[Forgot Password]
Login  Register Subscribe

24003

 
 

131425

 
 

103942

 
 

909

 
 

83962

 
 

133

 
 
Paid content will be excluded from the download.

Filter
Matches : 31121 Download | Alert*

A vulnerability has been discovered and fixed in kget : The name attribute of the file element of metalink files is not properly sanitized before being used to download files. If a user is tricked into downloading from a specially crafted metalink file, this can be exploited to download files to directories outside of the intended download directory via directory traversal attacks . Packages for 2 ...

The kdenetwork packages contain networking applications for the K Desktop Environment . A directory traversal flaw was found in the way KGet, a download manager, handled the "file" element in Metalink files. An attacker could use this flaw to create a specially-crafted Metalink file that, when opened, would cause KGet to overwrite arbitrary files accessible to the user running KGet. Use ...

The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file wa ...

Multiple vulnerabilities was discovered and fixed in glibc: Multiple integer overflows in the strfmon implementation in the GNU C Library 2.10.1 and earlier allow context-dependent attackers to cause a denial of service via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391 . Integer overflow in the __vstrfmo ...

Multiple vulnerabilities was discovered and fixed in glibc: Multiple integer overflows in the strfmon implementation in the GNU C Library 2.10.1 and earlier allow context-dependent attackers to cause a denial of service via a crafted format string, as demonstrated by a crafted first argument to the money_format function in PHP, a related issue to CVE-2008-1391 . nis/nss_nis/nis-pwd.c in the GNU ...

A vulnerability has been found and corrected in emacs: lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks . Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products. The updated packages have been patched to correct this ...

The glibc packages contain the standard C libraries used by multiple programs on the system. These packages contain the standard C and the standard math libraries. Without these two libraries, a Linux system cannot function properly. An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file wa ...

Multiple vulnerabilies has been found and corrected in samba: client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the device name and mountpoint strings are composed of valid characters, which allows local users to cause a denial of service via a crafted string . client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mou ...

A race condition has been found in fuse that could escalate privileges for local users and lead to a DoS . The updated packages have been patched to correct this issue.

Multiple vulnerabilies has been found and corrected in samba: client/mount.cifs.c in mount.cifs in smbfs in Samba does not verify that the device name and mountpoint strings are composed of valid characters, which allows local users to cause a denial of service via a crafted string . client/mount.cifs.c in mount.cifs in smbfs in Samba allows local users to mount a CIFS share on an arbitrary mou ...


Pages:      Start    2877    2878    2879    2880    2881    2882    2883    2884    2885    2886    2887    2888    2889    2890    ..   3112

© 2013 SecPod Technologies