|Paid content will be excluded from the download.
| Matches : 1830
|A security vulnerability has been identified and fixed in curl, which could allow remote HTTP servers to trigger arbitrary requests to intranet servers, read or overwrite arbitrary files via a redirect to a file: URL, or execute arbitrary commands via a redirect to an scp: URL . The updated packages have been patched to prevent this.
Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.7 . This update provides the latest Mozilla Firefox 3.x to correct these issues. As Mozilla Firefox 2.x has been phased out, version 3.x is also being provided for Mandriva Linux 2008 Spring. Additionally some softwares has also been rebuilt against Mozilla Firefox 3.0.7 which should take car ...
A number of vulnerabilities have been found and corrected in libpng: Fixed 1-byte buffer overflow in pngpread.c . This was allready fixed in Mandriva Linux 2009.0. Fix the function png_check_keyword that allowed setting arbitrary bytes in the process memory to 0 . Fix a potential DoS or to potentially compromise an application using the library . The updated packages have been patched to prevent ...
A vulnerability has been identified in sudo which allowed - depending on the sudoers rules - a sudo-user to execute arbitrary shell commands as root . The updated packages have been patched to prevent this.
A flaw was found in how NTP checked the return value of signature verification. A remote attacker could use this to bypass certificate validation by using a malformed SSL/TLS signature . The updated packages have been patched to prevent this issue.
A flaw was found in how BIND checked the return value of the OpenSSL DSA_do_verify function. On systems that use DNSSEC, a malicious zone could present a malformed DSA certificate and bypass proper certificate validation, which would allow for spoofing attacks . The updated packages have been patched to prevent this issue.
Multiple security vulnerabilities has been identified and fixed in apr-util: The apr_strmatch_precompile function in strmatch/apr_strmatch.c in Apache APR-util before 1.3.5 allows remote attackers to cause a denial of service via crafted input involving a .htaccess file used with the Apache HTTP Server, the SVNMasterURI directive in the mod_dav_svn module in the Apache HTTP Server, the mod_apr ...
Multiple security vulnerabilities has been identified and fixed in apr and apr-util: Multiple integer overflows in the Apache Portable Runtime library and the Apache Portable Utility library 0.9.x and 1.3.x allow remote attackers to cause a denial of service or possibly execute arbitrary code via vectors that trigger crafted calls to the allocator_alloc or apr_palloc function in memory/unix/a ...
A vulnerability has been identified and corrected in net-snmp: The netsnmp_udp_fmtaddr function in net-snmp 5.0.9 through 5.4.2, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to source/destination IP address confusion. The updated packages have bee ...
Pages:      Start    3    4    5    6    7    8    9    10    11    12    13    14    15    16    ..   182
© 2013 SecPod Technologies