Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories » Mandrake

Mandrake Security Advisories

Here you'll find the latest security advisories from Mandrake. Our database currently contains 486 Mandrake security advisories.
Page: 123456 out of 20

Krb5 buffer overflows | MDKSA-2005:061 | March 29, 2005
Two buffer overflow issues were discovered in the way telnet clients handle messages from a server. Because of these issues, an attacker may be able to execute arbitray code on the victim's machine if

MySQL multiple vulnerabilities | MDKSA-2005:060 | March 21, 2005
A number of vulnerabilities were discovered by Stefano Di Paola in the MySQL server.

Evolution crash | MDKSA-2005:059 | March 17, 2005
It was discovered that certain types of messages could be used to crash the Evolution mail client. Fixes have been applied to correct this behaviour.

KDElibs multiple vulnerabilities | MDKSA-2005:058 | March 17, 2005
A local user can lock up the dcopserver of other users on the same machine by stalling the DCOP authentication process, causing a local Denial of Service. As well, the IDN (International Domain Names

Ethereal multiple vulnerabilities | MDKSA-2005:053 | March 15, 2005
A number of issues were discovered in Ethereal versions prior to 0.10.10, which is provided by this update. Matevz Pustisek discovered a buffer overflow, Diego Giago found a buffer overflow in the 3GP

GnuPG timing-attack vulnerability | MDKSA-2005:057 | March 14, 2005
The OpenPGP protocol is vulnerable to a timing-attack in order to gain plain text from cipher text. The timing difference appears as a side effect of the so-called "quick scan" and is only exploitable

Openslp remote security vulnerabilities | MDKSA-2005:055 | March 14, 2005
An audit by the SUSE Security Team of critical parts of the OpenSLP package revealed various buffer overflow and out of bounds memory access issues. These problems can be triggered by remote attackers

Cyrus-sasl digestmd5 buffer overflow | MDKSA-2005:054 | March 14, 2005
A buffer overflow was discovered in cyrus-sasl's digestmd5 code. This could lead to a remote attacker executing code in the context of the service using SASL authentication.

KDEGraphics several updates | MDKSA-2005:052 | March 04, 2005
Several overruns have been fixed in the IMAP annote extension as well as in cached header handling which can be run by an authenticated user. As well, additional bounds checking in fetchnews was impro

Cyrus-imapd several overruns | MDKSA-2005:051 | March 04, 2005
Several overruns have been fixed in the IMAP annote extension as well as in cached header handling which can be run by an authenticated user. As well, additional bounds checking in fetchnews was impro

gftp directory traversal vulnerability | MDKSA-2005:050 | March 04, 2005
A vulnerability in gftp could allow a malicious FTP server to overwrite files on the local system as the user running gftp due to improper handling of filenames containing slashes.

Gaim several security issues | MDKSA-2005:049 | March 04, 2005
Gaim versions prior to version 1.1.4 suffer from a few security issues such as the HTML parses not sufficiently validating its input. As well, insufficient input validation was also discovered in the

Curl buffer overflow vulnerability | MDKSA-2005:048 | March 04, 2005
"infamous41md" discovered a buffer overflow vulnerability in libcurl's NTLM authorization base64 decoding. This could allow a remote attacker using a prepared remote server to execute arbitrary code a

Squid remote denial of service | MDKSA-2005:047 | February 24, 2005
The squid developers discovered that a remote attacker could cause squid to crash via certain DNS responses.

Uim privilege escalation | MDKSA-2005:046 | February 24, 2005
Takumi ASAKI discovered that uim always trusts environment variables which can allow a local attacker to obtain elevated privileges when libuim is linked against an suid/sgid application. This problem

Kdelibs encoding vulnerabilities | MDKSA-2005:045 | February 17, 2005
Previous updates to correct integer overflow issues affecting xpdf overlooked certain conditions when built for a 64 bit platform.This also affects applications like tetex, that use embedded versions

Tetex integer overflow | MDKSA-2005:044 | February 17, 2005
Previous updates to correct integer overflow issues affecting xpdf overlooked certain conditions when built for a 64 bit platform.This also affects applications like tetex, that use embedded versions

xPDF integer overflow | MDKSA-2005:043 | February 17, 2005
Previous updates to correct integer overflow issues affecting xpdf overlooked certain conditions when built for a 64 bit platform. This also affects applications that use embedded versions of xpdf.

gPDF integer overflow | MDKSA-2005:042 | February 17, 2005
Previous updates to correct integer overflow issues affecting xpdf overlooked certain conditions when built for a 64 bit platform. This also affects applications like cups, that use embedded versions

CUPS integer overflow | MDKSA-2005:041 | February 17, 2005
Previous updates to correct integer overflow issues affecting xpdf overlooked certain conditions when built for a 64 bit platform. This also affe

PostGreSQL multiple vulnerabilities | MDKSA-2005:040 | February 17, 2005
A number of vulnerabilities were found and corrected in the PostgreSQL DBMS.

Rwho listening process crash | MDKSA-2005:039 | February 16, 2005
A vulnerability in rwhod was discovered by "Vlad902" that can be abused to crash the listening process (the broadcasting process is not affected). This vulnerability only affects little endian archite

Mailman directory traversal vulnerability | MDKSA-2005:037 | February 14, 2005
A vulnerability was discovered in Mailman, which allows a remote directory traversal exploit using URLs of the form ".../....///" to access private Mailman configuration data.

Advisory update | MDKA-2005:032-1 | February 11, 2005
The updated cpio packages for 10.1, while they would install with urpmi on the commandline, would not install via rpmdrake. The updated packages correct that.

MySQL multiple vulnerabilities | MDKSA-2005:036 | February 10, 2005
A temporary file vulnerability in the mysqlaccess script in MySQL was discovered by Javier Fernandez-Sanguino Pena. This flaw could allow an unprivileged user to let root overwrite arbitrary files via

Page: 123456 out of 20

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »