5 implementation from the Royal Institut of Techno- logy in Stockholm. logy in Stockholm. This update fixes two bugs in heimdal. The first one occurs in the rsh daemon and allows an authenticated malicious user to gain ownership of files that belong to other users (CVE-2006-0582). The second bug affects [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-010: CASA remote code execution Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This update fixes a remotely exploitable stack buffer overflow in This update fixes a remotely exploitable stack buffer overflow in the pam_micasa authentication module. the pam_micasa authentication module. Since this module is added to /etc/pam.d/sshd automatically on installation of CASA it was possible for remote attackers to gain root access to any machine with CASA installed.

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-009: gpg,liby2util signature checking problems Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With certain handcraftable signatures GPG was returning a 0 (valid With certain handcraftable signatures GPG was returning a 0 (valid signature) when used on command-line with option --verify. signature) when used on command-line with option --verify. This only affects GPG version 1.4.x, so it only affects SUSE Linux 9.3 and 10.0. Other SUSE Linux versions are not affected. This could make auto [More...]

LS Hmepg 337x500 34 Esm H200

SuSE: 2006-008: openssh Security Update

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A problem in the handling of scp in openssh could be used to execute A problem in the handling of scp in openssh could be used to execute commands on remote hosts even using a scp-only configuration. commands on remote hosts even using a scp-only configuration. This requires doing a remote-remote scp and a hostile server. (CVE-2006-0225) On SUSE Linux Enterprise Server 9 the xauth pollution prob [More...]

Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved