Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories

Security Advisories

Here you'll find the latest security advisories from various Vendors.
Page: 12... 896 897 898 899 900 901 902 903 out of 903

FreeBSD Security Advisory - timed | | March 14, 2001
Malformed packets sent to the timed daemon could cause it to crash, thereby denying service to clients if timed is not run under a watchdog process which causes it to automatically restart in the ev

FreeBSD Security Advisory - rwhod | | March 14, 2001
Malformed packets sent to the rwhod daemon could cause it to crash, thereby denying service to clients if rwhod is not run under a watchdog process which causes it to automatically restart in the ev

FreeBSD security advisory - icecast | | March 14, 2001
The icecast software, versions prior to 1.3.7_1, contains multiple format string vulnerabilities, which allow a remote attacker to execute arbitrary code as the user running icecast, usually the roo

FreeBSD-SA-01:26 Security Advisory - Interbase | SA-01:26 | March 13, 2001
The interbase software contains a remote backdoor account, which was apparently introduced by the vendor in 1992. The interbase source code has recently been released and is the basis for a derivat

Icecast port format string vulnerabilities | SA-01:23 | March 12, 2001
The icecast software, versions prior to 1.3.7_1, contains multiple format string vulnerabilities, which allow a remote attacker to execute arbitrary code as the user running icecast, usually the roo

Debian Security Advisory - slrn | | March 10, 2001
Bill Nottingham reported a problem in the wrapping/unwrapping functions of the slrn newsreader. A long header in a message might overflow a buffer and which could result into executing arbitraty co

Debian Security Advisory - glibc | | March 10, 2001
The version of GNU libc that was distributed with Debian GNU/Linux 2.2 suffered from 2 security problems: * It was possible to use LD_PRELOAD to load libraries that are listed in /etc/ld.so.cac

Debian Security Advisory DSA-031-2 | DSA-031-2 | March 06, 2001
Todd Miller announced a new version of sudo which corrects a buffer overflow that could potentially be used to gain root privilages on the local system. This bugfix has been backported to the versi

Cisco IOS Software TCP Initial Sequence Number | | March 01, 2001
Cisco IOS software contains a flaw that permits the successful prediction of TCP Initial Sequence Numbers. This vulnerability is present in all released versions of Cisco IOS software running on

Immunix OS Security Advisory (#IMNX-2001-70-004-01) | IMNX-2001-70-004-01 | February 28, 2001
The version of sudo shipped in Immunix OS 7.0-beta and 7.0 contains a buffer overflow of a variable that is on the heap (which StackGuard does not protect against.)This problem was originally re

TurboLinux Security Announcement #TLSA2001004-1 | | February 25, 2001
Package: Bind Vulnerable Packages: All versions previous to 8.2.3 Two vulnerabilities have been discovered in ISC BIND 8.

Kerberos IV local and remote vulnerabilities | SA-01:25 | February 14, 2001
The advisory describes three vulnerabilities: first, an overflow in the libkrb KerberosIV authentication library, second, improper filtering of environmental variables by the KerberosIV-adapted teln

SSH1 implementations cause data compromise | SA-01:24 | February 12, 2001
An integer overflow may allow arbitrary remote users to obtain root permissions on the server running sshd. This is due to a coding mistake in code intended to work around a protocol flaw in the SSH

Immunix OS Security Advisory | | February 09, 2001
Chris Evans has discovered a security problem in the kernel select() call that can lead to information leakage in the kernel. There has also been discovered a race condition that could allow an att

TurboLinux Advisory #TLSA2000020-2 (netscape-communicator 4.75-1 and earlier) | | February 09, 2001
A buffer overflow exists in Netscape's HTML parsing code. By using specially designed code, a remote website could cause arbitrary code to be run on the local machine...

Dc20ctrl exploitable buffer overflow | SA-01:22 | February 07, 2001
Because the dc20ctrl program is also setgid dialer, unprivileged local users may gain gid dialer on the local system. This may allow the users to gain unauthorized access to the serial port devices.

Ja-elvis and ko-helvis ports exploitable buffer overflow | SA-01:21 | February 07, 2001
The ja-elvis and ko-helvis ports, versions prior to ja-elvis-1.8.4_1 and ko-helvis-1.8h2_1, contain an exploitable buffer overflow in the elvrec utility. Because elvrec is setuid root, unprivileged l

Mars_nwe format string vulerability | SA-01:20 | February 07, 2001
The mars_nwe port, versions prior to 0.99.b19_1, contains a remote format string vulerability. Because of this vulnerability, a malicious remote user sending specially-crafted packets may be able to

ja-xklock port local root compromise | SA-01:19 | February 07, 2001
The ja-xklock port, versions 2.7.1 and earlier, contains an exploitable buffer overflow. Because the xklock program is also setuid root, unprivileged local users may gain root privileges on the loca

BIND remotely exploitable buffer overflow | SA-01:18 | January 31, 2001
An overflowable buffer related to the processing of transaction signatures (TSIG) exists in all versions of BIND prior to 8.2.3-RELEASE. The vulnerability is exploitable regardless of configuration

Exmh symlink vulnerability | SA-01:17 | January 29, 2001
The exmh2 port, versions prior to 2.3.1, contains a local vulnerability: at startup, if exmh detects a problem in its code or configuration an error dialog appears giving the user an option to fill

Mysql database crashing | SA-01:16 | January 29, 2001
The mysql323-server port, versions prior to 3.23.22, and all mysql322-server ports contain remote vulerabilities. Due to a buffer overflow, a malicious remote user can cause a denial-of-service by cr

Tinyproxy heap overflow vulnerabilities | SA-01:15 | January 29, 2001
he tinyproxy port, versions prior to 1.3.3a, contains remote vulnerabilities: due to a heap overflow, malicious remote users can cause a denial-of-service by crashing the proxy. Additionally, the a

Micq remote buffer overflow vulnerability | SA-01:14 | January 29, 2001
The micq port, versions prior to 0.4.6.1, contains a remote vulnerability: due to a buffer overflow, a malicious remote user sending specially-crafted packets may be able to execute arbitrary code on

Sort uses insecure temporary files | SA-01:13 | January 29, 2001
During internal auditing, sort(1) was found to use easily predictable temporary file names. It does create these temporary files correctly such that they cannot be "subverted" by a symlink attack, but

Page: 12... 896 897 898 899 900 901 902 903 out of 903

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »