-
Posts
2022 -
Joined
-
Last visited
Content Type
Profiles
Forums
Events
Everything posted by aru
-
Mandriva Advisories : The released versions of Mandriva GNU/Linux affected are: Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:080 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKA-2006:022 : module-init-tools Updated module-init-tools packages fix CUPS-related bug April 26th, 2006 The default configuration of module-init-tools was to send a HUP signal to the CUPS daemon whenever the "usblp" kernel module is loaded, for example when a USB printer is plugged in. Due to udev also sending a HUP signal to the CUPS daemon on pluggin in a USB printer there were two HUPs one shortly after the other which often makes the CUPS daemon crashing. The updated module-init-tools package removes the usblp call responsible for this bad behaviour. The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKA-2006:022 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:079 : ruby Updated ruby packages fix vulnerability April 25th, 2006 A vulnerability in how ruby's HTTP module uses blocking sockets was reported by Yukihiro Matsumoto.By sending large amounts of data to a server application using this module, a remote attacker could exploit it to render the application unusable and not respond to other client requests. The updated packages have been patched to fix this problem. The released versions of Mandriva GNU/Linux affected are: CS3.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:079 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1931 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Advisories (MDKSA-2006:078 ): mozilla-thunderbird
aru posted a topic in Mandriva Security Advisories
Mandriva Advisories MDKSA-2006:078 : mozilla-thunderbird Updated mozilla-thunderbird packages fix numerous vulnerabilities April 25th, 2006 A number of vulnerabilities have been discovered in the Mozilla Thunderbird email client that could allow a remote attacker to craft malicious web emails that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, or other information.As well, some of these vulnerabilities can be exploited to execute arbitrary code with the privileges of the user running the program. As well, two crasher bugs have been fixed as well. The updated packages have been patched to fix these problems. The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:078 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0296 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0748 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0749 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1045 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1727 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1730 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1731 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1733 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1739 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1741 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1742 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1790 https://bugzilla.mozilla.org/show_bug.cgi?id=275896 https://bugzilla.mozilla.org/show_bug.cgi?id=330900 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $) -
Mandriva Advisories MDKSA-2006:077 : ethereal Updated ethereal packages fix numerous vulnerabilities April 25th, 2006 A number of vulnerabilities have been discovered in the Ethereal network analyzer.These issues have been corrected in Ethereal version 0.99.0 which is provided with this update. The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:077 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1932 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1933 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1934 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1935 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1936 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1937 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1938 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1939 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1940 http://www.ethereal.com/appnotes/enpa-sa-00023.html Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:076 : mozilla Updated mozilla packages fix numerous vulnerabilities April 25th, 2006 A number of vulnerabilities have been discovered in the Mozilla Suite that could allow a remote attacker to craft malicious web pages that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, cookies, or other information from web pages.As well, some of these vulnerabilities can be exploited to execute arbitrary code with the privileges of the user running the browser. As well, two crasher bugs have been fixed as well. The updated packages have been patched to fix these problems. The released versions of Mandriva GNU/Linux affected are: CS3.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:076 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0748 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0749 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0884 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1727 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1729 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1730 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1731 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1733 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1736 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1739 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1741 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1742 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1790 https://bugzilla.mozilla.org/show_bug.cgi?id=275896 https://bugzilla.mozilla.org/show_bug.cgi?id=330900 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:075 : mozilla-firefox Updated mozilla-firefox packages fix numerous vulnerabilities April 24th, 2006 A number of vulnerabilities have been discovered in the Mozilla Firefox browser that could allow a remote attacker to craft malicious web pages that could take advantage of these issues to execute arbitrary code with elevated privileges, spoof content, and steal local files, cookies, or other information from web pages.As well, some of these vulnerabilities can be exploited to execute arbitrary code with the privileges of the user running the browser. As well, two crasher bugs have been fixed as well. The updated packages have been patched to fix these problems. The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:075 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0748 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0749 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1728 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1729 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1730 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1731 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1732 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1733 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1734 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1735 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1736 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1737 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1738 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1739 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1740 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1742 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1790 https://bugzilla.mozilla.org/show_bug.cgi?id=275896 https://bugzilla.mozilla.org/show_bug.cgi?id=330900 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:073 : cyrus-sasl Updated cyrus-sasl packages addresses vulnerability April 24th, 2006 A vulnerability in the CMU Cyrus Simple Authentication and Security Layer (SASL) library < 2.1.21, has an unknown impact and remote unauthenticated attack vectors, related to DIGEST-MD5 negotiation. In practice, Marcus Meissner found it is possible to crash the cyrus-imapd daemon with a carefully crafted communication that leaves out "realm=..." in the reply or the initial server response. Updated packages have been patched to address this issue. The released versions of Mandriva GNU/Linux affected are: CS3.0 MNF2.0 10.2 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:073 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1721 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:072 : kernel Updated kernel packages fix multiple vulnerabilities April 17th, 2006 A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel: Prior to Linux kernel 2.6.5, a numeric casting discrepancy in sdla_xfer allowed local users to read portions of kernel memory (CVE-2004-2607). Prior to 2.6.12, multiple "range checking flaws" in ISO9660 filesystem handler could allow attackers to cause a DoS or corrupt memory via a crafted filesystem (CVE-2005-0815). Prior to 2.6.14-rc5, when running IPv6, the udp_v6_get_port function allowed local users to cause a DoS (infinite loop and crash) (CVE-2005-2973). A race condition when threads are sharing memory mapping via CLONE_VM could allow local users to cause a DoS (deadlock) by triggering a core dump (CVE-2005-3106). When one thread is tracing another thread that shares the same memory map, could allow local users to cause a DoS (deadlock) by forcing a core dump (CVE-2005-3107). A race condition in the ebtables netfilter module, when running on an SMP system under heavy load, might allow remote attackers to cause a DoS (crash) viaseries of packets that cause a value to be modified after if has been read but before it has been locked (CVE-2005-3110). Prior to 2.6.14.2, the ptrace functionality, using CLONE_THREAD, does not use the thread group ID to check whether it is attaching to itself, allowing local users to cause a DoS (crash) (CVE-2005-3783). Prior to 2.6.14, the IPv6 flow label handling code modified the wrong variable in certain circumstances, which allowed local user to corrupt kernel memory or cause a DoS (crash) by triggering a free of non- allocated memory (CVE-2005-3806). Prior to 2.6.12.6 and 2.6.13, a memory leak in the icmp_push_reply function allowed remote attackers to cause a DoS (memory consumption) via a large number of crafted packets (CVE-2005-3848). Prior to 2.6.15-rc3, the time_out_leases function allowed local users to cause a DoS (kernel log message consumption) by causing a large number of broken leases, which is recorded to the log using the printk function (CVE-2005-3857). In addition to these security fixes, other fixes have been included such as: - fix nfs blocksize setting (bk tree) - update sata_sil to 0.9 - update ndiswrapper to 1.0 - update 3w-9xxx to 2.26.04.007 (9550SX support) - update tg3 "ng" (3.6) - add support for ATI IXP400 audio (alsa) and ide - add support for new sata_sil chipset for RS480 platforms (NEC) - add support for MCP51 IDE & NIC (nForce 430) - various x86_64 fixes from newer kernels - sata_nv: support for MCP51 - piix: ICH7 support - add netcell and piccolo support - updated e100 and e1000 drivers from 2006 - updated aic79xx The provided packages are patched to fix these vulnerabilities.All users are encouraged to upgrade to these updated kernels. To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate The released versions of Mandriva GNU/Linux affected are: CS3.0 MNF2.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:072 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2607 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0815 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2973 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3106 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3110 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3806 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3848 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3857 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:071 : xscreensaver Updated xscreensaver packages fix clear-text password vulnerability April 11th, 2006 Rdesktop, with xscreensaver < 4.18, does not release the keyboard focus when xscreensaver starts, which causes the password to be entered into the active window when the user unlocks the screen. Updated xscreensaver packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: CS3.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:071 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2655 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:070 : sash Updated openvpn packages fix vulnerability April 10th, 2006 Tavis Ormandy of the Gentoo Security Project discovered a vulnerability in zlib where a certain data stream would cause zlib to corrupt a data structure, resulting in the linked application to dump core (CVE-2005-2096). Markus Oberhumber discovered additional ways that a specially-crafted compressed stream could trigger an overflow.An attacker could create such a stream that would cause a linked application to crash if opened by a user (CVE-2005-1849). Both of these issues have previously been fixed in zlib, but sash links statically against zlib and is thus also affected by these issues.New sash packages are available that link against the updated zlib packages. The released versions of Mandriva GNU/Linux affected are: CS3.0 MNF2.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:070 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2096 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:069 : openvpn Updated openvpn packages fix vulnerability April 10th, 2006 A vulnerability in OpenVPN 2.0 through 2.0.5 allows a malicious server to execute arbitrary code on the client by using setenv with the LD_PRELOAD environment variable. Updated packages have been patched to correct this issue by removing setenv support. The released versions of Mandriva GNU/Linux affected are: MNF2.0 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:069 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1629 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:068 : mplayer Updated mplayer packages fix integer overflow vulnerabilities April 7th, 2006 Multiple integer overflows in MPlayer 1.0pre7try2 allow remote attackers to cause a denial of service and trigger heap-based buffer overflows via (1) a certain ASF file handled by asfheader.c that causes the asf_descrambling function to be passed a negative integer after the conversion from a char to an int or (2) an AVI file with a crafted wLongsPerEntry or nEntriesInUse value in the indx chunk, which is handled in aviheader.c. The updated packages have been patched to prevent this problem. The released versions of Mandriva GNU/Linux affected are: CS3.0 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:068 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1502 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:067 : clamav Updated clamav packages fix vulnerabilities April 7th, 2006 Damian Put discovered an integer overflow in the PE header parser in ClamAV that could be exploited if the ArchiveMaxFileSize option was disabled (CVE-2006-1614). Format strings in the logging code could possibly lead to the execution of arbitrary code (CVE-2006-1615). David Luyer found that ClamAV could be tricked into an invalid memory access in the cli_bitset_set() function, which could lead to a Denial of Service (CVE-2006-1630). This update provides ClamAV 0.88.1 which corrects this issue and also fixes some other bugs. The released versions of Mandriva GNU/Linux affected are: CS3.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:067 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1614 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1615 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1630 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:066 : freeradius Updated FreeRADIUS packages fix off-by-one overflow vulnerabilty April 5th, 2006 Off-by-one error in the sql_error function in sql_unixodbc.c in FreeRADIUS might allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the external database query to fail. Updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:066 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4744 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:065 : kaffeine Updated kaffeine packages fix remote buffer overflow vulnerability April 5th, 2006 Marcus Meissner discovered Kaffeine contains an unchecked buffer while creating HTTP request headers for fetching remote RAM playlists, which allows overflowing a heap allocated buffer. As a result, remotely supplied RAM playlists can be used to execute arbitrary code on the client machine. Updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:065 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0051 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:064 : MySQL Updated MySQL packages fix logging bypass vulnerability April 3rd, 2006 MySQL allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. Updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: CS3.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:064 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0903 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:062 : dia Updated dia packages fix buffer overflow vulnerabilities April 3rd, 2006 Three buffer overflows were discovered by infamous41md in dia's xfig import code.This could allow for user-complicit attackers to have an unknown impact via a crafted xfig file, possibly involving an invalid color index, number of points, or depth. Updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: CS3.0 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:062 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1550 http://mail.gnome.org/archives/dia-list/20...h/msg00149.html Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:063 : php Updated php packages fix information disclosure vulnerability April 2nd, 2006 A vulnerability was discovered where the html_entity_decode() function would return a chunk of memory with length equal to the string supplied, which could include php code, php ini data, other user data, etc.Note that by default, Corporate 3.0 and Mandriva Linux LE2005 ship with magic_quotes_gpc on which seems to protect against this vulnerability "out of the box" but users are encourages to upgrade regardless. Once the upgraded packages have been installed, users will need to issue a "service httpd restart" in order for the fixed packages to be properly loaded. Updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: CS3.0 MNF2.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:063 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1490 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:061 : mailman Updated mailman packages fix DoS from badly formed mime multipart messages. March 29th, 2006 Scrubber.py, in Mailman 2.1.5 and earlier, when using email 2.5 (part of Python), is susceptible to a DoS (mailman service stops delivering for the list in question) if it encounters a badly formed mime multipart message with only one part and that part has two blank lines between the first boundary and the end boundary. Updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: CS3.0 10.2 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:061 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0052 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:060 : freeradius Updated FreeRADIUS packages fix EAP-MSCHAPv2 module vulnerability March 23rd, 2006 An unspecified vulnerability in FreeRADIUS 1.0.0 up to 1.1.0 allows remote attackers to bypass authentication or cause a denial of service (server crash) via "Insufficient input validation" in the EAP-MSCHAPv2 state machine module. Updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:060 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1354 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:059 : kernel Updated kernel packages fix multiple vulnerabilities March 22nd, 2006 A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel: sysctl.c in the Linux kernel prior to 2.6.14.1 allows local users to cause a Denial of Service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table (CVE-2005-2709). Multiple vulnerabilities in versions prior to 2.6.13.2 allow local users to cause a DoS (oops from null dereference) via fput in a 32bit ioctl on 64-bit x86 systems or sockfd_put in the 32-bit routing_ioctl function on 64-bit systems (CVE-2005-3044).Note that this was previously partially corrected in MDKSA-2005:235. Prior to 2.6.14, the kernel's atm module allows local users to cause a DoS (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules (CVE-2005-3359). A race condition in the (1) add_key, (2) request_key, and (3) keyctl functions in the 2.6.x kernel allows local users to cause a DoS (crash) or read sensitive kernel memory by modifying the length of a string argument between the time that the kernel calculates the length and when it copies the data into kernel memory (CVE-2006-0457). Prior to 2.6.15.5, the kernel allows local users to obtain sensitive information via a crafted XFS ftruncate call, which may return stale data (CVE-2006-0554). Prior to 2.6.15.5, the kernel allows local users to cause a DoS (NFS client panic) via unknown attack vectors related to the use of O_DIRECT (CVE-2006-0555). Prior to an including kernel 2.6.16, sys_mbind in mempolicy.c does not sanity check the maxnod variable before making certain computations, which has an unknown impact and attack vectors (CVE-2006-0557). Prior to 2.6.15.5, the kernel allows local users to cause a DoS ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address" on Intel processors (CVE-2006-0741). Prior to 2.6.15.6, the die_if_kernel function in the kernel can allow local users to cause a DoS by causing user faults on Itanium systems (CVE-2006-00742). A race in the signal-handling code which allows a process to become unkillable when the race is triggered was also fixed. In addition to these security fixes, other fixes have been included such as: - add ich8 support - libata locking rewrite - libata clear ATA_QCFLAG_ACTIVE flag before calling the completion callback - support the Acer Aspire 5xxx/3xxx series in the acerhk module - USB storage: remove info sysfs file as it violates the sysfs one value per file rule - fix OOPS in sysfs_hash_and_remove_file() - pl2303 USB driver fixes; makes pl2303HX chip work correctly - fix OOPS in IPMI driver which is probably caused when trying to use ACPI functions when ACPI was not properly initialized - fix de_thread() racy BUG_ON() The provided packages are patched to fix these vulnerabilities.All users are encouraged to upgrade to these updated kernels. To update your kernel, please follow the directions located at: http://www.mandriva.com/en/security/kernelupdate Please note that users using the LSI Logic 53c1030 dual-channel ultra 320 SCSI card will need to re-create their initrd images manually prior to rebooting in order to fix a bug that prevents booting.A future update will correct this problem.To do this, execute: # rm /boot/initrd-2.6.12-18mdk.img # mkinitrd /boot/initrd-2.6.12-18mdk.img 2.6.12-18mdk --with-module=mptspi The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:059 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2709 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3044 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3359 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0457 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0554 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0555 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0557 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0741 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0742 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:058 : sendmail Updated sendmail packages fix remote vulnerability March 22nd, 2006 A race condition was reported in sendmail in how it handles asynchronous signals.This could allow a remote attacker to be able to execute arbitrary code with the privileges of the user running sendmail. The updated packages have been patched to correct this problem via a patch provided by the Sendmail Consortium via CERT. The released versions of Mandriva GNU/Linux affected are: CS3.0 MNF2.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:058 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0058 http://www.kb.cert.org/vuls/id/834865 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:057 : cairo Updated cairo packages to address Evolution DoS vulnerability March 20th, 2006 GNOME Evolution allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment. The underlying issue is in libcairo, which is used by recent versions of Evolution for message rendering. The Corporate Desktop 3.0 version of Evolution does not use libcairo and isnot vulnerable to this issue. Updated packages have been patched to correct these issues. The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:057 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0528 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
-
Mandriva Advisories MDKSA-2006:056 : xorg-x11 Updated xorg-x11 packages to address local root vuln March 20th, 2006 Versions of Xorg 6.9.0 and greater have a bug in xf86Init.c, which allows non-root users to use the -modulepath, -logfile and -configure options. This allows loading of arbitrary modules which will execute as the root user, as well as a local DoS by overwriting system files. Updated packages have been patched to correct these issues. The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:056 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0745 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)