-
Posts
2022 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Posts posted by aru
-
-
Mandriva Advisories MDKSA-2006:119 : ppp
Updated ppp packages fix plugin vulnerability
July 10th, 2006
Marcus Meissner discovered that pppd's winbind plugin did not check for
the result of the setuid() call which could allow an attacker to
exploit this on systems with certain PAM limits enabled to execute the
NTLM authentication helper as root.This could possibly lead to
privilege escalation dependant upon the local winbind configuration.
Updated packages have been patched ot correct this issue.
The released versions of Mandriva GNU/Linux affected are:
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:119
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2194
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.3 2006/07/02 09:40:56 aru Exp $)
- 2006.0
-
Mandriva Advisories MDKSA-2006:118 : OpenOffice.org
Updated OpenOffice.org packages fix various vulnerabilities
July 7th, 2006
OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x before 2.0.3 allows user-complicit
attackers to conduct unauthorized activities via an OpenOffice document with
a malicious BASIC macro, which is executed without prompting the user.
(CVE-2006-2198)
An unspecified vulnerability in Java Applets in OpenOffice.org 1.1.x up to
1.1.5 and 2.0.x before 2.0.3 allows user-complicit attackers to escape the
Java sandbox and conduct unauthorized activities via certain applets in
OpenOffice documents. (CVE-2006-2199)
Heap-based buffer overflow in OpenOffice.org 1.1.x up to 1.1.5 and 2.0.x
before 2.0.3 allows user-complicit attackers to execute arbitrary code via a
crafted OpenOffice XML document that is not properly handled by (1) Calc,
(2) Draw, (3) Impress, (4) Math, or (5) Writer, aka "File Format / Buffer
Overflow Vulnerability." (CVE-2006-3117)
Updated packages are patched to address this issue.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:118
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2198
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2199
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3117
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.3 2006/07/02 09:40:56 aru Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:117 : libmms
Updated libmms packages fix buffer overflow vulnerability
July 6th, 2006
Stack-based buffer overflow in MiMMS 0.0.9 allows remote attackers to cause
a denial of service (application crash) and possibly execute arbitrary code
via the (1) send_command, (2) string_utf16, (3) get_data, and (4)
get_media_packet functions, and possibly other functions. Libmms uses the
same vulnerable code.
The updated packages have been patched to correct this issue.
The released versions of Mandriva GNU/Linux affected are:
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:117
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2200
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.3 2006/07/02 09:40:56 aru Exp $)
- 2006.0
-
Mandriva Advisories MDKSA-2006:107 : arts
Updated arts packages fix vulnerability in artswrapper
June 20th, 2006
A vulnerability in the artswrapper program, when installed setuid root,
could enable a local user to elevate their privileges to that of root.
By default, Mandriva Linux does not ship artswrapper setuid root,
however if a user or system administrator enables the setuid bit on
artswrapper, their system could be at risk,
The updated packages have been patched to correct these issues.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:107
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2916
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.3 2006/07/02 09:40:56 aru Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:107 : arts
Updated arts packages fix vulnerability in artswrapper
June 20th, 2006
A vulnerability in the artswrapper program, when installed setuid root,
could enable a local user to elevate their privileges to that of root.
By default, Mandriva Linux does not ship artswrapper setuid root,
however if a user or system administrator enables the setuid bit on
artswrapper, their system could be at risk,
The updated packages have been patched to correct these issues.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:107
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2916
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:115 : mutt
Updated mutt packages fix buffer overflow vulnerability
June 28th, 2006
A stack-based buffer overflow in the browse_get_namespace function in
imap/browse.c of Mutt allows remote attackers to cause a denial of service
(crash) or execute arbitrary code via long namespaces received from the
IMAP server.
Updated packages have been patched to address this issue.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:115
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2006-3242
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:114 : libwmf
Updated libwmf packages fixes embedded GD vulnerability
June 27th, 2006
Integer overflows were reported in the GD Graphics Library (libgd)
2.0.28, and possibly other versions. These overflows allow remote
attackers tocause a denial of service and possibly execute arbitrary
code via PNG image files with large image rows values that lead to a
heap-based buffer overflow in the gdImageCreateFromPngCtx() function.
Libwmf contains an embedded copy of the GD library code. (CAN-2004-0941)
Updated packages have been patched to address this issue.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:114
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0941
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:113 : tetex
Updated tetex packages fix embedded GD vulnerabilities
June 27th, 2006
Integer overflows were reported in the GD Graphics Library (libgd)
2.0.28, and possibly other versions. These overflows allow remote
attackers tocause a denial of service and possibly execute arbitrary
code via PNG image files with large image rows values that lead to a
heap-based buffer overflow in the gdImageCreateFromPngCtx() function.
Tetex contains an embedded copy of the GD library code. (CAN-2004-0941)
The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas
Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote attackers
to cause a denial of service (CPU consumption) via malformed GIF data that
causes an infinite loop.Tetex contains an embedded copy of the GD library
code. (CVE-2006-2906)
Updated packages have been patched to address both issues.
The released versions of Mandriva GNU/Linux affected are:
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:113
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0941
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2906
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- 10.2
-
Mandriva Advisories MDKSA-2006:112 : gd
Updated gd packages fix DoS vulnerability.
June 27th, 2006
The LZW decoding in the gdImageCreateFromGifPtr function in the Thomas
Boutell graphics draw (GD) library (aka libgd) 2.0.33 allows remote
attackers to cause a denial of service (CPU consumption) via malformed
GIF data that causes an infinite loop.
gd-2.0.15 in Corporate 3.0 is not affected by this issue.
Packages have been patched to correct this issue.
The released versions of Mandriva GNU/Linux affected are:
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:112
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2906
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- 10.2
-
Mandriva Advisories MDKSA-2006:111 : MySQL
Updated MySQL packages fixes authorized user DoS(crash) vulnerability.
June 23rd, 2006
Mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before
5.1.6 allows remote authorized users to cause a denial of service (crash)
via a NULL second argument to the str_to_date function.
MySQL 4.0.18 in Corporate 3.0 and MNF 2.0 is not affected by this issue.
Packages have been patched to correct this issue.
The released versions of Mandriva GNU/Linux affected are:
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:111
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3081
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- 10.2
-
Mandriva Advisories MDKSA-2006:110 : gnupg
Updated gnupg packages fix vulnerability
June 20th, 2006
A vulnerability was discovered in GnuPG 1.4.3 and 1.9.20 (and earlier)
that could allow a remote attacker to cause gpg to crash and possibly
overwrite memory via a message packet with a large length.
The updated packages have been patched to correct these issues.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- MNF2.0
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:110
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:109 : wv2
Updated wv2 packages fix vulnerability
June 20th, 2006
A boundary checking error was discovered in the wv2 library, used for
accessing Microsoft Word documents.This error can lead to an integer
overflow induced by processing certain Word files.
The updated packages have been patched to correct these issues.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:109
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2197
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:108 : xine-lib
Updated xine-lib packages fix buffer overflow vulnerabilities
June 20th, 2006
A buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib
1.1.1 allows remote attackers to cause a denial of service (application
crash) via a long reply from an HTTP server, as demonstrated using gxine
0.5.6. (CVE-2006-2802)
In addition, a possible buffer overflow exists in the AVI demuxer,
similar in nature to CVE-2006-1502 for MPlayer. The Corporate 3 release
of xine-lib does not have this issue.
The updated packages have been patched to correct these issues.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:108
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2802
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:107 : arts
Updated arts packages fix vulnerability in artswrapper
June 20th, 2006
A vulnerability in the artswrapper program, when installed setuid root,
could enable a local user to elevate their privileges to that of root.
By default, Mandriva Linux does not ship artswrapper setuid root,
however if a user or system administrator enables the setuid bit on
artswrapper, their system could be at risk,
The updated packages have been patched to correct these issues.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:107
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2916
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:110 : gnupg
Updated gnupg packages fix vulnerability
June 20th, 2006
A vulnerability was discovered in GnuPG 1.4.3 and 1.9.20 (and earlier)
that could allow a remote attacker to cause gpg to crash and possibly
overwrite memory via a message packet with a large length.
The updated packages have been patched to correct these issues.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- MNF2.0
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:110
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3082
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:109 : wv2
Updated wv2 packages fix vulnerability
June 20th, 2006
A boundary checking error was discovered in the wv2 library, used for
accessing Microsoft Word documents.This error can lead to an integer
overflow induced by processing certain Word files.
The updated packages have been patched to correct these issues.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:109
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2197
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:108 : xine-lib
Updated xine-lib packages fix buffer overflow vulnerabilities
June 20th, 2006
A buffer overflow in the HTTP Plugin (xineplug_inp_http.so) for xine-lib
1.1.1 allows remote attackers to cause a denial of service (application
crash) via a long reply from an HTTP server, as demonstrated using gxine
0.5.6. (CVE-2006-2802)
In addition, a possible buffer overflow exists in the AVI demuxer,
similar in nature to CVE-2006-1502 for MPlayer. The Corporate 3 release
of xine-lib does not have this issue.
The updated packages have been patched to correct these issues.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:108
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2802
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:107 : arts
Updated arts packages fix vulnerability in artswrapper
June 20th, 2006
A vulnerability in the artswrapper program, when installed setuid root,
could enable a local user to elevate their privileges to that of root.
By default, Mandriva Linux does not ship artswrapper setuid root,
however if a user or system administrator enables the setuid bit on
artswrapper, their system could be at risk,
The updated packages have been patched to correct these issues.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:107
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2916
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:111 : MySQL
Updated MySQL packages fixes authorized user DoS(crash) vulnerability.
June 23rd, 2006
Mysqld in MySQL 4.1.x before 4.1.18, 5.0.x before 5.0.19, and 5.1.x before
5.1.6 allows remote authorized users to cause a denial of service (crash)
via a NULL second argument to the str_to_date function.
MySQL 4.0.18 in Corporate 3.0 and MNF 2.0 is not affected by this issue.
Packages have been patched to correct this issue.
The released versions of Mandriva GNU/Linux affected are:
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:111
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3081
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- 10.2
-
Mandriva Advisories MDKSA-2006:106 : mdkkdm
Updated mdkkdm packages fix local vulnerability
June 15th, 2006
A problem with how kdm manages the ~/.dmrc file was discovered by
Ludwig Nussel.By using a symlink attack, a local user could get kdm
to read arbitrary files on the system, including privileged system
files and those belonging to other users.
Mandriva's mdkkdm also suffers from this same problem and has been
patched to correct it.Only Corporate 3 is affected; in Mandriva Linux
2006, mdkkdm is in contribs.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:106
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2449
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:105 : kdebase
Updated kdebase packages fix local vulnerability in kdm
June 15th, 2006
A problem with how kdm manages the ~/.dmrc file was discovered by
Ludwig Nussel.By using a symlink attack, a local user could get kdm
to read arbitrary files on the system, including privileged system
files and those belonging to other users.
The updated packages have been patched to correct these issues.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:105
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2449
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:104 : sendmail
Updated sendmail packages fix remotely exploitable vulnerability
June 14th, 2006
A vulnerability in the way Sendmail handles multi-part MIME messages
was discovered that could allow a remote attacker to create a carefully
crafted message that could crash the sendmail process during delivery.
The updated packages have been patched to correct these issues.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- MNF2.0
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:104
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1173
http://www.kb.cert.org/vuls/id/146718
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:103 : spamassassin
Updated spamassassin packages fix vulnerability
June 14th, 2006
A flaw was discovered in the way that spamd processes the virtual POP
usernames passed to it.If running with the --vpopmail and --paranoid
flags, it is possible for a remote user with the ability to connect to
the spamd daemon to execute arbitrary commands as the user running
spamd.
By default, the Spamassassin packages do not start spamd with either
of these flags and this usage is uncommon.
The updated packages have been patched to correct this issue.
The released versions of Mandriva GNU/Linux affected are:
- CS3.0
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:103
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2447
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- CS3.0
-
Mandriva Advisories MDKSA-2006:102 : libtiff
Updated libtiff packages fixes tiff2pdf vulnerability
June 14th, 2006
A buffer overflow in the t2p_write_pdf_string function in tiff2pdf in
libtiff 3.8.2 and earlier allows attackers to cause a denial of service
(crash) and possibly execute arbitrary code via a TIFF file with a
DocumentName tag that contains UTF-8 characters, which triggers the
overflow when a character is sign extended to an integer that produces
more digits than expected in a sprintf call.
Corporate Server 3 and Corporate Desktop 3 are not affected by this
vulnerability as tiff2pdf was not part of the libtiff version shipped
in those products.
The updated packages have been patched to correct this issue.
The released versions of Mandriva GNU/Linux affected are:
- 10.2
- 2006.0
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:102
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-2193
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.2 2006/06/01 20:04:28 pituko Exp $)
- 10.2
Advisories (MDKSA-2006:120 ): samba
in Mandriva Security Advisories
Posted
Mandriva Advisories MDKSA-2006:120 : samba
Updated samba packages fix DoS vulnerability
July 10th, 2006
A vulnerability in samba 3.0.x was discovered where an attacker could
cause a single smbd process to bloat, exhausting memory on the system.
This bug is caused by continually increasing the size of an array which
maintains state information about the number of active share
connections.
Updated packages have been patched to correct this issue.
The released versions of Mandriva GNU/Linux affected are:
Full information about this advisory, including the updated packages, is available at:
www.mandriva.com/security/advisories?name=MDKSA-2006:120
Other references:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3403
http://www.samba.org/samba/security/CAN-2006-3403.html
Posted automatically by aru (mdksec2mub v: mdksec2mub,v 1.3 2006/07/02 09:40:56 aru Exp $)