Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories » SUSE

SUSE Security Advisories

Here you'll find the latest security advisories from SUSE. Our database currently contains 274 SUSE security advisories.
Page: 12...4 5 6 7 8 out of 11

Kdelibs remote code execution, DoS | SA:2005:022 | April 11, 2005
A buffer overflow via specially crafted PCX pictures was fixed. This could lead to a remote attacker being able to execute code as the user opening or viewing a PCX images. This PCX image could have b

Security Summary Report | SR:2005:010 | April 08, 2005
Solver security vulnerabilities: netapplet local privilege escalation, grip buffer overflow in cddb handling, additional libXPM overflows, tetex tmp symlink attack, crash by double free in gdk-pixbuf.

Kernel local privilege escalation | SA:2005:021 | April 04, 2005
This Linux kernel security update fixes a problem within the Bluetooth kernel stack which can be used by a local attacker to gain root access or crash the machine.

Ipsec-tools remote denial of service | SA:2005:020 | March 31, 2005
Sebastian Krahmer of the SUSE Security Team audited the daemon and found that it handles certain ISAKMP messages in a slightly wrong way, so that remote attackers can crash it via malformed ISAKMP pac

Security Summary Report | SR:2005:009 | March 29, 2005
This advisory provides information and workarounds about the solved security vulnerabilities in telnet, kernel bluetooth, wget directory traversal, IDN domain name cloacking problems and PostgeSQL pro

Mysql remote code execution | SA:2005:019 | March 24, 2005
This security update fixes a broken mysqlhotcopy script as well as several security related bugs.

Kernel remote denial of service | SA:2005:018 | March 24, 2005
Several vulnerabilities were reported in the last few weeks which are fixed by this update.

ImageMagick remote code execution | SA:2005:017 | March 23, 2005
A format string vulnerability was found in the display program which could lead to a remote attacker being to able to execute code as the user running display by providing handcrafted filenames of ima

Security Summary Report | SR:2005:008 | March 18, 2005
Solved security vulnerabilities in: xv - format string problem, opera - arbitrary code execution, apache2 - sssl remote denial of service, koffice - xpdf related problems, squirrelmail-plugins, clamav

Firefox remote code execution | SA:2005:016 | March 16, 2005
Several problems have been fixed in Mozilla Firefox: "fire tabbing", "fire flashing", "homographa attacks", "IDN cloaking" and other memory overflows.

Openslp remote command execution | SA:2005:015 | March 14, 2005
During the audit, various buffer overflows and out of bounds memory access have been fixed which can be triggered by remote attackers by sending malformed SLP packets.

RealPlayer remote code execution | SA:2005:014 | March 09, 2005
Two remotely exploitable buffer overflows were found in the media player RealPlayer, when handling .smil and .wav files.

Security Summary | SR:2005:007 | March 04, 2005
This report provides information about the updated packages for phpMyAdmin and gpg.

digestmda5 buffer overflow | SA:2005:013 | March 03, 2005
A buffer overflow in the digestmda5 code was identified that could lead to a remote attacker executing code in the context of the service using sasl authentication.

Curl remote code execution | SA:2005:011 | February 28, 2005
The NTLM authorization in curl had a buffer overflow in the base64 decoding which allows a remote attacker using a prepared remote server to execute code for the user using curl.

Imap CRAM-MD5 authentication bug | SA:2005:012 | February 28, 2005
This update fixes a logical error in the challenge response authentication mechanism CRAM-MD5 used by UW IMAP. Due to this mistake a remote attacker can gain access to the IMAP server as arbitrary use

Security Summary | SR:2005:006 | February 25, 2005
Fixed packages for: emacx/XEmacs, wpa_supplicant, FreeNX and php4.

Kernel bugfix update | SA:2005:010 | February 25, 2005
The previous kernel security update for the SUSE Linux 9.1 and the SUSE Linux Enterprise Server 9 based products caused problems with the NVidia driver for users with NVidia graphics cards.

Cyrus-imapd buffer overflow | SA:2005:009 | February 24, 2005
Several overruns were fixed in the IMAP annote extension as well as in cached header handling which can be run by an authenticated user. Additionally bounds checking in fetchnews was improved to avoid

Squid remote denial of service | SA:2005:008 | February 22, 2005
A remote attacker was potentially able to crash the Squid web proxy if the log_fqdn option was set to "on" and the DNS replies were manipulated.

Security Summary | SR:2005:005 | February 18, 2005
Several packages have been updated due to the recently discovered vulnerabilities. They are: enscript, clamav, postgresql, python, openssh, gftp and openldap2.

Mailman remote file disclosure | SA:2005:007 | February 14, 2005
Due to incomplete input validation the "private" CGI script which handles archive retrieval could be used to read any file on the system, including the configuration database of the mailman lists whic

Suse Security Summary - ruby, perl, perl-DBI, koversation security fixes | SR:2005:004 | February 11, 2005
Several packages have been update that resolve recently found vulnerabilities: ruby denial of service, perl local privilege escalation, perl-DBI temp race condition and koversation (multiple vulnerabi

Squid remote command execution | SA:2005:006 | February 11, 2005
The last two squid updates from February the 1st and 10th fix several vulnerabilities. The impact of them range from remote denial-of-service over cache poisoning to possible remote command execution.

Kernel critical bugfixes | SA:2005:005 | February 04, 2005
Two weeks ago we released the Service Pack 1 for our SUSE Linux Enterprise Server 9 product. Due to the strict code freeze we were not able to merge all the security fixes from the last kernel update

Page: 12...4 5 6 7 8 out of 11

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »