Advisory: Gentoo Essential and Critical Security Patch Updates
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
There is a negative sign bug in the unreal tournement engine.
As part of the development of GnuPG 1.2.2, a bug was discovered in the key validation code.
The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands.
Updated shadow package that contains a workarkaround for OpenSSH user identification problem.
Mediaservice.net has discovered a bug in OpenSSH that allows attackersto identify valid users on vulnerable systems.
World-writable spool directory and buffer overflow in cnd-program have been fixed. It is recommended that all Gentoo Linux users who are runningnet-dialup/mgetty upgrade to mgetty-1.1.30
A buffer overflow has been fixed in pptpd. It is recommended that all Gentoo Linux users who are runningnet-dialup/pptpd upgrade to pptpd-1.1.3.20030409
A buffer overflow vulnerability exists in Monkey's handling of formssubmitted with the POST request method. The unchecked buffer lies in thePostMethod() procedure.
The Snort stream4 preprocessor (spp_stream4) incorrectlycalculates segment size parameters during stream reassembly for certainsequence number ranges which can lead to an integer overflow that can beexpanded to a heap overflow.
KDE uses Ghostscript software for processing of PostScript (PS) and PDF files in a way that allows for the execution of arbitrary commands that can be contained in such files.
KDE uses Ghostscript software for processing of PostScript (PS) and PDF files in a way that allows for the execution of arbitrary commands that can be contained in such files.
KDE uses Ghostscript software for processing of PostScript (PS) and PDF files in a way that allows for the execution of arbitrary commands that can be contained in such files.
An attacker can prepare a malicious PostScript or PDF file which will provide the attacker with access to the victim's account and privileges.
KDE uses Ghostscript software for processing of PostScript (PS) and PDF files in a way that allows for the execution of arbitrary commands that can be contained in such files.
There is a buffer overflow in the server responds handler of seti at home.
An anonymous user can gain remote root access due to a buffer overflow caused by a StrnCpy() into a char array (fname) using a non-constant length (namelen).
Remote exploitation of a memory leak in the Apache HTTP Server causes the daemon to over utilize system resources on an affected system.
The xdrmem_getbytes() function in the XDR library provided by Sun Microsystems contains an integer overflow.