Jump to content

paul

Admin
 View Profile  See their activity

  • Posts

    5611

  • Joined

  • Last visited

  • Days Won

    8

 Content Type 

Posts posted by paul

  5. Advisories MDVSA-2010:110: clamav

    in Mandriva Security Advisories

    Posted

    Multiple vulnerabilities was discovered and fixed in clamav:

     

    The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows

    remote attackers to cause a denial of service (crash) via a malformed

    PDF file, related to an inconsistency in the calculated stream length

    and the real stream length (CVE-2010-1639).

     

    Off-by-one error in the parseicon function in libclamav/pe_icons.c

    in ClamAV 0.96 allows remote attackers to cause a denial of service

    (crash) via a crafted PE icon that triggers an out-of-bounds read,

    related to improper rounding during scaling (CVE-2010-1640).

     

    Packages for 2008.0 and 2009.0 are provided as of the Extended

    Maintenance Program. Please visit this link to learn more:

    http://store.mandriva.com/product_info.php?cPath=149&products_id=490

     

    This update provides clamav 0.96.1 which is not vulnerable to these

    issues.

  6. Advisories MDVSA-2010:109: gtk+2.0

    in Mandriva Security Advisories

    Posted

    A vulnerability was discovered and fixed in gtk+2.0:

     

    gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver

    before 2.28.1, performs implicit paints on windows of type

    GDK_WINDOW_FOREIGN, which triggers an X error in certain circumstances

    and consequently allows physically proximate attackers to bypass

    screen locking and access an unattended workstation by pressing the

    Enter key many times (CVE-2010-0732).

     

    Packages for 2008.0 and 2009.0 are provided as of the Extended

    Maintenance Program. Please visit this link to learn more:

    http://store.mandriva.com/product_info.php?cPath=149&products_id=490

     

    This update fixes this issue.

  7. Advisories MDVSA-2010:108: kolab-horde-framework

    in Mandriva Security Advisories

    Posted

    A vulnerability was discovered and fixed in kolab-horde-framework:

     

    Unspecified vulnerability in Kolab Webclient before 1.2.0 in Kolab

    Server before 2.2.3 allows attackers to have an unspecified impact

    via vectors related to an image upload form. (CVE-2009-4824).

     

    Packages for 2008.0 and 2009.0 are provided as of the Extended

    Maintenance Program. Please visit this link to learn more:

    http://store.mandriva.com/product_info.php?cPath=149&products_id=490

     

    This update fixes this issue.

  8. Advisories MDVSA-2010:107: mysql

    in Mandriva Security Advisories

    Posted

    Multiple vulnerabilities has been found and corrected in mysql:

     

    The server failed to check the table name argument of a COM_FIELD_LIST

    command packet for validity and compliance to acceptable table name

    standards. This could be exploited to bypass almost all forms of

    checks for privileges and table-level grants by providing a specially

    crafted table name argument to COM_FIELD_LIST (CVE-2010-1848).

     

    The server could be tricked into reading packets indefinitely if

    it received a packet larger than the maximum size of one packet

    CVE-2010-1849).

     

    The server was susceptible to a buffer-overflow attack due to a

    failure to perform bounds checking on the table name argument of a

    COM_FIELD_LIST command packet. By sending long data for the table name,

    a buffer is overflown, which could be exploited by an authenticated

    user to inject malicious code (CVE-2010-1850).

     

    Packages for 2008.0 and 2009.0 are provided as of the Extended

    Maintenance Program.

    Please visit this link to learn more:

    http://store.mandriva.com/product_info.php?cPath=149&products_id=490

     

    The updated packages have been patched to correct these issues.

  9. Advisories MDVSA-2010:106: aria2

    in Mandriva Security Advisories

    Posted

    A vulnerability was discovered in aria2 which allows remote attackers

    to create arbitrary files via directory traversal sequences in the

    name attribute of a file element in a metalink file (CVE-2010-1512).

     

    This update fixes this issue.

     

    Packages for 2009.0 are provided as of the Extended Maintenance

    Program.

    Please visit this link to learn more:

    http://store.mandriva.com/product_info.php?cPath=149&products_id=490

  10. Advisories MDVSA-2010:105: openoffice.org

    in Mandriva Security Advisories

    Posted

    This updates provides a new OpenOffice.org version 3.1.1. It holds

    security and bug fixes described as follow:

     

    An integer underflow might allow remote attackers to execute arbitrary

    code via crafted records in the document table of a Word document,

    leading to a heap-based buffer overflow (CVE-2009-0200).

     

    A heap-based buffer overflow might allow remote attackers to execute

    arbitrary code via unspecified records in a crafted Word document,

    related to table parsing (CVE-2009-0201).

     

    A heap-based buffer overflow allows remote attackers to execute

    arbitrary code via a crafted EMF file (CVE-2009-2139).

     

    Multiple heap-based buffer overflows allow remote attackers to execute

    arbitrary code via a crafted EMF+ file (CVE-2009-2140).

     

    OpenOffice's xmlsec uses a bundled Libtool which might load .la

    file in the current working directory allowing local users to gain

    privileges via a Trojan horse file. For enabling such vulnerability

    xmlsec has to use --enable-crypto_dl building flag however it does

    not, although the fix keeps protected against this threat whenever

    that flag had been enabled (CVE-2009-3736).

     

    Addittionaly this update provides following bug fixes:

     

    OpenOffice.org is not properly configure to use the xdg-email

    functionality of the FreeDesktop standard (#52195).

     

    Template desktop icons are not properly set up then they are not

    presented under the context menu of applications like Dolphin (#56439).

     

    libia_ora-gnome is added as suggest as long as that package is needed

    for a better look (#57385#c28).

     

    It is enabled a fallback logic to properly select an OpenOffice.org

    style whenever one is set up but that is not installed (#57530#c1,

    #53284, #45133, #39043)

     

    It is enabled the Firefox plugin for viewing OpenOffice.org documents

    inside browser.

     

    Further packages were provided to supply OpenOffice.org. 3.1.1

    dependencies.

  12. Advisories MDVSA-2010:104: dovecot

    in Mandriva Security Advisories

    Posted

    A vulnerability was discovered and corrected in dovecot:

     

    Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows

    remote attackers to cause a denial of service (CPU consumption)

    via long headers in an e-mail message (CVE-2010-0745).

     

    This update provides dovecot 1.2.11 which is not vulnerable to this

    issue and also holds many bugfixes as well.

  13. Advisories MDVSA-2010:103: postgresql

    in Mandriva Security Advisories

    Posted

    Multiple vulnerabilities was discovered and corrected in postgresql:

     

    The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL

    8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users

    to cause a denial of service (daemon crash) or have unspecified

    other impact via vectors involving a negative integer in the third

    argument, as demonstrated by a SELECT statement that contains a

    call to the substring function for a bit string, related to an

    overflow. (CVE-2010-0442).

     

    A flaw was found in the way the PostgreSQL server process

    enforced permission checks on scripts written in PL/Perl. A remote,

    authenticated user, running a specially-crafted PL/Perl script, could

    use this flaw to bypass PL/Perl trusted mode restrictions, allowing

    them to obtain sensitive information; execute arbitrary Perl scripts;

    or cause a denial of service (remove protected, sensitive data)

    (CVE-2010-1169).

     

    The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0

    before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before

    8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2 loads

    Tcl code from the pltcl_modules table regardless of the table's

    ownership and permissions, which allows remote authenticated users,

    with database-creation privileges, to execute arbitrary Tcl code by

    creating this table and inserting a crafted Tcl script (CVE-2010-1170).

     

    PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21,

    8.2 before 8.2.17, 8.3 before 8.3.11, and 8.4 before 8.4.4 does not

    properly check privileges during certain RESET ALL operations, which

    allows remote authenticated users to remove arbitrary parameter

    settings via a (1) ALTER USER or (2) ALTER DATABASE statement

    (CVE-2010-1975).

     

    Packages for 2008.0 and 2009.0 are provided as of the Extended

    Maintenance Program.

    Please visit this link to learn more:

    http://store.mandriva.com/product_info.php?cPath=149&products_id=490

     

    This update provides a solution to these vulnerabilities.

  15. Advisories MDVSA-2010:082-1: clamav

    in Mandriva Security Advisories

    Posted

    Multiple vulnerabilities has been found and corrected in clamav:

     

    ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file

    formats, which allows remote attackers to bypass virus detection via

    a crafted archive that is compatible with standard archive utilities

    (CVE-2010-0098).

     

    The qtm_decompress function in libclamav/mspack.c in ClamAV before

    0.96 allows remote attackers to cause a denial of service (memory

    corruption and application crash) via a crafted CAB archive that uses

    the Quantum (aka .Q) compression format. NOTE: some of these details

    are obtained from third party information (CVE-2010-1311).

     

    This update provides clamav 0.96, which is not vulnerable to these

    issues.

     

    Update:

     

    Packages for 2009.0 are provided due to the Extended Maintenance

    Program.

  16. Advisories MDVSA-2010:102: ghostscript

    in Mandriva Security Advisories

    Posted

    A vulnerability has been found and corrected in ghostscript:

     

    Stack-based buffer overflow in the parser function in GhostScript 8.70

    and 8.64 allows context-dependent attackers to execute arbitrary code

    via a crafted PostScript file (CVE-2010-1869).

     

    Packages for 2008.0 and 2009.0 are provided due to the Extended

    Maintenance Program for those products.

     

    The updated packages have been patched to correct this issue.

  17. Advisories MDVSA-2010:101: mysql

    in Mandriva Security Advisories

    Posted

    A vulnerability has been found and corrected in mysql:

     

    It was possible for DROP TABLE of one MyISAM table to remove the

    data and index files of a different MyISAM table (CVE-2010-1626).

     

    Packages for 2008.0 and 2009.0 are provided due to the Extended

    Maintenance Program for those products.

     

    The updated packages have been patched to correct this issue.

  18. Advisories MDVSA-2010:100: krb5

    in Mandriva Security Advisories

    Posted

    A vulnerability has been found and corrected in krb5:

     

    Certain invalid GSS-API tokens can cause a GSS-API acceptor (server)

    to crash due to a null pointer dereference in the GSS-API library

    (CVE-2010-1321).

     

    Packages for 2008.0 and 2009.0 are provided due to the Extended

    Maintenance Program for those products.

     

    The updated packages have been patched to correct this issue.

  19. Advisories MDVSA-2010:098: kdenetwork4

    in Mandriva Security Advisories

    Posted

    Multiple vulnerabilities has been discovered and fixed in kget

    (kdenetwork4):

     

    Directory traversal vulnerability in KGet in KDE SC 4.0.0 through

    4.4.3 allows remote attackers to create arbitrary files via directory

    traversal sequences in the name attribute of a file element in a

    metalink file (CVE-2010-1000).

     

    KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request

    download confirmation from the user, which makes it easier for remote

    attackers to overwrite arbitrary files via a crafted metalink file

    (CVE-2010-1511).

     

    Packages for 2009.0 are provided due to the Extended Maintenance

    Program.

     

    The corrected packages solves these problems.

  24. Advisories MDVSA-2010:098: kdenetwork4

    in Mandriva Security Advisories

    Posted

    A vulnerability has been discovered and fixed in kget (kdenetwork4):

     

    The name attribute of the file element of metalink files is not

    properly sanitized before being used to download files. If a user

    is tricked into downloading from a specially crafted metalink file,

    this can be exploited to download files to directories outside of

    the intended download directory via directory traversal attacks

    (CVE-2010-1000).

     

    Packages for 2009.0 are provided due to the Extended Maintenance

    Program.

     

    The corrected packages solves these problems.

×
×
  • Create New...