Поиск:Автор:GENTOO - компьютерная безопасность: уязвимости и эксплоиты

[RU] switch to
English Version

Идентификатор: GENTOO

portage 2.1
sandbox 1.2
webapp-config 1.10

[ GLSA 201006-21 ] UnrealIRCd: Multiple vulnerabilities
[ GLSA 201006-06 ] Transmission: Multiple vulnerabilities
[ GLSA 201006-08 ] nano: Multiple vulnerabilities
[ GLSA 200911-06 ] PEAR Net_Traceroute: Command injection
[resent] [ GLSA 200911-04 ] dstat: Untrusted search path
[ GLSA 200911-05 ] Wireshark: Multiple vulnerabilities
[ GLSA 200909-08 ] C* music player: Insecure temporary file usage
[ GLSA 200909-11 ] GCC-XML: Insecure temporary file usage
[ GLSA 200909-10 ] LMBench: Insecure temporary file usage
[ GLSA 200909-09 ] Screenie: Insecure temporary file usage
[ GLSA 200909-07 ] TkMan: Insecure temporary file usage
[ GLSA 200907-02 ] ModSecurity: Denial of Service
[Full-disclosure] [ GLSA 200906-02 ] Ruby: Denial of Service
[ GLSA 200906-01 ] libpng: Information disclosure
[ GLSA 200905-09 ] libsndfile: User-assisted execution of arbitrary code
[ GLSA 200905-06 ] acpid: Denial of Service
[ GLSA 200905-07 ] Pidgin: Multiple vulnerabilities
[ GLSA 200905-05 ] FreeType: Multiple vulnerabilities
[ GLSA 200904-19 ] LittleCMS: Multiple vulnerabilities
[ GLSA 200904-15 ] mpg123: User-assisted execution of arbitrary code
[Full-disclosure] [ GLSA 200904-12 ] Wicd: Information disclosure
[ GLSA 200904-07 ] Xpdf: Untrusted search path
[ GLSA 200904-06 ] Eye of GNOME: Untrusted search path
[ GLSA 200904-01 ] Openfire: Multiple vulnerabilities
[ GLSA 200903-40 ] Analog: Denial of Service
[ GLSA 200903-20 ] WebSVN: Multiple vulnerabilities
[ GLSA 200903-03 ] Audacity: User-assisted execution of arbitrary code
[ GLSA 200903-13 ] MPFR: Denial of Service
[ GLSA 200903-12 ] OptiPNG: User-assisted execution of arbitrary code
[ GLSA 200903-02 ] ZNC: Privilege escalation
[ GLSA 200901-14 ] Scilab: Insecure temporary file usage
[ GLSA 200901-02 ] JHead: Multiple vulnerabilities
[ GLSA 200812-19 ] PowerDNS: Multiple vulnerabilities
[ GLSA 200812-18 ] JasPer: User-assisted execution of arbitrary code
[ GLSA 200812-12 ] Honeyd: Insecure temporary file creation
[ GLSA 200812-14 ] aview: Insecure temporary file usage
[ GLSA 200812-01 ] OptiPNG: User-assisted execution of arbitrary code
[ GLSA 200812-05 ] libsamplerate: User-assisted execution of arbitrary code
[ GLSA 200811-04 ] Graphviz: User-assisted execution of arbitrary code
[ GLSA 200811-03 ] FAAD2: User-assisted execution of arbitrary code
[ GLSA 200810-02 ] Portage: Untrusted search path local root vulnerability
[ GLSA 200809-14 ] BitlBee: Security bypass
[ GLSA 200809-12 ] Newsbeuter: User-assisted execution of arbitrary code
[ GLSA 200809-06 ] VLC: Multiple vulnerabilities
[ GLSA 200809-02 ] dnsmasq: Denial of Service and DNS spoofing
[ GLSA 200809-05 ] Courier Authentication Library: SQL injection vulnerability
[ GLSA 200808-11 ] UUDeview: Insecure temporary file creation
[ GLSA 200808-08 ] stunnel: Security bypass
[ GLSA 200808-04 ] Wireshark: Denial of Service
[ GLSA 200807-15 ] Pan: User-assisted execution of arbitrary code
[ GLSA 200807-16 ] Python: Multiple vulnerabilities
[ GLSA 200807-06 ] Apache: Denial of Service
[ GLSA 200806-05 ] cbrPager: User-assisted execution of arbitrary code
[ GLSA 200806-02 ] libxslt: Execution of arbitrary code
[ GLSA 200805-14 ] Common Data Format library: User-assisted execution of arbitrary code
[ GLSA 200805-15 ] libid3tag: Denial of Service
[ GLSA 200805-10 ] Pngcrush: User-assisted execution of arbitrary code
[ GLSA 200805-08 ] InspIRCd: Denial of Service
[ GLSA 200805-04 ] eGroupWare: Multiple vulnerabilities
[ GLSA 200805-03 ] Multiple X11 terminals: Local privilege escalation
[Full-disclosure] [ GLSA 200804-30 ] KDE start_kdeinit: Multiple vulnerabilities
[ GLSA 200804-29 ] Comix: Multiple vulnerabilities
[ GLSA 200804-28 ] JRockit: Multiple vulnerabilities
[ GLSA 200804-26 ] Openfire: Denial of Service
[ GLSA 200804-24 ] DBmail: Data disclosure
[ GLSA 200804-18 ] Poppler: User-assisted execution of arbitrary code
[ GLSA 200804-14 ] Opera: Multiple vulnerabilities
[ GLSA 200804-09 ] am-utils: Insecure temporary file creation
[ GLSA 200804-12 ] gnome-screensaver: Privilege escalation
[ GLSA 200804-07 ] PECL APC: Buffer Overflow
[ GLSA 200804-05 ] NX: User-assisted execution of arbitrary code
[ GLSA 200803-29 ] ViewVC: Multiple vulnerabilities
[ GLSA 200803-30 ] ssl-cert eclass: Certificate disclosure
[ GLSA 200803-23 ] Website META Language: Insecure temporary file usage
[ GLSA 200803-21 ] Sarg: Remote execution of arbitrary code
[ GLSA 200803-16 ] MPlayer: Multiple buffer overflows
[ GLSA 200803-18 ] Cacti: Multiple vulnerabilities
[ GLSA 200803-15 ] phpMyAdmin: SQL injection vulnerability
[ GLSA 200803-11 ] Vobcopy: Insecure temporary file creation
[ GLSA 200803-09 ] Opera: Multiple vulnerabilities
[ GLSA 200803-07 ] Paramiko: Information disclosure
[ GLSA 200803-06 ] SWORD: Shell command injection
[ GLSA 200803-03 ] Audacity: Insecure temporary file creation
[ GLSA 200802-10 ] Python: PCRE Integer overflow
[Full-disclosure] [ GLSA 200802-05 ] Gnumeric: User-assisted execution of arbitrary code
[ GLSA 200801-21 ] Xdg-Utils: Arbitrary command execution
[ GLSA 200801-17 ] Netkit FTP Server: Denial of Service
[ GLSA 200801-13 ] ngIRCd: Denial of Service
[ GLSA 200801-10 ] TikiWiki: Multiple vulnerabilities
[ GLSA 200801-06 ] Xfce: Multiple vulnerabilities
[Full-disclosure] [ GLSA 200801-01 ] unp: Arbitrary command execution
[Full-disclosure] [ GLSA 200712-15 ] libexif: Multiple vulnerabilities
[ GLSA 200712-12 ] IRC Services: Denial of Service
[ GLSA 200712-11 ] Portage: Information disclosure
[ GLSA 200712-05 ] PEAR::MDB2: Information disclosure
[ GLSA 200712-01 ] Hugin: Insecure temporary file creation
ERRATA: [ GLSA 200711-20 ] Pioneers: Multiple Denials of Service
[ GLSA 200711-33 ] nss_ldap: Information disclosure
[ GLSA 200711-32 ] Feynmf: Insecure temporary file creation
[Full-disclosure] [ GLSA 200711-25 ] MySQL: Denial of Service
[ GLSA 200711-17 ] Ruby on Rails: Multiple vulnerabilities
[ GLSA 200711-11 ] Nagios Plugins: Two buffer overflows
[ GLSA 200710-31 ] Opera: Multiple vulnerabilities
[ GLSA 200710-25 ] MLDonkey: Privilege escalation
[ GLSA 200710-17 ] Balsa: Buffer overflow
[ GLSA 200710-05 ] QGit: Insecure temporary file creation
[ GLSA 200709-04 ] po4a: Insecure temporary file creation
[ GLSA 200708-14 ] NVIDIA drivers: Denial of Service
[ GLSA 200708-11 ] Lighttpd: Multiple vulnerabilities
[ GLSA 200708-10 ] MySQL: Denial of Service and information leakage
[ GLSA 200708-07 ] Xfce Terminal: Remote arbitrary code execution
[ GLSA 200708-02 ] Xvid: Array indexing vulnerabilities
[ GLSA 200707-13 ] Fail2ban: Denial of Service
[ GLSA 200707-10 ] Festival: Privilege elevation
[Full-disclosure] [ GLSA 200707-08 ] NVClock: Insecure file usage
[ GLSA 200707-06 ] XnView: Stack-based buffer overflow
[ GLSA 200707-04 ] GNU C Library: Integer overflow
[Full-disclosure] [ GLSA 200707-01 ] Firebird: Buffer overflow
[Full-disclosure] [ GLSA 200706-05 ] ClamAV: Multiple Denials of Service
[ GLSA 200705-23 ] Sun JDK/JRE: Multiple vulnerabilities
[ GLSA 200704-22 ] BEAST: Denial of Service
[Full-disclosure] [ GLSA 200704-18 ] Courier-IMAP: Remote execution of arbitrary code
[ GLSA 200704-11 ] Vixie Cron: Denial of Service
[ GLSA 200703-20 ] LSAT: Insecure temporary file creation
[ GLSA 200703-11 ] Amarok: User-assisted remote execution of arbitrary code
[ GLSA 200701-28 ] thttpd: Unauthenticated remote file access
[ GLSA 200701-19 ] OpenLDAP: Insecure usage of /tmp during installation
[ GLSA 200611-21 ] Kile: Incorrect backup file permission
[ GLSA 200611-17 ] fvwm: fvwm-menu-directory fvwm command injection
[ GLSA 200611-19 ] ImageMagick: PALM and DCM buffer overflows
[ GLSA 200611-10 ] WordPress: Multiple vulnerabilities
[ GLSA 200611-07 ] GraphicsMagick: PALM and DCM buffer overflows
[Full-disclosure] [ GLSA 200611-05 ] Netkit FTP Server: Privilege escalation
[Full-disclosure] [ GLSA 200609-18 ] Opera: RSA signature forgery
[Full-disclosure] [ GLSA 200608-12 ] x11vnc: Authentication bypass in included LibVNCServer code
[ GLSA 200606-27 ] Mutt: Buffer overflow
[ GLSA 200606-26 ] EnergyMech: Denial of Service
[ GLSA 200606-25 ] Hashcash: Possible heap overflow
[Full-disclosure] [ GLSA 200606-11 ] JPEG library: Denial of Service
[Full-disclosure] [ GLSA 200605-16 ] CherryPy: Directory traversal vulnerability
[Full-disclosure] [ GLSA 200605-07 ] Nagios: Buffer overflow
[Full-disclosure] [ GLSA 200605-05 ] rsync: Potential integer overflow
[ GLSA 200605-02 ] X.Org: Buffer overflow in XRender extension
[ GLSA 200604-02 ] Horde Application Framework: Remote code execution
[ GLSA 200603-25 ] OpenOffice.org: Heap overflow in included libcurl
[ GLSA 200603-23 ] NetHack, Slash'EM, Falcon's Eye: Local privilege escalation
[ GLSA 200603-12 ] zoo: Buffer overflow
[ GLSA 200602-09 ] BomberClone: Remote execution of arbitrary code
[ GLSA 200601-17 ] Xpdf, Poppler, GPdf, libextractor, pdftohtml: Heap overflows
[ GLSA 200601-03 ] HylaFAX: Multiple vulnerabilities
[ GLSA 200601-01 ] pinentry: Local privilege escalation
[ GLSA 200512-18 ] XnView: Privilege escalation
[Full-disclosure] [ GLSA 200512-15 ] rssh: Privilege escalation
[ GLSA 200512-12 ] Mantis: Multiple vulnerabilities
[ GLSA 200511-17 ] FUSE: mtab corruption through fusermount
[Full-disclosure] [ GLSA 200511-19 ] eix: Insecure temporary file creation
[Full-disclosure] [ GLSA 200511-15 ] Smb4k: Local unauthorized file access
[Full-disclosure] [ GLSA 200511-03 ] giflib: Multiple vulnerabilities
[Full-disclosure] [ GLSA 200510-22 ] SELinux PAM: Local password guessing attack
[Full-disclosure] [ GLSA 200510-20 ] Zope: File inclusion through RestructuredText
[ GLSA 200510-14 ] Perl, Qt-UnixODBC, CMake: RUNPATH issues
[ GLSA 200510-13 ] SPE: Insecure file permissions
[ GLSA 200510-03 ] Uim: Privilege escalation vulnerability
[Full-disclosure] [ GLSA 200510-02 ] Berkeley MPEG Tools: Multiple insecure temporary files
[ GLSA 200509-13 ] Clam AntiVirus: Multiple vulnerabilities
[Full-disclosure] [ GLSA 200509-09 ] Py2Play: Remote execution of arbitrary Python code
[Full-disclosure] [ GLSA 200509-03 ] OpenTTD: Format string vulnerabilities
[ GLSA 200508-15 ] Apache 2.0: Denial of Service vulnerability
[Full-disclosure] [ GLSA 200508-09 ] bluez-utils: Bluetooth device name validation vulnerability
[Full-disclosure] [ GLSA 200508-03 ] nbSMTP: Format string vulnerability
[ GLSA 200507-26 ] GNU Gadu, CenterICQ, Kadu, EKG, libgadu: Remote code execution in Gadu library
[ GLSA 200507-21 ] fetchmail: Buffer Overflow
[ GLSA 200507-22 ] sandbox: Insecure temporary file handling
[Full-disclosure] [ GLSA 200507-13 ] pam_ldap and nss_ldap: Plain text authentication leak
[Full-disclosure] [ GLSA 200507-06 ] TikiWiki: Arbitrary command execution through XML-RPC
UPDATE: [ GLSA 200506-17 ] SpamAssassin 3, Vipul's Razor: Denial of Service vulnerability
[Full-disclosure] [ GLSA 200506-18 ] Tor: Information disclosure
[Full-disclosure] [ GLSA 200506-17 ] SpamAssassin 3, Vipul's Razor: Denial of Service vulnerability
[Full-disclosure] [ GLSA 200506-14 ] Sun and Blackdown Java: Applet privilege escalation
[Full-disclosure] [ GLSA 200506-13 ] webapp-config: Insecure temporary file handling
[ GLSA 200506-08 ] GNU shtool, ocaml-mysql: Insecure temporary file creation
[ GLSA 200506-06 ] libextractor: Multiple overflow vulnerabilities
[Full-disclosure] [ GLSA 200506-05 ] SilverCity: Insecure file permissions
[Full-disclosure] [ GLSA 200505-17 ] Qpopper: Multiple Vulnerabilities
[Full-disclosure] [ GLSA 200505-15 ] gdb: Multiple vulnerabilities
[Full-disclosure] [ GLSA 200505-13 ] FreeRADIUS: Buffer overflow and SQL injection vulnerability
[ GLSA 200505-08 ] HT Editor: Multiple buffer overflows
[Full-disclosure] [ GLSA 200505-02 ] Oops!: Remote code execution
[Full-disclosure] [ GLSA 200504-30 ] phpMyAdmin: Insecure SQL script installation
[Full-disclosure] [ GLSA 200504-29 ] Pound: Buffer overflow vulnerability
[ GLSA 200504-25 ] Rootkit Hunter: Insecure temporary file creation
[ GLSA 200504-26 ] Convert-UUlib: Buffer overflow
[ GLSA 200504-14 ] monkeyd: Multiple vulnerabilities
[ GLSA 200504-11 ] JunkBuster: Multiple vulnerabilities
[ GLSA 200504-09 ] Axel: Vulnerability in HTTP redirection handling
[Full-disclosure] [ GLSA 200504-07 ] GnomeVFS, libcdaudio: CDDB response overflow
[ GLSA 200503-35 ] Smarty: Template vulnerability
[Full-disclosure] [ GLSA 200503-34 ] mpg321: Format string vulnerability
[ GLSA 200503-27 ] Xzabite dyndnsupdate: Multiple vulnerabilities
[ GLSA 200503-23 ] rxvt-unicode: Buffer overflow
[ GLSA 200503-26 ] Sylpheed, Sylpheed-claws: Message reply overflow
[Full-Disclosure] [ GLSA 200503-12 ] Hashcash: Format string vulnerability
[Full-disclosure] [ GLSA 200503-13 ] mlterm: Integer overflow vulnerability
[Full-Disclosure] [ GLSA 200503-05 ] xli, xloadimage: Multiple vulnerabilities
[ GLSA 200502-30 ] cmd5checkpw: Local password leak vulnerability
[ GLSA 200502-29 ] Cyrus IMAP Server: Multiple overflow vulnerabilities
[ GLSA 200502-26 ] GProFTPD: gprostats format string vulnerability
[ GLSA 200502-27 ] gFTP: Directory traversal vulnerability
[Full-Disclosure] [gentoo-announce] [ GLSA 200502-22 ] wpa_supplicant: Buffer overflow vulnerability
[Full-Disclosure] [ GLSA 200502-21 ] lighttpd: Script source disclosure
[Full-Disclosure] [ GLSA 200502-18 ] VMware Workstation: Untrusted library search path
[Full-Disclosure] [ GLSA 200502-16 ] ht://Dig: Cross-site scripting vulnerability
[ GLSA 200501-46 ] ClamAV: Multiple issues
[ GLSA 200501-40 ] ngIRCd: Buffer overflow
[ GLSA 200501-31 ] teTeX, pTeX, CSTeX: Multiple vulnerabilities
[ GLSA 200501-35 ] Evolution: Integer overflow in camel-lock-helper
[ GLSA 200501-22 ] poppassd_pam: Unauthorized password changing
[Full-Disclosure] [gentoo-announce] [ GLSA 200501-11 ] Dillo: Format string vulnerability
[ GLSA 200412-10 ] Vim, gVim: Vulnerable options in modelines
[Full-Disclosure] [ GLSA 200412-02 ] PDFlib: Multiple overflows in the included TIFF library
[Full-Disclosure] [ GLSA 200411-33 ] TWiki: Arbitrary command execution
[ GLSA 200411-26 ] GIMPS, SETI@home, ChessBrain: Insecure installation
[ GLSA 200411-19 ] Pavuk: Multiple buffer overflows
[ GLSA 200411-17 ] mtink: Insecure tempfile handling
[ GLSA 200411-13 ] Portage, Gentoolkit: Temporary file vulnerabilities
[ GLSA 200411-04 ] Speedtouch USB driver: Privilege escalation vulnerability
[Full-Disclosure] [ GLSA 200411-07 ] Proxytunnel: Format string vulnerability
[ GLSA 200411-02 ] Cherokee: Format string vulnerability
[Full-Disclosure] [ GLSA 200410-26 ] socat: Format string vulnerability
[Full-Disclosure] [ GLSA 200410-13 ] BNC: Input validation flaw
[ GLSA 200410-11 ] tiff: Buffer overflows in image decoding
[ GLSA 200410-05 ] Cyrus-SASL: Buffer overflow and SASL_PATH vulnerabilities
[ GLSA 200409-29 ] FreeRADIUS: Multiple Denial of Service vulnerabilities
[Full-Disclosure] [ GLSA 200409-11 ] star: Suid root vulnerability
[ GLSA 200409-10 ] multi-gnome-terminal: Information leak
[ GLSA 200409-08 ] Ruby: CGI::Session creates files insecurely
[ GLSA 200408-24 ] Linux Kernel: Multiple information leaks
[ GLSA 200408-23 ] kdelibs: Cross-domain cookie injection vulnerability
[ GLSA 200408-22 ] Mozilla, Firefox, Thunderbird: New releases fix vulnerabilities
[ GLSA 200408-16 ] glibc: Information leak with LD_DEBUG
[ GLSA 200408-18 ] xine-lib: VCD MRL buffer overflow
[ GLSA 200408-11 ] Nessus: "adduser" race condition vulnerability
[ GLSA 200408-09 ] Roundup filesystem access vulnerability
[ GLSA 200408-06 ] SpamAssassin: Denial of Service vulnerability
[ GLSA 200407-19 ] Pavuk: Digest authentication helper buffer overflow
[ GLSA 200407-08 ] Ethereal: Multiple security problems
[ GLSA 200407-07 ] Shorewall : Insecure temp file handling
[ GLSA 200407-05 ] XFree86, X.org: XDM ignores requestPort setting
[ GLSA 200407-01 ] Esearch: Insecure temp file handling
[Full-Disclosure] [ GLSA 200406-22 ] Pavuk: Remote buffer overflow
[ GLSA 200406-20 ] FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling
[ GLSA 200406-19 ] giFT-FastTrack: remote denial of service attack
[ GLSA 200406-18 ] gzip: Insecure creation of temporary files
[ GLSA 200406-17 ] IPsec-Tools: authentication bug in racoon
[ GLSA 200406-10 ] Gallery: Privilege escalation vulnerability
[Full-Disclosure] [ GLSA 200406-07 ] Subversion: Remote heap overflow
[ GLSA 200405-18 ] Buffer Overflow in Firebird
[ GLSA 200405-16 ] Multiple XSS Vulnerabilities in SquirrelMail
[Full-Disclosure] [ GLSA 200405-17 ] Multiple vulnerabilities in metamail
[ GLSA 200405-04 ] OpenOffice.org vulnerability when using DAV servers
[ GLSA 200404-15 ] XChat 2.0.x SOCKS5 Vulnerability
[ GLSA 200404-12 ] Scorched 3D server chat box format string vulnerability
[ GLSA 200404-07 ] ClamAV RAR Archive Remote Denial Of Service Vulnerability
[ GLSA 200403-08 ] oftpd DoS vulnerability
GLSA 200403-06: Multiple remote buffer overflow vulnerabilities in Courier
[ GLSA 200402-04 ] Gallery <= 1.4.1 and below remote exploit vulnerability
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6b) Gecko/20040101
[Full-Disclosure] GLSA: vpopmail (200310-01)
GLSA: teapop (200309-18)
GLSA: ethereal (200303-10)
GLSA: kgpg