Advisory: Gentoo Essential and Critical Security Patch Updates
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Exploitation of multiple CUPS vulnerabilities allow local and remote attackers in the worst of the scenarios to gain root privileges.
The SuSE Security Team reviewed critical parts of that package and found several buffer overflows and other bugs remote attackers could exploit to gain access on systems running vulnerable LDAP servers.
Multiple buffer overflow vulnerabilities have been discovered in cyrus-imapd.
Insufficient buffer length checking in user name canonicalization may allow attacker to execute arbitrary code on servers using Cyrus SASL library.
In some instances KDE fails to properly quote parameters of instructions passed to a command shell for execution.
A malicious server could potentially overwrite key files to cause a denial of service or, in some cases, gain privileges by modifying executable files.
A heap overflow vulnerability was discovered in the irw_through function in canna server version 3.6 and earlier.
A security hole has been discovered in Safe.pm. When a Safe compartment has already been used, there's no guarantee that it's safe any longer, because there's a way for code executed within the Safe compartment to alter its operation mask.
read_body.php didn't filter out user input for 'filter_dir' and 'mailbox', making a xss attack possible.
This heap overflow can be used by remote attackers to crash it or to execute arbitrary code with the privileges of the user running fetchmail. Depending on the configuration this allows a remote root compromise.
While parsing and escaping characters of eMail addresses pine does not allocate enough memory for storing the escaped mailbox part of an address.