Advisory: Gentoo Essential and Critical Security Patch Updates
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
socat contains a format string vulnerability that can potentially lead to remote or local execution of arbitrary code with the privileges of the socat process. [More...]
The etc2ps.sh script, included in the Netatalk package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility. [More...]
The send-pr.sh script, included in the mit-krb5 package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility. [More...]
Multiple vulnerabilities have been found in Gaim which could allow a remote attacker to crash the application, or possibly execute arbitrary code. [More...]
Several vulnerabilities including privilege abuse, Denial of Service, and potentially remote arbitrary code execution have been discovered in MySQL. [More...]
In certain configurations, it can be possible to bypass restrictions set by the "SSLCipherSuite" directive of mod_ssl.
The catchsegv script in the glibc package is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the script. [More...]
Multiple scripts in the Ghostscript package are vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the script. [More...]
OpenOffice.org uses insecure temporary files which could allow a malicious local user to gain knowledge of sensitive information from other users' documents. [More...]
The make_oidjoins_check script, part of the PostgreSQL package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility. [More...]
Squid contains a vulnerability in the SNMP module which may lead to a denial of service.
A vulnerability has been found in the MIME-based transformation system of phpMyAdmin, which may allow remote execution of arbitrary commands if PHP's "safe mode" is disabled. [More...]
BNC contains an input validation flaw which might allow a remote attacker to issue arbitrary IRC related commands.
Multiple heap-based overflows have been found in the tiff library image decoding routines, potentially allowing to execute arbitrary code with the rights of the user viewing a malicious image. [More...]
The gettext utility is vulnerable to symlink attacks, potentially allowing a local user to overwrite or change permissions on arbitrary files with the rights of the user running gettext, which could be the root user. [More...]
Multiple vulnerabilities have been discovered in libXpm, which is included in LessTif, that can potentially lead to remote code execution. [More...]
compress and uncompress, which could be used by daemon programs, contain a buffer overflow that could lead to remote execution of arbitrary code with the rights of the daemon process. [More...]
The ed utility is vulnerable to symlink attacks, potentially allowing a local user to overwrite or change rights on arbitrary files with the rights of the user running ed, which could be the root user. [More...]
CUPS leaks information about user names and passwords when using remote printing to SMB-shared printers which require authentication.
Cyrus-SASL contains two vulnerabilities that might allow an attacker to completely compromise the vulnerable system.