[Forgot Password]
Login  Register Subscribe

30430

 
 

423868

 
 

247768

 
 

909

 
 

194555

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

Python has a variable called sys.path that contains all paths where Python loads modules by using import scripting procedure. A wrong handling of that variable enables local attackers to execute arbitrary code via Python scripting in the current Vim working directory . This update provides fix for that vulnerability. Update: This update also provides updated packages for Mandriva Linux 2008.0.

Multiple memory management flaws were found in the GSSAPI library used by Kerberos that could result in the use of already freed memory or an attempt to free already freed memory, possibly leading to a crash or allowing the execution of arbitrary code . A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to ...

A memory management flaw was found in the GSSAPI library used by Kerberos that could result in an attempt to free already freed memory, possibly leading to a crash or allowing the execution of arbitrary code . A flaw was discovered in how the Kerberos krb5kdc handled Kerberos v4 protocol packets. An unauthenticated remote attacker could use this flaw to crash the krb5kdc daemon, disclose portions ...

Martin von Gagern found a flow in how GnuTLS versions 1.2.4 up until 2.6.1 verified certificate chains provided by a server. A malicious server could use this flaw to spoof its identity by tricking client applications that used the GnuTLS library to trust invalid certificates . Update: It was found that the previously-published patch to correct this issue caused a regression when dealing with self ...

Martin von Gagern found a flow in how GnuTLS versions 1.2.4 up until 2.6.1 verified certificate chains provided by a server. A malicious server could use this flaw to spoof its identity by tricking client applications that used the GnuTLS library to trust invalid certificates . The updated packages have been patched to correct this issue.

A number of security vulnerabilities have been discovered in previous versions, and corrected in the latest Mozilla Thunderbird program, version 2.0.0.21 . This update provides the latest Thunderbird to correct these issues. Additionaly, Mozilla Thunderbird released with Mandriva Linux 2009.0, when used with Enigmail extension on x86_64 architechture, would freeze whenever any Enigmail function wa ...

Security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox 3.x, version 3.0.7 . This update provides the latest Mozilla Firefox 3.x to correct these issues. As Mozilla Firefox 2.x has been phased out, version 3.x is also being provided for Mandriva Linux 2008 Spring. Additionally some softwares has also been rebuilt against Mozilla Firefox 3.0.7 which should take car ...

A number of vulnerabilities have been found and corrected in libpng: Fixed 1-byte buffer overflow in pngpread.c . This was allready fixed in Mandriva Linux 2009.0. Fix the function png_check_keyword that allowed setting arbitrary bytes in the process memory to 0 . Fix a potential DoS or to potentially compromise an application using the library . The updated packages have been patched to prevent ...

Multiple vulnerabilities has been found and corrected in krb5: The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 1.5 through 1.6.3 allows remote attackers to cause a denial of service and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read . The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 Ge ...

Multiple vulnerabilities has been found and corrected in krb5: The get_input_token function in the SPNEGO implementation in MIT Kerberos 5 1.5 through 1.6.3 allows remote attackers to cause a denial of service and possibly obtain sensitive information via a crafted length value that triggers a buffer over-read . The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in MIT ...


Pages:      Start    5    6    7    8    9    10    11    12    13    14    15    16    17    18    ..   182

© SecPod Technologies