SuSE Linux Distribution - Page 739
Find the information you need for your favorite open source distribution .
Find the information you need for your favorite open source distribution .
Due to missing boundary checks in the xli code a buffer overflow could be triggered by an external attacker to execute commands on the victim's system. An exploit is publically available.
Ntping, a ping/traceroute program, is part of the Scotty package. It's failure is to read a hostname as commandline option without checking the size. This leads to a bufferoverrun, that could be used to gain root privileges
Zen-parse has reported a bug to Bugtraq which allows remote attackers to overflow a buffer in the logging routine of xinetd.
Michal Zalewski discovered that a remote attacker can write to files owned by root if the samba config file /etc/smb.conf contains the %m macro to specify the logfile for logging access to the samba server.
A format string vulnerability in versions of GnuPG before 1.0.6 has been found.
Multiple problems including a format string vulnerability and segmentation fault have been fixed.
Multiple security vulnerabilities have been found in all Linux kernels of version 2.2 before version 2.2.19. Most of the found errors allow a local attacker to gain root privileges.
The previous advisory contained incorrect pathnames and MD5 information.
During operation, the underlying SGML perlmodule creates temporary files in an insecure way.
As long as hfaxd(8c) is installed setuid root, it may be possible to gain root access locally.
When printing a whole text or selected parts of a text, nedit(1) creates a temporary file in an insecure manner. This behavior could be exploited to gain access to other users privileges, even root.
sudo(8) previous to version 1.6.3p6 is vulnerable by a buffer overflow in it's logging code, which could lead to local root compromise.
A tmp race condition and other vulnerabilities exist that may be used to gain unauthorized access to more privileges.
A local attacker could trick mc into executing commands with the privileges of the user running mc
An exploit published by Przemyslaw Frasunek demonstrates a buffer overflow in the control request parsing code of the ntpd.
A bug in joe(1), a userfriendly text editor, was found by Christer Öberg of Wkit Security AB a few weeks ago.
Fumitoshi Ukai and Denis Barbier have found several potential buffer overflows, which could lead to local privilege escalation if installed setuid or to remote compromise.
Two parts of the nkitb/nkitserv package are vulnerable to security related bugs.
The eMail access daemons impad(8), ipop2d(8) and ipop3d(8) of SuSE 6.1 are vulnerable to several buffer overflows.