Jump to content

aru

Members
 View Profile  See their activity

  • Posts

    2022

  • Joined

  • Last visited

 Content Type 

Everything posted by aru

  1. aru
    Mandriva Advisories MDKSA-2005:210 : w3c-libwww Updated w3c-libwww packages fixes DoS vulnerability. November 9th, 2005 Sam Varshavchik discovered theHTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read. The updated packages have been patched to address this issue. The released versions of Mandriva GNU/Linux affected are: 10.1 CS2.1 CS3.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: wwwnew.mandriva.com/security/advisories?name=MDKSA-2005:210 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3183 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.15 2005/11/24 16:53:12 aru Exp aru $)
  2. aru
    Mandriva Security Advisories MDKSA-2005:214 : gdk-pixbuf Updated gdk-pixbuf/gtk+2.0 packages fix vulnerability November 18th, 2005 A heap overflow vulnerability in the GTK+ gdk-pixbuf XPM image rendering library could allow for arbitrary code execution. This allows an attacker to provide a carefully crafted XPM image which could possibly allow for arbitrary code execution in the context of the user viewing the image. (CVE-2005-3186) Ludwig Nussel discovered an integer overflow bug in the way gdk-pixbuf processes XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with gdk-pixbuf to execute arbitrary code or crash when the file was opened by a victim. (CVE-2005-2976) Ludwig Nussel also discovered an infinite-loop denial of service bug in the way gdk-pixbuf processes XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with gdk-pixbuf to stop responding when the file was opened by a victim. (CVE-2005-2975) The gtk+2.0 library also contains the same gdk-pixbuf code with the same vulnerability. The Corporate Server 2.1 packages have additional patches to address CAN-2004-0782,0783,0788 (additional XPM/ICO image issues), CAN-2004-0753 (BMP image issues) and CAN-2005-0891 (additional BMP issues). These were overlooked on this platform with earlier updates. The updated packages have been patched to correct these issues. The released versions of Mandriva GNU/Linux affected are: CS2.1 CS3.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:214 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2975 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2976 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0782 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0783 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0788 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0753 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0891 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  3. aru
    Mandriva Security Advisories MDKA-2005:057 : drakxtools Updated drakxtools packages fix various bugs November 18th, 2005 A number of bugs have been fixed in this new drakxtools package, primarily within the diskdrake, drakconnect and drakroam programs: Diskdrake fixes include: - handle "users" the way "user" is handled - handle dmraid-1.0.0 RC9 (#19654) Drakconnect fixes include: - don't screw up eagle-usb devices if the firmware is already loaded - fix zd1201 devices detection as well Drakroam fixes include: - remember 'restricted' wireless mode - don't crash if mandi isn't started (#19608) - fix wireless network list using iwlist (#19742) The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKA-2005:057 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  4. aru
    Mandriva Security Advisories MDKA-2005:056 : file Updated file package fixes segfault November 18th, 2005 A bug in the file program would cause it to segfault on the x86_64 architecture on certain files.This update corrects the problem. The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKA-2005:056 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  5. aru
    Mandriva Security Advisories MDKSA-2005:213 : php Updated php packages fix multiple vulnerabilities November 16th, 2005 A number of vulnerabilities were discovered in PHP: An issue with fopen_wrappers.c would not properly restrict access to other directories when the open_basedir directive included a trailing slash (CVE-2005-3054); this issue does not affect Corporate Server 2.1. An issue with the apache2handler SAPI in mod_php could allow an attacker to cause a Denial of Service via the session.save_path option in an .htaccess file or VirtualHost stanza (CVE-2005-3319); this issue does not affect Corporate Server 2.1. A Denial of Service vulnerability was discovered in the way that PHP processes EXIF image data which could allow an attacker to cause PHP to crash by supplying carefully crafted EXIF image data (CVE-2005-3353). A cross-site scripting vulnerability was discovered in the phpinfo() function which could allow for the injection of javascript or HTML content onto a page displaying phpinfo() output, or to steal data such as cookies (CVE-2005-3388). A flaw in the parse_str() function could allow for the enabling of register_globals, even if it was disabled in the PHP configuration file (CVE-2005-3389). A vulnerability in the way that PHP registers global variables during a file upload request could allow a remote attacker to overwrite the $GLOBALS array which could potentially lead the execution of arbitrary PHP commands.This vulnerability only affects systems with register_globals enabled (CVE-2005-3390). The updated packages have been patched to address this issue.Once the new packages have been installed, you will need to restart your Apache server using "service httpd restart" in order for the new packages to take effect ("service httpd2-naat restart" for MNF2). The released versions of Mandriva GNU/Linux affected are: 10.1 CS2.1 CS3.0 MNF2.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:213 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3054 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3319 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3353 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3390 http://www.hardened-php.net/advisory_202005.79.html http://www.hardened-php.net/advisory_192005.78.html http://www.hardened-php.net/advisory_182005.77.html Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  6. aru
    Mandriva Security Advisories MDKSA-2005:212 : egroupware Updated egroupware packages to address phpldapadmin, phpsysinfo vulnerabilities November 16th, 2005 Egroupware contains embedded copies of several php based projects, including phpldapadmin and phpsysinfo. Phpldapadmin before 0.9.6c allows remote attackers to gain anonymous access to the LDAP server, even when disable_anon_bind is set, via an HTTP request to login.php with the anonymous_bind parameter set. (CAN-2005-2654) Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the custom_welcome_page parameter. (CAN-2005-2792) PHP remote code injection vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to execute arbitrary PHP code via the custom_welcome_page parameter. (CAN-2005-2793) Maksymilian Arciemowicz discovered several cross site scripting issues inphpsysinfo, a PHP based host information application. (CAN-2005-0869, 0870) Christopher Kunz discovered that local variables in phpsysinfo get overwritten unconditionally and are trusted later, which could lead to the inclusion of arbitrary files. (CAN-2005-3347) Christopher Kunz discovered that user-supplied input in phpsysinfo is used unsanitised, causing a HTTP Response splitting problem. (CAN-2005-3348) The updated packages have new versions of these subsystems to correct these issues. The released versions of Mandriva GNU/Linux affected are: CS3.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:212 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2654 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2792 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2793 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0869 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0870 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3347 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3348 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  7. aru
    Mandriva Security Advisories MDKA-2005:055 : acpid Updated acpid package fixes various bugs November 16th, 2005 A number of bugs have been fixed in this new acpid package: Correct an error in the initscript, to look for lm_battery.sh rather than battery.sh. Correct an issue where logrotate of acpid's log files would cause the X server to consume 100% cpu. Note: In order to restart the acpid service you may have to stop X (telinit 3 if you use a graphical login, or exit X if you use startx). The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKA-2005:055 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  8. aru
    Mandriva Security Advisories MDKA-2005:054 : autofs Updated autofs packages fix problem with LDAP November 16th, 2005 A problem with how autofs was linked with the LDAP libraries would cause autofs to segfault on startup. The updated package has been fixed to correct this problem. The released versions of Mandriva GNU/Linux affected are: 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKA-2005:054 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  9. aru
    Mandriva Security Advisories MDKSA-2005:211 : lynx Updated lynx packages fix critical vulnerability November 12th, 2005 An arbitrary command execution vulnerability was discovered in the lynx "lynxcgi:" URI handler.An attacker could create a web page that redirects to a malicious URL which could then execute arbitrary code as the user running lynx. The updated packages have been patched to address this issue. The released versions of Mandriva GNU/Linux affected are: 10.1 CS2.1 CS3.0 MNF2.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:211 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2929 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  10. aru
    Mandriva Security Advisories MDKSA-2005:210 : w3c-libwww Updated w3c-libwww packages fixes DoS vulnerability. November 9th, 2005 Sam Varshavchik discovered theHTBoundary_put_block function in HTBound.c for W3C libwww (w3c-libwww) allows remote servers to cause a denial of service (segmentation fault) via a crafted multipart/byteranges MIME message that triggers an out-of-bounds read. The updated packages have been patched to address this issue. The released versions of Mandriva GNU/Linux affected are: 10.1 CS2.1 CS3.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:210 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3183 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  11. aru
    Mandriva Security Advisories MDKSA-2005:209 : fetchmail Updated fetchmail packages fixes fetchmailconf vulnerability November 9th, 2005 Thomas Wolff and Miloslav Trmac discovered a race condition in the fetchmailconf program.fetchmailconf would create the initial output configuration file with insecure permissions and only after writing would it change permissions to be more restrictive.During that time, passwords and other data could be exposed to other users on the system unless the user used a more restrictive umask setting. As well, the Mandriva Linux 2006 packages did not contain the patch that corrected the issues fixed in MDKSA-2005:126, namely a buffer overflow in fetchmail's POP3 client (CAN-2005-2355). The updated packages have been patched to address this issue, and the Mandriva 2006 packages have also been patched to correct CAN-2005-2355. The released versions of Mandriva GNU/Linux affected are: 10.1 CS2.1 CS3.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:209 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3088 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2355 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  12. aru
    Mandriva Security Advisories MDKSA-2005:204 : wget Updated wget packages fix vulnerability November 1st, 2005 Hugo Vazquez Carames discovered a race condition when writing output files in wget.After wget determined the output file name, but before the file was actually opened, a local attacker with write permissions to the download directory could create a symbolic link with the name of the output file.This could be exploited to overwrite arbitrary files with the permissions of the user invoking wget.The time window of opportunity for the attacker is determined solely by the delay of the first received data packet. The updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: 10.1 CS3.0 MNF2.0 10.2 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:204 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-2014 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  13. aru
    Mandriva Security Advisories MDKSA-2005:203 : gda2.0 Updated gda2.0 packages fix string format vulnerability November 1st, 2005 Steve Kemp discovered two format string vulnerabilities in libgda2, the GNOME Data Access library for GNOME2, which may lead to the execution of arbitrary code in programs that use this library. The updated packages have been patched to correct this issue. The released versions of Mandriva GNU/Linux affected are: CS3.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:203 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2958 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  14. aru
    Mandriva Security Advisories MDKSA-2005:202 : squirrelmail Updated squirrelmail packages fix vulnerability November 1st, 2005 A vulnerability in the way that SquirrelMail handled the $_POST variables was discovered.If a user was tricked into visiting a malicious URL, the user's SquirrelMail preferences could be read or modified. This vulnerability is corrected in SquirrelMail 1.4.5 and the updated packages provide the latest stable version. The released versions of Mandriva GNU/Linux affected are: CS3.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:202 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2095 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  15. aru
    Mandriva Security Advisories MDKSA-2005:193-2 : ethereal Updated ethereal packages fix multiple vulnerabilities October 31st, 2005 Ethereal 0.10.13 is now available fixing a number of security vulnerabilities in various dissectors: - the ISAKMP dissector could exhaust system memory - the FC-FCS dissector could exhaust system memory - the RSVP dissector could exhaust system memory - the ISIS LSP dissector could exhaust system memory - the IrDA dissector could crash - the SLIMP3 dissector could overflow a buffer - the BER dissector was susceptible to an infinite loop - the SCSI dissector could dereference a null pointer and crash - the sFlow dissector could dereference a null pointer and crash - the RTnet dissector could dereference a null pointer and crash - the SigComp UDVM could go into an infinite loop or crash - the X11 dissector could attempt to divide by zero - if SMB transaction payload reassembly is enabled the SMB dissector could crash (by default this is disabled) - if the "Dissect unknown RPC program numbers" option was enabled, the ONC RPC dissector might be able to exhaust system memory (by default this is disabled) - the AgentX dissector could overflow a buffer - the WSP dissector could free an invalid pointer - iDEFENSE discovered a buffer overflow in the SRVLOC dissector The new version of Ethereal is provided and corrects all of these issues. An infinite loop in the IRC dissector was also discovered and fixed after the 0.10.13 release.The updated packages include the fix. Update: A permissions problem on the /usr/share/ethereal/dtds directory caused errors when ethereal started as a non-root user.This update corrects the problem. The released versions of Mandriva GNU/Linux affected are: 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:193-2 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3241 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3242 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3243 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3244 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3246 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3247 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3184 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3313 http://www.ethereal.com/appnotes/enpa-sa-00021.html Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  16. aru
    Mandriva Security Advisories MDKSA-2005:201 : sudo Updated sudo packages fix vulnerability October 27th, 2005 Tavis Ormandy discovered that sudo does not perform sufficient environment cleaning; in particular the SHELLOPTS and PS4 variables are still passed to the program running as an alternate user which can result in the execution of arbitrary commands as the alternate user when a bash script is executed. The updated packages have been patched to correct this problem. The released versions of Mandriva GNU/Linux affected are: 10.1 CS2.1 CS3.0 MNF2.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:201 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2959 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  17. aru
    Mandriva Security Advisories MDKSA-2005:200 : apache-mod_auth_shadow Updated apache-mod_auth_shadow packages fix security restriction bypass issues. October 27th, 2005 The mod_auth_shadow module 1.0 through 1.5 and 2.0 for Apache with AuthShadow enabled uses shadow authentication for all locations that use the require group directive, even when other authentication mechanisms are specified, which might allow remote authenticated users to bypass security restrictions. This update requires an explicit "AuthShadow on" statement if website authentication should be checked against /etc/shadow. The updated packages have been patched to address this issue. The released versions of Mandriva GNU/Linux affected are: 10.1 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:200 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2963 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  18. aru
    Mandriva Security Advisories MDKSA-2005:199 : netpbm Updated netpbm packages fix pnmtopng vulnerabilities October 26th, 2005 Pnmtopng in netpbm 10.2X, when using the -trans option, uses uninitialized size and index variables when converting Portable Anymap (PNM) images to Portable Network Graphics (PNG), which might allow attackers to execute arbitrary code by modifying the stack. Netpbm 9.2X is not affected by this vulnerability. The updated packages have been patched to correct this problem. The released versions of Mandriva GNU/Linux affected are: 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:199 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2978 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  19. aru
    Mandriva Security Advisories MDKSA-2005:198 : uim Updated uim packages fix suid linking vulnerabilities. October 26th, 2005 Masanari Yamamoto discovered that Uim uses environment variables incorrectly. This bug causes a privilege escalation if setuid/setgid applications are linked to libuim. The updated packages have been patched to address this issue. The released versions of Mandriva GNU/Linux affected are: 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:198 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3149 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  20. aru
    Mandriva Security Advisories MDKSA-2005:197 : unzip Updated unzip packages fix suid, permissions vulnerabilities. October 26th, 2005 Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges. (CAN-2005-0602) Imran Ghory found a race condition in the handling of output files. While a file was unpacked by unzip, a local attacker with write permissions to the target directory could exploit this to change the permissions of arbitrary files of the unzip user. This affects versions of unzip 5.52 and lower (CAN-2005-2475) The updated packages have been patched to address these issues. The released versions of Mandriva GNU/Linux affected are: 10.1 CS2.1 CS3.0 MNF2.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:197 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0602 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2475 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  21. aru
    Mandriva Security Advisories MDKSA-2005:196 : perl-Compress-Zlib Updated perl-Compress-Zlib packages fix vulnerabilities October 26th, 2005 The perl Compress::Zlib module contains an internal copy of the zlib library that was vulnerable to CAN-2005-1849 and CAN-2005-2096.This library was updated with version 1.35 of Compress::Zlib. An updated perl-Compress-Zlib package is now available to provide the fixed module. The released versions of Mandriva GNU/Linux affected are: 10.1 CS2.1 CS3.0 10.2 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:196 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2096 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  22. aru
    Mandriva Security Advisories MDKSA-2005:195 : squid Updated squid packages fix vulnerabilities October 26th, 2005 The rfc1738_do_escape function in ftp.c for Squid 2.5.STABLE11 and earlier allows remote FTP servers to cause a denial of service (segmentation fault) via certain "odd" responses. The updated packages have been patched to address these issues. The released versions of Mandriva GNU/Linux affected are: 10.1 CS2.1 CS3.0 MNF2.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:195 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3258 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  23. aru
    Mandriva Security Advisories MDKSA-2005:194 : php-imap Updated php-imap packages fix buffer overflow vulnerabilities. October 26th, 2005 "infamous41md" discovered a buffer overflow in uw-imap, the University of Washington's IMAP Server that allows attackers to execute arbitrary code. php-imap is compiled against the static c-client libs from imap. These packages have been recompiled against the updated imap development packages. The released versions of Mandriva GNU/Linux affected are: 10.1 CS2.1 CS3.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:194 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2933 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  24. aru
    Mandriva Security Advisories MDKSA-2005:193-1 : ethereal Updated ethereal packages fix multiple vulnerabilities October 26th, 2005 Ethereal 0.10.13 is now available fixing a number of security vulnerabilities in various dissectors: - the ISAKMP dissector could exhaust system memory - the FC-FCS dissector could exhaust system memory - the RSVP dissector could exhaust system memory - the ISIS LSP dissector could exhaust system memory - the IrDA dissector could crash - the SLIMP3 dissector could overflow a buffer - the BER dissector was susceptible to an infinite loop - the SCSI dissector could dereference a null pointer and crash - the sFlow dissector could dereference a null pointer and crash - the RTnet dissector could dereference a null pointer and crash - the SigComp UDVM could go into an infinite loop or crash - the X11 dissector could attempt to divide by zero - if SMB transaction payload reassembly is enabled the SMB dissector could crash (by default this is disabled) - if the "Dissect unknown RPC program numbers" option was enabled, the ONC RPC dissector might be able to exhaust system memory (by default this is disabled) - the AgentX dissector could overflow a buffer - the WSP dissector could free an invalid pointer - iDEFENSE discovered a buffer overflow in the SRVLOC dissector The new version of Ethereal is provided and corrects all of these issues. Update: An infinite loop in the IRC dissector was also discovered and fixed after the 0.10.13 release.The updated packages include the fix. The released versions of Mandriva GNU/Linux affected are: 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:193-1 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3313 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3184 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3249 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3248 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3247 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3246 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3245 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3244 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3243 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3242 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3241 http://www.ethereal.com/appnotes/enpa-sa-00021.html Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
  25. aru
    Mandriva Security Advisories MDKSA-2005:186-1 : lynx Updated lynx packages fix remote buffer overflow October 26th, 2005 Ulf Harnhammar discovered a remote buffer overflow in lynx versions 2.8.2 through 2.8.5. When Lynx connects to an NNTP server to fetch information about the available articles in a newsgroup, it will call a function called HTrjis() with the information from certain article headers. The function adds missing ESC characters to certain data, to support Asian character sets. However, it does not check if it writes outside of the char array buf, and that causes a remote stack-based buffer overflow, with full control over EIP, EBX, EBP, ESI and EDI. Two attack vectors to make a victim visit a URL to a dangerous news server are: (a) *redirecting scripts*, where the victim visits some web page and it redirects automatically to a malicious URL, and (b) *links in web pages*, where the victim visits some web page and selects a link on the page to a malicious URL. Attack vector (b) is helped by the fact that Lynx does not automatically display where links lead to, unlike many graphical web browsers. The updated packages have been patched to address this issue. Update: The previous patchset had a bug in the patches themselves, which was uncovered by Klaus Singvogel of Novell/SUSE in auditing crashes on some architectures. The released versions of Mandriva GNU/Linux affected are: 10.1 CS2.1 CS3.0 MNF2.0 10.2 2006.0 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:186-1 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3120 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $)
×
×
  • Create New...