Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories » SUSE

SUSE Security Advisories

Here you'll find the latest security advisories from SUSE. Our database currently contains 274 SUSE security advisories.
Page: 123456 out of 11

php/pear remote code execution | SA:2005:041 | July 08, 2005
A bug in the PEAR::XML_RPC library allowed remote attackers to pass arbitrary PHP code to the eval() function.

Heimdal remote code execution | SA:2005:040 | July 06, 2005
A remote buffer overflow has been fixed in the heimdal / kerberos telnetd daemon which could lead to a remote user executing code as root by overflowing a buffer. This attack requires the use of the k

Zlib remote denial of service | SA:2005:039 | July 06, 2005
Any program using zlib to decompress data can be crashed by a specially handcrafted invalid data stream. This includes web browsers or email programs able to view PNG images (which are compressed by z

Clamav remote denial of service | SA:2005:038 | June 29, 2005
Among other bugfixes and improvements, this update fixes a bug in the Quantum decompressor routines that can be used for a remote denial of service attack against clamd.

RealPlayer remote code execution | SA:2005:037 | June 25, 2005
Various security problems were found in RealPlayer that allow a remote attacker to execute code in the local player by providing handcrafted files.

Sudo race condition and arbitrary command execution | SA:2005:036 | June 24, 2005
A race condition in the pathname handling of sudo may allow a local user to execute arbitrary commands. To exploit this bug some conditions need to be fulfilled. The attacking user needs to be listed

Razor-agents remote denial of service | SA:2005:035 | June 23, 2005
Several bugs were fixed in Vipuls Razor spam detection framework. These bugs could lead to remote denial-of-service conditions due to processing malformed messages and possible stepping into infinite

Opera remote code execution | SA:2005:034 | June 22, 2005
The web browser Opera has been updated to version 8.01 to fix various security-related bugs.

Spamassassin remote denial of service | SA:2005:033 | June 22, 2005
The anti spam tool SpamAssassin was prone to a denial-of-service attack. A remote attacker could craft a MIME E-Mail message that would waste a lot of CPU cycles parsing the Content-Type header.

Java2 remote code execution | SA:2005:032 | June 22, 2005
Java Web Start can be exploited remotely due to an error in input validation of tags in JNLP files, so an attacker can pass arbitrary command-line options to the virtual machine to disable the sandbox

Security Summary Report | SR:2005:016 | June 17, 2005
Solved security vulnerabilities: gpg2 broken S/MIME signing, telnet environment option disclosure, unace buffer overflows, horde cross site scripting.

Opera various problems | SA:2005:031 | June 15, 2005
Vulnerabilities found and fixed in Opera: IDN cloaking - homograph attack allows easy spoofing of domain names, Opera did not validate base64 encoded binary in data, Opera showed the Organizational In

Mozilla Firefox remote code execution | SA:2005:030 | June 09, 2005
A problem in the install confirmation dialog together with a bad fix for MFSA 2005-41 allowed a remote attacker to execute arbitrary code with the help of a cross site scripting problem on the Mozilla

Kernel several security problems | SA:2005:029 | June 09, 2005
This update fixes various security as well as non-security problems discovered since the last round of kernel updates.

Security Summary Report | SR:2005:014 | June 07, 2005
Solved security problems: freeradius problems, clamav version update, squirrelmail cross site scripting and code inclusion proble, perl-Convert-UUlib buffer overflow, ethereal various security problem

Security Summary Report | SR:2005:015 | June 07, 2005
Solver security vulnerabilities: bzip2 decompression bomb, pound crash by overflow and gaim buffer overflow.

Security Summary Report | SR:2005:013 | May 18, 2005
Updated packages for: xine (buffer overflow) and kimgio (buffer overflows).

Security Summary Report | SR:2005:012 | April 29, 2005
Solved security vulnerabilities: heimdal telnet buffer overflow, php4, php5 bugs in exif parser cvs buffer overflow, squid DoS, xli shell quoting problems.

Mozila, Firefox remote code execution | SA:2005:028 | April 27, 2005
Several problems have been fixed with the security update releases of the Mozilla Firefox 1.0.3 web browser and the Mozilla Suite 1.7.7.

PostgreSQL remote code execution | SA:2005:027 | April 19, 2005
Several problems were identified and fixed in the PostgreSQL database server. Multiple buffer overflows in the low level parsing routines may allow attackers to execute arbitrary code.

RealPlayer remote code execution | SA:2005:026 | April 19, 2005
A remote attacker could craft a special .RAM (Real Audio Media) file which would cause a buffer overflow when played within RealPlayer.

OpenOffice_org remote code execution | SA:2005:025 | April 19, 2005
This security update fixes a buffer overflow in OpenOffice_org Microsoft Word document reader which could allow a remote attacker sending a handcrafted .doc file to execute code as the user opening th

CVS remote code execution | SA:2005:024 | April 18, 2005
The current maintainer of CVS reported various problems within CVS such as a buffer overflow and memory access problems which have been fixed within the available updates.

Security Summary Report | SR:2005:011 | April 15, 2005
This advisory provides updated packages that fix: wget directory traversal and dot file overwrite, libexif buffer overflow in EXIF parsing, sylpheed buffer overflow in header decoding, phpMyAdmin cros

php4, php5 remote denial of service | SA:2005:023 | April 15, 2005
This update fixes a bug in getimagesize() EXIF handling which could lead to a denial of service attack and fixes the performance problems of unserialize().

Page: 123456 out of 11

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »