Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories » Mandrake

Mandrake Security Advisories

Here you'll find the latest security advisories from Mandrake. Our database currently contains 486 Mandrake security advisories.
Page: 12...4 5 6 7 8 out of 20

Ruby infinitive loop and session disclosure | MDKSA-2004:128 | November 08, 2004
Two vulnerabilities have been found in Ruby: Andres Salomon noticed a problem with the CGI session management and ruby Developers have corrected a problem in the ruby CGI module that can be triggered

LibXpm stand and integer overflows | MDKSA-2004:124 | November 04, 2004
Chris Evans found several stack and integer overflows in the libXpm code of X.Org/XFree86.

Netatalk local file overwrite | MDKSA-2004:121 | November 01, 2004
The etc2ps.sh script, part of the netatalk package, creates files in /tmp with predicatable names which could allow a local attacker to use symbolic links to point to a valid file on the filesystem wh

perl-MIME-tools boundary error | MDKSA-2004:123 | November 01, 2004
There's a bug in MIME-tools, where it mis-parses things like boundary="". Some viruses use an empty boundary, which may allow unapproved parts through MIMEDefang.

mod_ssl and apache2-mod_ssl cipher check failure | MDKSA-2004:122 | November 01, 2004
A vulnerability in mod_ssl was discovered by Hartmut Keil. After a renegotiation, mod_ssl would fail to ensure that the requested cipher suite is actually negotiated. The provided packages have been

mpg123 remote buffer overflows | MDKSA-2004:120 | November 01, 2004
Carlos Barros discovered two buffer overflow vulnerabilities in mpg123; the first in the getauthfromURL() function and the second in the http_open() function. These vulnerabilities could be exploited

MySQL multiple vulnerabilities | MDKSA-2004:119 | November 01, 2004
A number of problems have been discovered in the MySQL database server. Jeroen van Wolffelaar discovered an insecure temporary file vulnerability in the mysqlhotcopy script when using the scp method.

Gaim buffer overflow in MSN protocol parser | MDKSA-2004:117 | November 01, 2004
A vulnerability in the MSN protocol handler in the gaim instant messenger application was discovered. When receiving unexpected sequences of MSNSLP messages, it is possible that an attacker could trig

Perl::Archive::Zip decompression failure | MDKSA-2004:118 | November 01, 2004
Recently, it was noticed that several antivirus programs miss viruses that are contained in ZIP archives with manipulated directory data. The global archive directory of these ZIP file have been manip

Cups multiple vulnerabilities | MDKSA-2004:116 | October 21, 2004
Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled

KDEgraphics multiple vulnerabilities | MDKSA-2004:115 | October 21, 2004
Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like kpdf which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled

gPDF multiple vulnerabilities | MDKSA-2004:114 | October 21, 2004
Chris Evans discovered numerous vulnerabilities in the xpdf package, which also effect software using embedded xpdf code, such as gpdf. Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0

Xpdf multiple vulnerabilities | MDKSA-2004:113 | October 21, 2004
Chris Evans discovered numerous vulnerabilities in the xpdf package. Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. The

Squid denial of service vulnerability | MDKSA-2004:112 | October 21, 2004
iDEFENSE discovered a Denial of Service vulnerability in squid version 2.5.STABLE6 and previous. The problem is due to an ASN1 parsing error where certain header length combinations can slip through t

wxGTK2 several vulnerabilities | MDKSA-2004:111 | October 21, 2004
Several vulnerabilities have been discovered in the libtiff package; wxGTK2 uses a libtiff code tree, so it may have the same vulnerabilities.

Gaim multiple vulnerabilities | MDKSA-2004:110 | October 21, 2004
More vulnerabilities have been discovered in the gaim instant messenger client. The vulnerabilities pertinent to version 0.75, which is the version shipped with Mandrakelinux 10.0, are: installing smi

CVS arbitrary files disclosure | MDKSA-2004:108 | October 19, 2004
iDEFENSE discovered a flaw in CVS versions prior to 1.1.17 in an undocumented switch implemented in CVS' history command. The -X switch specifies the name of the history file which allows an attacke

Libtiff multiple vulnerabilities | MDKSA-2004:109 | October 19, 2004
Several vulnerabilities have been discovered in the libtiff package. Chris Evans discovered several problems in the RLE (run length encoding) decoders that could lead to arbitrary code execu

Mozilla multiple vulnerabilities | MDKSA-2004:107 | October 19, 2004
A number of vulnerabilities have been found and fixed in mozilla 1.7.3.

Cyrus-sasl SASL_PATH vulnerability | MDKSA-2004:106 | October 07, 2004
A vulnerability was discovered in the libsasl library of cyrus-sasl. libsasl honors the SASL_PATH environment variable blindly, which could allow a local user to create a malicious "library" that woul

Xine-lib multiple string and heap overflows | MDKSA-2004:105 | October 06, 2004
Several string overflows were discovered together with a heap overflow in the DVD subpicture decoder.

Samba input validation denial of service | MDKSA-2004:104 | October 01, 2004
Karol Wiesek discovered a bug in the input validation routines used to convert DOS path names to path names on the Samba host's file system. This bug can be exploited to gain access to files outside o

Netpbm temporary file vulnerability | MDKSA-2004:011-1 | September 27, 2004
A number of temporary file bugs have been found in versions of NetPBM. These could allow a local user the ability to overwrite or create files as a different user who happens to run one of the the vul

OpenOffice local read access vulnerability | MDKSA-2004:103 | September 27, 2004
A vulnerability in OpenOffice.org was reported by pmladek where a local user may be able to obtain and read documents that belong to another user. The way that OpenOffice.org created temporary files,

ImageMagick several buffer overflows | MDKSA-2004:102 | September 22, 2004
It may be possible to create malicious images that could also allow for the execution of arbitray code with the privileges of the invoking user or process.

Page: 12...4 5 6 7 8 out of 20

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »