LinuxSecurity.com - Security Advisories http://www.linuxsecurity.com/ The central voice for Linux and Open Source security news. en-us update-rss-feeds.pl (1.01) Gentoo: InspIRCd Denial of Service http://www.linuxsecurity.com/content/view/136736?rdf Fri, 09 May 2008 10:33:00 +0000 <b>LinuxSecurity.com</b>: A buffer overflow in InspIRCd allows remote attackers to cause a Denial of Service. http://www.linuxsecurity.com/content/view/136736?rdf LinuxSecurity.com Gentoo: Linux Terminal Server Project Multiple vulnerabilities http://www.linuxsecurity.com/content/view/136735?rdf Fri, 09 May 2008 10:27:00 +0000 <b>LinuxSecurity.com</b>: Multiple vulnerabilities have been discovered in components shipped with LTSP which allow remote attackers to compromise terminal clients. http://www.linuxsecurity.com/content/view/136735?rdf LinuxSecurity.com Gentoo: Firebird Data disclosure http://www.linuxsecurity.com/content/view/136734?rdf Fri, 09 May 2008 10:12:00 +0000 <b>LinuxSecurity.com</b>: Firebird allows remote connections to the administrative account without verifying credentials. http://www.linuxsecurity.com/content/view/136734?rdf LinuxSecurity.com Mandriva: Updated hal-info package fixes resume issue http://www.linuxsecurity.com/content/view/136731?rdf Thu, 08 May 2008 21:59:00 +0000 <b>LinuxSecurity.com</b>: An updated hal-info package fixes resume from suspend to RAM on HP 6710b systems. It had previously failed with a black screen on Mandriva Linux 2008.0. http://www.linuxsecurity.com/content/view/136731?rdf LinuxSecurity.com Mandriva: Updated ImageMagick packages fix vulnerabilities http://www.linuxsecurity.com/content/view/136729?rdf Thu, 08 May 2008 19:46:00 +0000 <b>LinuxSecurity.com</b>: A heap-based buffer overflow vulnerability was found in how ImageMagick parsed XCF files. If ImageMagick opened a specially-crafted XCF file, it could be made to overwrite heap memory beyond the bounds of its allocated memory, potentially allowing an attacker to execute arbitrary code on the system running ImageMagick (CVE-2008-1096). http://www.linuxsecurity.com/content/view/136729?rdf LinuxSecurity.com Ubuntu: GStreamer Good Plugins vulnerability http://www.linuxsecurity.com/content/view/136728?rdf Thu, 08 May 2008 18:03:00 +0000 <b>LinuxSecurity.com</b>: It was discovered that Speex did not properly validate its input when processing Speex file headers. If a user or automated system were tricked into opening a specially crafted Speex file, an attacker could create a denial of service in applications linked against Speex or possibly execute arbitrary code as the user invoking the program. http://www.linuxsecurity.com/content/view/136728?rdf LinuxSecurity.com