[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

The ACL plugin in dovecot prior to version 1.1.4 treated negative access rights as though they were positive access rights, which allowed attackers to bypass intended access restrictions . The ACL plugin in dovecot prior to version 1.1.6 allowed attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes . In addition, two bugs were ...

A vulnerability has been identified in sudo which allowed - depending on the sudoers rules - a sudo-user to execute arbitrary shell commands as root . The updated packages have been patched to prevent this.

A vulnerability has been identified and corrected in net-snmp: The netsnmp_udp_fmtaddr function in net-snmp 5.0.9 through 5.4.2, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to source/destination IP address confusion. The updated packages have bee ...

A vulnerability was found in xdg-open and xdg-email commands, which allows remote attackers to execute arbitrary commands if the user is tricked into trying to open a maliciously crafted URL. The updated packages have been patched to prevent the issue.

A programming flaw was found in Pulseaudio versions older than 0.9.9, by which a local user can gain root access, if pulseaudio is installed as a setuid to root binary, which is the recommended configuration. The updated packages fix this issue.

An out-of-bounds reading flaw in the JBIG2 decoder allows remote attackers to cause a denial of service via a crafted PDF file . Multiple input validation flaws in the JBIG2 decoder allows remote attackers to execute arbitrary code via a crafted PDF file . An integer overflow in the JBIG2 decoder allows remote attackers to execute arbitrary code via a crafted PDF file . A free of invalid data fla ...

Multiple vulnerabilities has been discovered and fixed in tetex: Buffer overflow in BibTeX 0.99 allows context-dependent attackers to cause a denial of service via a long .bib bibliography file . Integer overflow in the ObjectStream::ObjectStream function in XRef.cc in Xpdf 3.x before 3.02pl4 and Poppler before 0.12.1, as used in GPdf, kdegraphics KPDF, CUPS pdftops, and teTeX, might allow remote ...

Security vulnerabilities have been discovered and corrected in CUPS. CUPS before 1.3.8 allows local users, and possibly remote attackers, to cause a denial of service by adding a large number of RSS Subscriptions, which triggers a NULL pointer dereference . The web interface in CUPS before 1.3.8 uses the guest username when a user is not logged on to the web server, which makes it easier for rem ...

A vulnerability has been discovered in CUPS shipped with Mandriva Linux which allows local users to overwrite arbitrary files via a symlink attack on the /tmp/pdf.log temporary file . The updated packages have been patched to prevent this.

Two integer overflow flaws were found in the CUPS pdftops filter. An attacker could create a malicious PDF file that would cause pdftops to crash or, potentially, execute arbitrary code as the lp user if the file was printed. This update corrects the problem.


Pages:      Start    12    13    14    15    16    17    18    19    20    21    22    23    24    25    ..   182

© SecPod Technologies