The Linux kernel is vulnerable to a local denial-of-service attack. By using a C program it is possible to trigger a floating point exception that puts the kernel into an unusable state. To execute this attack a malicious user needs shell access to the victim's machine. The severity of this bug is considered low because local denial-of- service attacks are hard to prevent in general. Addit [More...]
Squid is a feature-rich web-proxy with support for various web-related Squid is a feature-rich web-proxy with support for various web-related protocols. protocols. The NTLM authentication helper application of Squid is vulnerable to a buffer overflow that can be exploited remotely by using a long password to execute arbitrary code. NTLM authentication is enabled by default in the Squid pac [More...]
The Concurrent Versions System (CVS) offers tools which allow developers The Concurrent Versions System (CVS) offers tools which allow developers to share and maintain large software projects. to share and maintain large software projects. Various remotely exploitable conditions have been found during a source code review of CVS done by Stefan Esser and Sebastian Krahmer (SuSE Security-Team) [More...]
The kdelibs3 (kdelibs for SLES7 based products) package is a core package The kdelibs3 (kdelibs for SLES7 based products) package is a core package for the K desktop environment (KDE). The URI handler of the kdelibs3 for the K desktop environment (KDE). The URI handler of the kdelibs3 and kdelibs class library contains a flaw which allows remote attackers to create arbitrary files as the use [More...]
The Concurrent Versions System (CVS) offers tools which allow developers The Concurrent Versions System (CVS) offers tools which allow developers to share and maintain large software projects. to share and maintain large software projects. Stefan Esser reported buffer overflow conditions within the cvs program. They allow remote attackers to execute arbitrary code as the user the cvs server [More...]
The Midnight Commander (mc) is a file manager for the console. The Midnight Commander (mc) is a file manager for the console. The mc code is vulnerable to several security related bugs like buffer The mc code is vulnerable to several security related bugs like buffer overflows, incorrect format string handling and insecure usage of temporary files. These bugs can be exploited by local users [More...]
The freshly released SUSE LINUX 9.1 comes in two variants:* SUSE LINUX 9.1 Professional (5 CD-ROMs, 2 double sided DVDs, printed manuals, for Intel i386 32Bit platform and 1 DVD for the AMD 64Bit platform) * SUSE LINUX 9.1 Personal (2 CD-ROMs: 1 installable CD-ROM, 1 Live CD-ROM for running SUSE LINUX on your PC without actually installing the system.)This SUSE Security Announcement targets the [More...]
Various vulnerabilities have been fixed in the newly available kernel Various vulnerabilities have been fixed in the newly available kernel updates. The updates consist of fixes for the following vulnerabilities: updates. The updates consist of fixes for the following vulnerabilities: - The do_fork() memory leak, which could lead to a local DoS attack.All kernels except for SLES7 are affected [More...]
The Concurrent Versions System (CVS) offers tools which allow developers The Concurrent Versions System (CVS) offers tools which allow developers to share and maintain large software projects. to share and maintain large software projects. During the analyzation of the CVS protocol and their implementation, the SuSE Security Team discovered a flaw within the handling of pathnames. Evil CVS s [More...]
iDEFENSE Inc. informed us about a buffer overflow in the linux 2.4 iDEFENSE Inc. informed us about a buffer overflow in the linux 2.4 kernel code which handles ISO9660 filesystems. The original code is not kernel code which handles ISO9660 filesystems. The original code is not able to handle very long symlink names. The vulnerability can be triggered locally by mounting removable media that [More...]
OpenSSL is an implementation of the Secure Socket Layer (SSL v2/3) OpenSSL is an implementation of the Secure Socket Layer (SSL v2/3) and Transport Layer Security (TLS v1) protocol. and Transport Layer Security (TLS v1) protocol. The NISCC informed us about to failure conditions in openssl that can be triggered to crash applications that use the openssl library. The first bug occurs during [More...]
XFree86 is an open-source X Window System implementation that acts XFree86 is an open-source X Window System implementation that acts as a client-server-based API between different hardware components as a client-server-based API between different hardware components like display, mouse, keyboard and so on. Several buffer overflows were found in the fontfile code that handles a user-supplie [More...]
Another bug in the Kernel's do_mremap() function, which is unrelated to Another bug in the Kernel's do_mremap() function, which is unrelated to the bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz. the bug fixed in SuSE-SA:2004:001, was found by Paul Starzetz. The do_mremap() function of the Linux Kernel is used to manage Virtual Memory Areas (VMAs) which includes moving, removing a [More...]
Gaim is a multi-protocol instant-messaging client. Stefan Esser found Gaim is a multi-protocol instant-messaging client. Stefan Esser found 12 vulnerabilities in gaim that can lead to a remote system compromise 12 vulnerabilities in gaim that can lead to a remote system compromise with the privileges of the user running GAIM. The GAIM package that SUSE LINUX ships is affected by just two of [More...]
The do_mremap() function of the Linux Kernel is used to manage The do_mremap() function of the Linux Kernel is used to manage (move, resize) Virtual Memory Areas (VMAs). By exploiting an incorrect (move, resize) Virtual Memory Areas (VMAs). By exploiting an incorrect bounds check in do_mremap() during the remapping of memory it is possible to create a VMA with the size of 0. In normal opera [More...]
Tcpdump is a well known tool for administrators to analyze network Tcpdump is a well known tool for administrators to analyze network traffic. traffic. There is a bug in the tcpdump code responsible for handling ISAKMP messages. This bug allows remote attackers to destroy a current tcpdump session by tricking the tcpdump program with evil ISAKMP messages to enter an endless loop.
The do_mremap() function of the Linux Kernel is used to manage The do_mremap() function of the Linux Kernel is used to manage (move, resize) Virtual Memory Areas (VMAs). By exploiting an incorrect (move, resize) Virtual Memory Areas (VMAs). By exploiting an incorrect bounds check in do_mremap() during the remapping of memory it is [More...]
The the flexible and powerful FTP command-line client lftp is vulnerable The the flexible and powerful FTP command-line client lftp is vulnerable to two remote buffer overflows. to two remote buffer overflows. When using lftp via HTTP or HTTPS to execute commands like 'ls' or 'rels' [More...]
The rsync suite provides client and server tools to easily support an The rsync suite provides client and server tools to easily support an administrator keeping the files of different machines in sync. administrator keeping the files of different machines in sync. In most private networks the rsync client tool is used via SSH to fulfill [More...]
This security update fixes a serious vulnerability in the Linux This security update fixes a serious vulnerability in the Linux kernel. A missing bounds check in the brk() system call allowed kernel. A missing bounds check in the brk() system call allowed processes to request memory beyond the maximum size allowed for tasks, causing kernel memory to be mapped into the process' address spac [More...]
