|
Find the information you need for your favorite open source distribution
 To browse through our weekly Linux Advisory Watch newsletters, click here.
|
|
|
Posted by Benjamin D. Thomas
|
|
Jan Pechanec discovered that ssh would forward trusted X11 cookies when
untrusted cookie generation failed. This could lead to unintended privileges
being forwarded to a remote host.
|
|
|
Posted by Benjamin D. Thomas
|
|
It was discovered that Squid did not always clean up cache memory
correctly. A remote attacker could manipulate cache update replies and
cause Squid to use all available memory, leading to a denial of service.
|
|
|
Posted by Benjamin D. Thomas
|
|
Bill Trost discovered that snmpd did not properly limit GETBULK
requests. A remote attacker could specify a large number of
max-repetitions and cause a denial of service via resource
exhaustion.
|
|
|
Posted by Benjamin D. Thomas
|
|
Wei Wang discovered that the SNMP discovery backend did not correctly
calculate the length of strings. If a user were tricked into scanning
for printers, a remote attacker could send a specially crafted packet
and possibly execute arbitrary code.
|
|
|
Posted by Benjamin D. Thomas
|
|
Jose Miguel Esparza discovered that pwlib did not correctly handle large
string lengths. A remote attacker could send specially crafted packets to
applications linked against pwlib (e.g. Ekiga) causing them to crash, leading
to a denial of service.
|
|
|
Posted by Benjamin D. Thomas
|
|
Jose Miguel Esparza discovered that certain SIP headers were not correctly
validated. A remote attacker could send a specially crafted packet to
an application linked against opal (e.g. Ekiga) causing it to crash, leading
to a denial of service.
|
|
|
Posted by Benjamin D. Thomas
|
|
Jan Oravec discovered that Tomboy did not properly setup the
LD_LIBRARY_PATH environment variable. A local attacker could
exploit this to execute arbitrary code as the user invoking
the program.
|
|
|
<< Start < Prev 157 158 159 Next > End >>
|
| Results 1100 - 1106 of 1353 |
