|Paid content will be excluded from the download.
| Matches : 1830
|A vulnerability has been found and corrected in sudo: A flaw exists in the IP network matching code in sudo versions 1.6.9p3 through 1.8.4p4 that may result in the local host being matched even though it is not actually part of the network described by the IP address and associated netmask listed in the sudoers file or in LDAP. As a result, users authorized to run commands on certain IP networks m ...
It was discovered that the fix for CVE-2012-2110 was not sufficient to correct the issue for OpenSSL 0.9.8. The updated packages have been upgraded to the 0.9.8w version which is not vulnerable to this issue.
A potentially exploitable vulnerability has been discovered in the OpenSSL function asn1_d2i_read_bio that affects S/MIME or CMS applications using the built in MIME parser SMIME_read_PKCS7 or SMIME_read_CMS . The updated packages have been patched to correct this issue.
A vulnerability has been found and corrected in samba: Security checks were incorrectly applied to the Local Security Authority remote proceedure calls CreateAccount, OpenAccount, AddAccountRights and RemoveAccountRights allowing any authenticated user to modify the privileges database . The updated packages have been patched to correct this issue.
A memory leak and a hash table collision flaw in expat could cause denial os service attacks . The updated packages have been patched to correct this issue.
A vulnerability has been found and corrected in libvorbis: If a specially-crafted Ogg Vorbis media file was opened by an application using libvorbis, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application . The updated packages have been patched to correct this issue.
Security issues were identified and fixed in mozilla firefox and thunderbird: Use-after-free vulnerability in Mozilla Firefox before 3.6.26 and 4.x through 9.0, Thunderbird before 3.1.18 and 5.0 through 9.0, and SeaMonkey before 2.7 might allow remote attackers to execute arbitrary code via vectors related to incorrect AttributeChildRemoved notifications that affect access to removed nsDOMAttribut ...
Multiple vulnerabilities was discovered and fixed in gimp: Stack-based buffer overflow in the &quot;LIGHTING EFFECTS &gt; LIGHT&quot; plugin in GIMP 2.6.11 allows user-assisted remote attackers to cause a denial of service or possibly execute arbitrary code via a long Position field in a plugin configuration file. NOTE: it may be uncommon to obtain a GIMP plugin configuration file fro ...
A vulnerability was discovered and corrected in curl: The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests . Packages for 2009.0 are provided as of the Extended Maintenance Program
Multiple vulnerabilities has been found and corrected in sudo: A a patch for parse.c in sudo does not properly interpret a system group in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regres ...
Pages:      Start    3    4    5    6    7    8    9    10    11    12    13    14    15    16    ..   182
© 2013 SecPod Technologies