Sorties

frugalware-0.8 (Kalgan)
Mar 11, 2008

frugalware-0.7 (Sayshell)
Oct 13, 2007

frugalware-0.6 (Terminus)
Mar 22, 2007

frugalware-0.5 (Siwenna)
Sep 14, 2006

frugalware-0.4 (Wanda)
Mar 30, 2006

frugalware-0.3 (Trantor)
Oct 13, 2005

frugalware-0.2 (Aurora)
Apr 28, 2005

frugalware-0.1 (Genesis)
Nov 02, 2004

RSS

Dons

Fait une donation pour aider à nos efforts de développement.

Mises à jours récentes
devel-extra/fwsetup
0.9.1-1-i686
devel-extra/fwsetup
0.9.1-1-x86_64
xorg-drivers/
 xf86-video-ati
6.8.0-2-i686
xorg-drivers/
 xf86-video-ati
6.8.0-2-x86_64
base/rp-pppoe
3.10-2-x86_64
base/rp-pppoe
3.10-2-i686
core/frugalware
0.9pre2-1-i686
core/frugalware
0.9pre2-1-x86_64
gnome-extra/
 monodevelop
0.18.1-3kalgan3-x86_64
xapps/firefox
2.0.0.15-1kalgan1-x86_64

RSS
Langues
Changer de langue | Changer de langue | Changer de langue | Changer de langue | Changer de langue | Changer de langue | Changer de langue
Information
Go Frugalware, Go
Valid XHTML 1.0!
Valid CSS!
Valid RSS!
Informations serveur
Temps de fonctionnement:
65 jour(s) 23 h 46 m 25 s
Annonces de Sécurité Frugalware (FSAs)
Ceci est la liste des annonces de sécurité qui ont été faites pour la version stable actuelle de Frugalware
FSA485 - courier-authlib
Paquet:courier-authlib
Date:2008-07-02
Version vulnérable:0.60.2-1
Version non affectée:0.60.6-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3180
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2667
Description:A vulnerability has been reported in the Courier Authentication Library, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via e.g. the username to the library is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and e.g. potentially bypass authentication. Successful exploitation requires that a MySQL database is used for authentication and that a Non-Latin character set is selected.
FSA484 - xorg-server
Paquet:xorg-server
Date:2008-07-02
Version vulnérable:1.4.0.90-5
Version non affectée:1.4.0.90-6kalgan2
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3175
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2361 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2362
Description:Some vulnerabilities have been reported in X.org X11, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges. 1) An integer overflow error when calculating the size of the glyph exists in the "AllocateGlyph()" function within the Render extension. This can be exploited to cause a heap-based buffer overflow via a specially crafted request. 2) An integer overflow error when calculating the size of the glyph in the "ProcRenderCreateCursor()" function within the Render extension can be exploited to crash the X server via a specially crafted request. 3) An integer overflow error exists in the Render extension when parsing client requests for the "SProcRenderCreateLinearGradient", "SProcRenderCreateRadialGradient", or "SProcRenderCreateConicalGradient" functions and can be exploited to corrupt heap memory. 4) Multiple input validation errors in the "SProcSecurityGenerateAuthorization()", "SProcRecordCreateContext()", and "SProcRecordRegisterClients()" functions within the Record and Security extensions can be exploited to corrupt heap memory via specially crafted requests. Successful exploitation of vulnerabilities #1, #3, and #4 may allow execution of arbitrary code with privileges of the X server (typically root). 5) An integer overflow error when processing parameters to the "ShmPutImage()" request can be exploited to disclose arbitrary memory of the X server process.
FSA483 - apache
Paquet:apache
Date:2008-07-02
Version vulnérable:2.2.8-1
Version non affectée:2.2.8-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3177
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
Description:A vulnerability has been reported in the Apache mod_proxy module, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "ap_proxy_http_process_response()" function when forwarding interim responses. This can be exploited to consume large amounts of memory by tricking mod_proxy into sending an overly large number of interim responses to the client.
FSA482 - net-snmp
Paquet:net-snmp
Date:2008-06-26
Version vulnérable:5.4.1-4kalgan1
Version non affectée:5.4.1-4kalgan2
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3142
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960
Description:A vulnerability has been reported in Net-SNMP, which can be exploited by malicious people to spoof authenticated SNMPv3 packets. The vulnerability is caused due to an error within the verification of the HMAC digest. This can be exploited to increase the chance of successfully spoofing a packet to 1 in 256 by sending a specially crafted SNMPv3 packet with an incomplete 1 byte HMAC digest. Successful exploitation requires a valid username.
FSA481 - horde-webmail
Paquet:horde-webmail
Date:2008-06-26
Version vulnérable:1.1-1kalgan1
Version non affectée:1.1.1-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3167
CVEs:There is no CVE for this issue, see http://lists.horde.org/archives/announce/2008/000420.html.
Description:Some vulnerabilities have been reported in various Horde products, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed to item names is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed. Successful exploitation requires valid user credentials. 2) Input passed to contact views is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed. Successful exploitation requires valid user credentials. 3) Input passed to unspecified input is not properly sanitised before being returned to the user in the add event screen. This can be exploited to execute arbitrary HTML and script code in a user's browser session in contact of an affected site.
FSA480 - exiv2
Paquet:exiv2
Date:2008-06-26
Version vulnérable:0.16-1
Version non affectée:0.16-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3135
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2696
Description:A vulnerability has been reported in Exiv2, which potentially can be exploited by malicious people to crash an application using the library. The vulnerability is caused due to a floating point exception within the pretty printing functionality when processing certain Nicon camera lens information. This can be exploited to crash an application linked against the Exiv2 library when a image containing specially-crafted metadata is processed.
FSA479 - kernel
Paquet:kernel
Date:2008-06-24
Version vulnérable:2.6.24-4kalgan2
Version non affectée:2.6.24-4kalgan3
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3140
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1673
Description:A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to an error within the ASN.1 BER decoder of the cifs and ip_nat_snmp_basic modules when calculating the buffer size. This can be exploited to cause a crash or potentially execute arbitrary code by sending specially crafted BER encoded data to a vulnerable system.
FSA478 - xdvik
Paquet:xdvik
Date:2008-06-13
Version vulnérable:22.84.12-1
Version non affectée:22.84.14-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3127
CVEs:There is no CVE for this issue, see http://xdvi.sourceforge.net/releases.html#22.84.14
Description:A security issue has been reported in xdvik, which can be exploited by malicious, local users. The vulnerability is caused by creating predictably named temporary files by using mktemp.
FSA477 - graphicsmagick
Paquet:graphicsmagick
Date:2008-06-13
Version vulnérable:1.1.12-1kalgan1
Version non affectée:1.1.14-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3137
CVEs:There is no CVE for this issue, see: http://sourceforge.net/project/shownotes.php?release_id=604785 http://sourceforge.net/project/shownotes.php?release_id=604837
Description:Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. 1) Two boundary errors exist within the "ReadPALMImage()" function in coders/palm.c. These can be exploited to cause a heap-based buffer underflow via a specially crafted PALM image. 2) A boundary error exists within the "DecodeImage()" function in coders/pict.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted PICT image. 3) Multiple unspecified errors within the processing of XCF, DPX, and CINEON images can be exploited to crash the application. Successful exploitation may allow execution of arbitrary code.
FSA476 - asterisk-addons
Paquet:asterisk-addons
Date:2008-06-13
Version vulnérable:1.4.4-1
Version non affectée:1.4.7-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3136
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2543
Description:A vulnerability has been reported in Asterisk Addons, which can be exploited by malicious people to cause a DoS (Denial of Service). The problem is that the "ooh323" channel driver extracts memory addresses from incoming TCP packets and uses them in memory operations. This can be exploited to crash an affected application by sending a TCP packet containing invalid memory references.
FSA475 - samba
Paquet:samba
Date:2008-06-13
Version vulnérable:3.0.28-1
Version non affectée:3.0.30-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3115
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105
Description:Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "receive_smb_raw()" function in lib/util_sock.c when parsing SMB packets. This can be exploited to cause a heap-based buffer overflow via an overly large SMB packet received in a client context. Successful exploitation allows execution of arbitrary code by tricking a user into connecting to a malicious server (e.g. by clicking an "smb://" link) or by sending specially crafted packets to an "nmbd" server configured as a local or domain master browser.
FSA474 - blender
Paquet:blender
Date:2008-06-13
Version vulnérable:2.45-1
Version non affectée:2.45-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3039
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1102
Description:Secunia Research has discovered a vulnerability in Blender, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "imb_loadhdr()" function in source/blender/imbuf/intern/radiance_hdr.c, which can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted Blender (*.blend) file containing a malicious Radiance RGBE image. Successful exploitation allows execution of arbitrary code.
FSA473 - libvorbis
Paquet:libvorbis
Date:2008-06-13
Version vulnérable:1.2.0-1
Version non affectée:1.2.0-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3093
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423
Description:Some vulnerabilities have been reported in libvorbis, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise an application using the library. 1) An input validation error can be exploited to crash an application, cause an infinite loop, or to cause a heap overflow via a specially crafted OGG file containing a codebook dimension of "0". 2) An integer overflow error in the processing of residue partition values can be exploited to cause a heap-based buffer overflow via a specially crafted OGG file. 3) An integer overflow error exists in the computation of "quantvals" and of required space for "quantlist". This can be exploited to cause a heap-based buffer overflow via a specially crafted OGG file. Successful exploitation may allow execution of arbitrary code.
FSA472 - emacs
Paquet:emacs
Date:2008-06-13
Version vulnérable:22.1-3kalgan1
Version non affectée:22.1-3kalgan2
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3086
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142
Description:Morten Welinder has reported a vulnerability in GNU Emacs, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the processing of fast-lock files (.flc) for corresponding source files. This can be exploited to execute arbitrary Emacs Lisp code when e.g. a source file is opened and a specially crafted fast-lock file exists in the same directory. Successful exploitation requires that "font-lock-support-mode" is set to "fast-lock-mode".
FSA471 - stunnel
Paquet:stunnel
Date:2008-06-13
Version vulnérable:4.21-1
Version non affectée:4.24-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3122
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2420
Description:A security issue has been reported in Stunnel, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to an unspecified error in the OCSP functionality and can lead to a revoked certificate being successfully authenticated.
FSA470 - imlib2
Paquet:imlib2
Date:2008-06-13
Version vulnérable:1.4.0-1
Version non affectée:1.4.0-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3124
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2426
Description:Secunia Research has discovered two vulnerabilities in imlib2, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library. 1) A boundary error exists within the "load()" function in src/modules/loaders/loader_pnm.c when processing the header of a PNM image file. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted PNM image in an application using the imlib2 library. Successful exploitation allows execution of arbitrary code. 2) A boundary error exists within the "load()" function in src/modules/loader_xpm.c when processing an XPM image file. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted XPM image in an application using the imlib2 library. Successful exploitation may allow execution of arbitrary code.
FSA469 - mrxvt
Paquet:mrxvt
Date:2008-06-13
Version vulnérable:0.5.3-1
Version non affectée:0.5.3-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3090
CVEs:There is no CVE for this issue.
Description:A security issue has been reported in mrxvt, which can be exploited by malicious, local users to gain escalated privileges. For more information, see FSA466.
FSA468 - rxvt-unicode
Paquet:rxvt-unicode
Date:2008-06-13
Version vulnérable:9.02-1
Version non affectée:9.02-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3089
CVEs:There is no CVE for this issue.
Description:A security issue has been reported in rxvt-unicode, which can be exploited by malicious, local users to gain escalated privileges. For more information, see FSA466.
FSA467 - aterm
Paquet:aterm
Date:2008-06-13
Version vulnérable:1.0.1-1
Version non affectée:1.0.1-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3088
CVEs:There is no CVE for this issue.
Description:A security issue has been reported in aterm, which can be exploited by malicious, local users to gain escalated privileges. For more information, see FSA466.
FSA466 - rxvt
Paquet:rxvt
Date:2008-06-13
Version vulnérable:2.6.4-2
Version non affectée:2.7.10-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2925
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142
Description:Bernhard R. Link has reported a security issue in rxvt, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the program using ":0" as it's X11 display if the DISPLAY environment variable is missing. This can be exploited to execute arbitrary commands with the privileges of the user running rxvt via a malicious X server.
FSA465 - net-snmp
Paquet:net-snmp
Date:2008-06-10
Version vulnérable:5.4.1-3
Version non affectée:5.4.1-4kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3092
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292
Description:A vulnerability has been reported in Net-snmp, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "__snprint_value()" function in perl/SNMP/SNMP.xs. This can be exploited to cause a buffer overflow in an application using the Net-snmp Perl module by tricking the user into connecting to a malicious SNMP agent.
FSA464 - horde-webmail
Paquet:horde-webmail
Date:2008-06-06
Version vulnérable:1.0.6-1kalgan1
Version non affectée:1.1-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3120
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018
Description:Secunia Research has discovered a vulnerability in IMP Webmail Client and Horde Groupware Webmail Edition, which can be exploited by malicious people to bypass certain security restrictions and manipulate data. The HTML filter does not filter out frame and frameset HTML elements. Additionally, the application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to (a) delete an arbitrary number of e-mail messages by referencing their numeric IDs and (b) purge deleted mails, when the victim opens a malicious HTML mail. Successful exploitation requires that the victim opens the HTML part of a malicious message.
FSA463 - openssl
Paquet:openssl
Date:2008-06-06
Version vulnérable:0.9.8-11
Version non affectée:0.9.8-12kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3114
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672
Description:Two vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) A double-free error in the handling of server name extension data if "server_name" set to 0x00 can be exploited to crash a server application using OpenSSL by sending a specially crafted TLS 1.0 Client Hello packet. Successful exploitation requires that OpenSSL is compiled using the TLS server name extensions. 2) A NULL pointer dereference error can be exploited by a malicious server to crash a client application when the "Server Key exchange message" is omitted from a TLS handshake and anonymous Diffie-Hellman key exchange is used.
FSA462 - libxslt
Paquet:libxslt
Date:2008-05-26
Version vulnérable:1.1.22-2kalgan1
Version non affectée:1.1.22-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3104
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767
Description:A vulnerability has been reported in libxslt, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system. The vulnerability is caused due to an error in the handling of XSL style-sheet files. This can potentially be exploited to trigger the use of uninitialized memory in e.g. a call to "free()" when a specially crafted XSL file is being processed by an application using the library. Successful exploitation may allow execution of arbitrary code.
FSA461 - mysql
Paquet:mysql
Date:2008-05-26
Version vulnérable:5.0.51-2
Version non affectée:5.0.51-3kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3075
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079
Description:A security issue has been reported in MySQL, which can be exploited by malicious, local users to bypass certain security restrictions. The problem is that it is possible to bypass certain privilege checks by creating a MyISAM table with certain DATA DIRECTORY and INDEX DIRECTORY options to overwrite existing table files in the MySQL data directory.
FSA460 - seamonkey
Paquet:seamonkey
Date:2008-05-26
Version vulnérable:1.1.9-1kalgan1
Version non affectée:1.1.9-1kalgan2
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3021
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1380
Description:A vulnerability has been reported in Mozilla SeaMonkey, which can potentially be exploited by malicious people to compromise a user's system. For more information, see FSA431.
FSA459 - django
Paquet:django
Date:2008-05-26
Version vulnérable:0.96.1-1
Version non affectée:0.96.2-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3084
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2302
Description:A vulnerability has been reported in Django, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL is not properly sanitised before being returned to the user through the login form. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
FSA458 - asterisk
Paquet:asterisk
Date:2008-05-26
Version vulnérable:1.4.17-1
Version non affectée:1.4.19.2-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3077
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1897 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1923
Description:A vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to improper verification of ACK responses during IAX2 handshakes, which can be exploited to spoof an IAX2 handshake and cause a DoS via high bandwidth usage.
FSA457 - kvm
Paquet:kvm
Date:2008-05-25
Version vulnérable:61-2
Version non affectée:61-3kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3044
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004
Description:A vulnerability has been reported in KVM, which can be exploited by malicious, local users to bypass certain security restrictions or cause a DoS (Denial of Service). The error can be exploited by a guest to read arbitrary files on the host via a specially crafted disk header. For more information, see FSA455.
FSA456 - xemacs
Paquet:xemacs
Date:2008-05-25
Version vulnérable:21.4.21-1
Version non affectée:21.4.21-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3041
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694
Description:Some security issues have been reported in XEmacs, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issues are caused due to the use of vulnerable GNU Emacs code. For more information, see FSA423.
FSA455 - qemu
Paquet:qemu
Date:2008-05-25
Version vulnérable:0.9.1-2
Version non affectée:0.9.1-3kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3043
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004
Description:A vulnerability has been reported in QEMU, which can be exploited by malicious, local users to bypass certain security restrictions. The vulnerability is caused due to the "drive_init()" function in vl.c determining the format of a disk from data contained in the disk's header. This can be exploited by a malicious user in a guest system to e.g. read arbitrary files on the host by writing a fake header to a raw formatted disk image.
FSA454 - chicken
Paquet:chicken
Date:2008-05-25
Version vulnérable:2.732-1
Version non affectée:3.1.10-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3091
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674
Description:A vulnerability been reported in Chicken, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerabilities are caused due to the use of a vulnerable version of the PCRE library.
FSA453 - gnutls
Paquet:gnutls
Date:2008-05-25
Version vulnérable:2.2.0-1
Version non affectée:2.2.5-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3100
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950
Description:Some vulnerabilities have been reported in GnuTLS, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library. 1) A boundary error exists in the processing "Client Hello" messages containing a "Server Name" extension. This can be exploited to cause a heap-based buffer overflow via a specially crafted TLS packet. Successful exploitation may allow execution of arbitrary code. 2) A NULL-pointer dereference error in the processing of TLS packets containing multiple "Client Hello" messages can be exploited to crash an affected application. 3) A signedness error exists within the "_gnutls_ciphertext2compressed()" function in lib/gnutls_cipher.c. This can be exploited to cause an out of bounds read and crash an affected application via specially crafted, encrypted TLS data.
FSA452 - graphicsmagick
Paquet:graphicsmagick
Date:2008-05-20
Version vulnérable:1.1.11-1
Version non affectée:1.1.12-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3076
CVEs:There is no CVE for this issue, see http://sourceforge.net/project/shownotes.php?release_id=595544
Description:A security issue has been reported in GraphicsMagick, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the improper processing of file extensions and can be exploited to e.g. access X11 or to invoke certain delegate programs. Successful exploitation requires that a user is tricked into processing a malicious file with a specific file extension.
FSA451 - audacity
Paquet:audacity
Date:2008-05-20
Version vulnérable:1.3.3-2
Version non affectée:1.3.5-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3080
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6061
Description:Viktor Griph has reported a security issue in Audacity, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to delete arbitrary files and directories. The security issue is caused due to the "AudacityApp::OnInit()" method in src/AudacityApp.cpp handling temporary files in an insecure manner. This can be exploited to delete arbitrary files and directories via symlink attacks, or to cause a deadlock.
FSA450 - pngcrush
Paquet:pngcrush
Date:2008-05-20
Version vulnérable:1.6.4-1
Version non affectée:1.6.5-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3079
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
Description:A vulnerability has been reported in Pngcrush, which can be exploited by malicious people to disclose potentially sensitive information or potentially compromise a user's system. The vulnerability is caused due to the use of vulnerable libpng code. For more information, see FSA434.
FSA449 - rdesktop
Paquet:rdesktop
Date:2008-05-20
Version vulnérable:1.5.0-2
Version non affectée:1.6.0-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3078
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1803
Description:Some vulnerabilities have been reported in rdesktop, which can be exploited by malicious people to compromise a user's system. 1) An integer underflow error in iso.c when processing RDP requests can be exploited to cause a heap-based buffer overflow. 2) An input validation error in rdp.c when processing RDP redirect requests can be exploited to cause a BSS-based buffer overflow. 3) A signedness error within "xrealloc()" in rdesktop.c can be exploited to cause a heap-based buffer overflow. Successful exploitation allows execution of arbitrary code but requires that a user is tricked into connecting to a malicious RDP server.
FSA448 - php
Paquet:php
Date:2008-05-20
Version vulnérable:5.2.5-2
Version non affectée:5.2.6-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3074
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2108
Description:Some vulnerabilities have been reported in PHP, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions, and potentially by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. 1) An unspecified error in the FastCGI SAPI can be exploited to cause a stack-based buffer overflow. 2) An error in the processing of multibyte characters within the "escapeshellcmd()" and "escapeshellarg()" functions can be exploited to escape the inserted backslash or quote characters via certain multibyte characters. Successful exploitation allows to bypass the "safe_mode_exec_dir" and "disable_functions" directives, and potentially to inject arbitrary shell commands via user controlled input, but requires that the shell uses a locale with a variable width character (e.g. GBK, EUC-KR, SJIS). 3) A vulnerability is caused due to an error during path translation in cgi_main.c. This can potentially be exploited to execute arbitrary code, but depends on how a targeted application is using PHP. 4) An error in cURL can be exploited to bypass the "safe_mode" directive. 5) A boundary error in PCRE can potentially be exploited by malicious people to cause a DoS or compromise a vulnerable system.
FSA447 - eterm
Paquet:eterm
Date:2008-05-15
Version vulnérable:0.9.4-2
Version non affectée:0.9.4-3kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2918
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692
Description:A security issue has been reported in Eterm, which can be exploited by malicious, local users to gain escalated privileges. Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.
FSA446 - kdelibs
Paquet:kdelibs
Date:2008-05-15
Version vulnérable:3.5.9-1
Version non affectée:3.5.9-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3047
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1671
Description:A vulnerability has been reported in KDE, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges. The vulnerability is caused due to an error in the start_kdeinit script (installed setuid root by default). This can be exploited to send signals to privileged processes, cause a DoS, or potentially execute arbitrary code in the context of the target process.
FSA445 - kernel
Paquet:kernel
Date:2008-05-15
Version vulnérable:2.6.24-4kalgan1
Version non affectée:2.6.24-4kalgan2
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3060
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1669
Description:A vulnerability has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error when preventing race conditions between "fcntl_setlk()" and "close()" calls on SMP systems. This can be exploited to trigger the improper, reordered access to the file descriptor table and the "file_lock" structure of an inode, between threads running on different CPUs.
FSA444 - thunderbird
Paquet:thunderbird
Date:2008-05-15
Version vulnérable:2.0.0.12-1
Version non affectée:2.0.0.14-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2906
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1233 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1234 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1235 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1236 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1237
Description:Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or potentially compromise a user's system. For more information, see FSA407.
FSA443 - util-linux-ng
Paquet:util-linux-ng
Date:2008-05-15
Version vulnérable:2.13.1-1
Version non affectée:2.13.1-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3046
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1926
Description:A weakness has been reported in util-linux-ng, which can be exploited by malicious people to manipulate certain data. The security issue is caused due to an error in login.c while logging login attempts. This can be exploited to inject e.g. an arbitrary address in the audit logs via a specially crafted username.
FSA442 - wordpress
Paquet:wordpress
Date:2008-05-15
Version vulnérable:2.3.3-2kalgan1
Version non affectée:2.5.1-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3048
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1930 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2068
Description:Two vulnerabilities have been reported in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and to compromise a vulnerable system. 1) A vulnerability is caused due to improper access restriction of the administration section. This can be exploited to bypass the authentication mechanism and gain administrative access by setting a specially crafted cookie. This can further be exploited to execute arbitrary PHP code. Successful exploitation of this vulnerability requires that registering new accounts is enabled. The vulnerability is reported in version 2.5. 2) Input passed to an unspecified parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
FSA441 - kernel
Paquet:kernel
Date:2008-05-05
Version vulnérable:2.6.24-3
Version non affectée:2.6.24-4kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3050
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375
Description:A vulnerability has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges. A race condition error exists in the dnotify subsystem between calls to "fcntl()" and "close()". This can be exploited to cause a system crash or potentially gain root privileges.
FSA440 - frugalwareutils
Paquet:frugalwareutils
Date:2008-05-05
Version vulnérable:0.7.9-1
Version non affectée:0.7.9-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3052
CVEs:There is no CVE for this issue.
Description:A vulnerability has been reported in frugalwareutils, which can potentially be exploited by malicious people to cause a DoS on a vulnerable system. The vulnerability is caused due to creating new files as root without checking the current value of umask. Successful exploitation may allow execution of arbitrary code.
FSA439 - vorbis-tools
Paquet:vorbis-tools
Date:2008-05-05
Version vulnérable:1.1.1-3
Version non affectée:1.1.1-4kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3032
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
Description:A vulnerability has been reported in vorbis-tools, which can potentially be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the use of vulnerable libfishsound; an input validation error when processing Speex headers, which can be exploited via a specially crafted Speex stream containing a negative "modeID" field in the header. Successful exploitation may allow execution of arbitrary code.
FSA438 - xine-lib
Paquet:xine-lib
Date:2008-05-05
Version vulnérable:1.1.11-1kalgan2
Version non affectée:1.1.11-1kalgan3
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3027
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1878
Description:Guido Landi has discovered a vulnerability in xine-lib, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "demux_nsf_send_chunk()" function in src/demuxers/demux_nsf.c. This can be exploited to cause a stack-based buffer overflow via an overly long NSF title.
FSA437 - xine-lib
Paquet:xine-lib
Date:2008-05-05
Version vulnérable:1.1.11-1kalgan2
Version non affectée:1.1.11-1kalgan3
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3010
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
Description:A vulnerability has been reported in xine-lib, which can potentially be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the use of vulnerable libfishsound; an input validation error when processing Speex headers, which can be exploited via a specially crafted Speex stream containing a negative "modeID" field in the header. Successful exploitation may allow execution of arbitrary code.
FSA436 - phpmyadmin
Paquet:phpmyadmin
Date:2008-04-25
Version vulnérable:2.11.5.1-1kalgan1
Version non affectée:2.11.5.2-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3035
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1924
Description:A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious users to disclose sensitive information. The vulnerability is caused due to an unspecified error and can be exploited to disclose arbitrary files via a specially crafted HTTP POST request. Successful exploitation requires a certain level of access e.g. on a shared host.
FSA435 - openssh
Paquet:openssh
Date:2008-04-25
Version vulnérable:4.7p1-4kalgan1
Version non affectée:4.7p1-4kalgan2
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2961
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1657
Description:A weakness has been reported in OpenSSH, which can be exploited by malicious, local users to bypass certain security restrictions. The weakness is caused due to the improper implementation of the "ForceCommand" directive. This can be exploited to execute arbitrary commands via the ~/.ssh/rc file even if a "ForceCommand" directive is in effect.
FSA434 - libpng
Paquet:libpng
Date:2008-04-25
Version vulnérable:1.2.24-1
Version non affectée:1.2.24-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3013
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
Description:Tavis Ormandy has reported a vulnerability in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library. The vulnerability is caused due to the improper handling of PNG chunks unknown to the library. This can be exploited to trigger the use of uninitialized memory in e.g. a "free()" call via unknown PNG chunks having a length of zero. Successful exploitation may allow execution of arbitrary code, but requires that the application calls the "png_set_read_user_chunk_fn()" function or the "png_set_keep_unknown_chunks()" function under specific conditions.
FSA433 - cups
Paquet:cups
Date:2008-04-25
Version vulnérable:1.3.6-2kalgan1
Version non affectée:1.3.6-2kalgan2
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3012
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1722
Description:Thomas Pollet has reported a vulnerability in CUPS, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to two integer overflow errors in filter/image-png.c when processing PNG files. These can be exploited to cause a heap-based buffer overflow via overly large width and height PNG fields. Successful exploitation may allow execution of arbitrary code.
FSA432 - clamav
Paquet:clamav
Date:2008-04-25
Version vulnérable:0.92.1-1
Version non affectée:0.93-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3014
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1100 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0314 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1833 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1835 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1836 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1837
Description:Some vulnerabilities have been reported in ClamAV, which can be exploited by malicious people to bypass certain security restrictions, to cause a DoS (Denial of Service), or to compromise a vulnerable system. 1) A boundary error exists within the "cli_scanpe()" function in libclamav/pe.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted "Upack" executable. Successful exploitation allows execution of arbitrary code. 2) A boundary error within the processing of PeSpin packed executables in libclamav/spin.c can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. 3) An unspecified error in the processing of ARJ files can be exploited to hang ClamAV. 4) A boundary error within the processing of WWPack packed PE files in libclamav/pe.c can be exploited to cause a heap corruption. Successful exploitation may allow execution of arbitrary code. 5) An error in the processing of RAR files can be exploited to bypass the scanning mechanism via a RAR file containing an invalid version number. 6) An error exists within the "rfc2231()" function in message.c. This can be exploited to trigger the return of strings that are not NULL terminated and cause a crash. 7) An error in libclamunrar can be exploited to crash the application via specially crafted RAR files.
FSA431 - firefox
Paquet:firefox
Date:2008-04-25
Version vulnérable:2.0.0.13-1kalgan1
Version non affectée:2.0.0.14-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3022
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1380
Description:A vulnerability has been reported in Mozilla Firefox, which can potentially be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the Javascript Garbage Collector and can be exploited to cause a memory corruption via specially crafted Javascript code. Successful exploitation may allow execution of arbitrary code.
FSA430 - sweep
Paquet:sweep
Date:2008-04-25
Version vulnérable:0.9.2-2
Version non affectée:0.9.2-3kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3025
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
Description:A vulnerability has been reported in sweep, which can potentially be exploited by malicious people to compromise a vulnerable system. For more information, see FSA426.
FSA429 - vlc
Paquet:vlc
Date:2008-04-25
Version vulnérable:0.8.6-12kalgan1
Version non affectée:0.8.6-12kalgan2
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3024
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
Description:A vulnerability has been reported in vlc, which can potentially be exploited by malicious people to compromise a vulnerable system. For more information, see FSA426.
FSA428 - sdl_sound
Paquet:sdl_sound
Date:2008-04-25
Version vulnérable:1.0.1-4
Version non affectée:1.0.1-5kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3026
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
Description:A vulnerability has been reported in sdl_sound, which can potentially be exploited by malicious people to compromise a vulnerable system. For more information, see FSA426.
FSA427 - gst-plugins-good
Paquet:gst-plugins-good
Date:2008-04-25
Version vulnérable:0.10.7-1
Version non affectée:0.10.7-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3031
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
Description:A vulnerability has been reported in gst-plugins-good, which can potentially be exploited by malicious people to compromise a vulnerable system. For more information, see FSA426.
FSA426 - speex
Paquet:speex
Date:2008-04-25
Version vulnérable:1.2beta3-1
Version non affectée:1.2beta3-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3023
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
Description:The reference speex decoder from the Speex library is performing insufficient boundary checks on a header structure read from user input. A user controlled field in the header structure is used to build a function pointer. The reference speex decoder does not check for negative values for the field, allowing the function pointer to be pointed at an arbitary position in memory. This allows remote code execution.
FSA425 - mailman
Paquet:mailman
Date:2008-04-25
Version vulnérable:2.1.9-2
Version non affectée:2.1.9-3kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3020
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0564
Description:A vulnerability has been reported in Mailman, which can be exploited by malicious users to conduct script insertion attacks. Certain input when editing the list templates and the list info attribute is not properly sanitised before being stored. This can be exploited to insert arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when the malicious website is accessed. Successful exploitation requires list administrator privileges.
FSA424 - comix
Paquet:comix
Date:2008-04-14
Version vulnérable:3.6.4-1
Version non affectée:3.6.4-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2923
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1568
Description:A vulnerability has been reported in Comix, which can be exploited by malicious people to compromise a user's sytem. The vulnerability is caused due to the improper verification of received filenames when executing the rar, unrar, or jpegtran programs. This can be exploited to execute arbitrary commands via a file containing shell metacharacters within the filename.
FSA423 - emacs
Paquet:emacs
Date:2008-04-14
Version vulnérable:22.1-2
Version non affectée:22.1-3kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/3006
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694
Description:Steve Grubb discovered that vcdiff script as shipped with Emacs uses temporary files insecurely, which makes it possible for local attacker to conduct a symlink attack and make the victim overwrite arbitrary file.
FSA422 - vlc
Paquet:vlc
Date:2008-04-14
Version vulnérable:0.8.6-11
Version non affectée:0.8.6-12kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2904
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1489
Description:Some vulnerabilities have been reported in VLC Media Player, which potentially can be exploited by malicious people to compromise a user's system. 1) An integer overflow error within the "MP4_ReadBox_rdrf()" function in modules/demux/mp4/libmp4.c can be exploited to cause a heap-based buffer overflow via e.g. a MP4 file with a specially crafted RDRF atom. 2) A boundary error within the "sdpplin_parse()" function in modules/access/rtsp/real_sdpplin.c can be exploited to overwrite arbitrary memory regions. 3) Two integer overflow errors within the "cinepak_decode_frame()" function in modules/codec/cinepak.c can be exploited to cause a heap-based buffer overflow. Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
FSA421 - sdlimage
Paquet:sdlimage
Date:2008-04-14
Version vulnérable:1.2.6-1
Version non affectée:1.2.6-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2916
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6697 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0544
Description:Two vulnerabilities have been reported in SDL_image, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. 1) A boundary error within the "LWZReadByte()" function in IMG_gif.c can be exploited to trigger the overflow of a static buffer via a specially crafted GIF file. 2) A boundary error within the "IMG_LoadLBM_RW()" function in IMG_lbm.c can be exploited to cause a heap-based buffer overflow via a specially crafted IFF ILBM file.
FSA420 - flashplugin
Paquet:flashplugin
Date:2008-04-14
Version vulnérable:9.0.115.0-1
Version non affectée:9.0.124.0-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2959
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0071 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5275 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6019 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6243 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6637 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1654 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1655
Description:Some vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or to potentially compromise a user's system. 1) A boundary error exists in the processing of "Declare Function (V7)" tags. This can be exploited to cause a heap-based buffer overflow via specially crafted flags. 2) An integer overflow in the processing of multimedia files can be exploited to cause a buffer overflow. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. 3) Errors when pinning a hostname to an IP address can be exploited to conduct DNS rebinding attacks. 4) An error when sending HTTP headers can be exploited to bypass cross-domain policy files. 5) An error exists in the enforcing of cross-domain policy files. This can be exploited to bypass certain security restrictions on web servers hosting cross-domain policy files. 6) Input passed to unspecified parameters when handling e.g. the "asfunction:" protocol is not properly sanitised before being returned to the user. This can be exploited to inject arbitrary HTML and script code in a user's browser session in context of an affected site.
FSA419 - gnome-screensaver
Paquet:gnome-screensaver
Date:2008-04-14
Version vulnérable:2.20.0-1
Version non affectée:2.20.0-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2931
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0887
Description:A weakness and a security issue have been reported in gnome-screensaver, which can be exploited by malicious people with physical access to disclose potentially sensitive information or bypass certain security restrictions. 1) A weakness is caused due to the "Leave message" feature allowing attackers to e.g. paste the contents of the clipboard of the user who's screen is currently locked, which can be exploited to disclose potentially sensitive information. 2) A security issue is caused due to an error if the NIS authentication method is used. This can be exploited to bypass the authentication check and unlock the screen if the NIS server is not reachable.
FSA418 - mtr
Paquet:mtr
Date:2008-04-14
Version vulnérable:0.72-1
Version non affectée:0.73-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2956
CVEs:There is no CVE for this issue.
Description:David Leadbeater has reported a vulnerability in mtr, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to mtr not properly limiting the length of some buffers.
FSA417 - xine-lib
Paquet:xine-lib
Date:2008-04-14
Posté par:vmiklos
Version vulnérable:1.1.11-1kalgan1
Version non affectée:1.1.11-1kalgan2
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2892
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1482
Description:Luigi Auriemma has reported some vulnerabilities in xine-lib, which potentially can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to integer overflow errors when allocating memory in src/demuxers/demux_flv.c, src/demuxers/demux_qt.c, src/demuxers/demux_real.c, src/demuxers/demux_wc3movie.c, src/demuxers/ebml.c, and src/demuxers/demux_film.c. These can be exploited to cause heap-based buffer overflows via overly large fields included in e.g. FLV, MOV, RM, MVE, MKV, and CAK files.
FSA416 - pdns-recursor
Paquet:pdns-recursor
Date:2008-04-14
Posté par:vmiklos
Version vulnérable:3.1.4-3
Version non affectée:3.1.5-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2924
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1637
Description:Amit Klein has reported a vulnerability in PowerDNS Recursor, which can be exploited by malicious people to poison the DNS cache. The vulnerability is caused due to the application using predictable standard C library functions to generate random numbers (e.g. "rand()" and "srand()"), which are then used to create the transaction ID (TRXID) and UDP source port. This can be exploited to poison the DNS cache by guessing the transaction TRXID and the UDP source port.
FSA415 - m4
Paquet:m4
Date:2008-04-14
Posté par:vmiklos
Version vulnérable:1.4.10-1
Version non affectée:1.4.10-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2963
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1687 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1688
Description:A vulnerability and a security issue have been reported in GNU M4, which can be exploited by malicious people to manipulate certain data or to potentially compromise a user's system. 1) A format string error exists within the "produce_frozen_state()" function in src/freeze.c. This can be exploited via a specially crafted filename passed as a parameter to "m4 -F". Successful exploitation may allow execution of arbitrary code, but requires that the user is tricked into processing a filename containing malicious format specifiers. 2) An error within the implementation of the "maketemp" and "mkstemp" macros can potentially be exploited to trigger the processing of improper files via special characters contained in the output string.
FSA414 - lighttpd
Paquet:lighttpd
Date:2008-04-14
Posté par:vmiklos
Version vulnérable:1.4.19-1kalgan1
Version non affectée:1.4.19-1kalgan2
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2922
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1531
Description:A vulnerability has been reported in lighttpd, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to lighttpd not properly clearing the OpenSSL error queue. This can be exploited to close concurrent SSL connections of lighttpd by terminating one SSL connection.
FSA413 - python
Paquet:python
Date:2008-04-12
Posté par:vmiklos
Version vulnérable:2.5.2-1
Version non affectée:2.5.2-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2954
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1679
Description:David Remahl has discovered a security issue in the imageop module for Python, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The security issue is caused due to an incomplete fix (see FSA295) and can be exploited to cause a heap-based buffer overflow when specially crafted parameters are passed to the function. Successful exploitation may allow execution of arbitrary code.
FSA412 - cups
Paquet:cups
Date:2008-04-12
Posté par:vmiklos
Version vulnérable:1.3.6-1
Version non affectée:1.3.6-2kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2962
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0047 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1373
Description:Some vulnerabilities have been reported in CUPS, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a vulnerable system. 1) A boundary error exists within the "cgiCompileSearch()" function in cgi-bin/search.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted IPP request. Successful exploitation may allow execution of arbitrary code, but requires that the vulnerable system is sharing printers on the network. NOTE: If printer sharing is disabled, the vulnerability can only be exploited by malicious, local users. 2) A boundary error exists within the "gif_read_image()" function in filter/image-gif.c. This can be exploited to cause a buffer overflow via overly large "code_size" values in GIF image files. Successful exploitation may allow execution of arbitrary code.
FSA411 - opera
Paquet:opera
Date:2008-04-12
Posté par:vmiklos
Version vulnérable:9.26-1
Version non affectée:9.27-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2930
CVEs:There is no CVE for this issue, see: http://www.opera.com/support/search/view/881/ http://www.opera.com/support/search/view/882/
Description:Some vulnerabilities have been reported in Opera, which potentially can be exploited by malicious people to compromise a user's system. 1) An error when prompting the user to add a newsfeed can be exploited to cause an invalid memory access via a specially crafted newsfeed source. 2) An error exists in the processing of HTML CANVAS elements. This can be exploited to cause a memory corruption via specially crafted scaled pattern images. Successful exploitation of the vulnerabilities may allow execution of arbitrary code.
FSA410 - gnupg2
Paquet:gnupg2
Date:2008-04-10
Posté par:voroskoi
Version vulnérable:2.0.8-1
Version non affectée:2.0.9-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2905
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1530
Description:A vulnerability has been reported in GnuPG, which can potentially be exploited to compromise a vulnerable system. The vulnerability is caused due to an error when importing keys with duplicated IDs. This can be exploited to cause a memory corruption when importing keys via --refresh-keys or --import. Successful exploitation potentially allows execution of arbitrary code, but has not been proven yet.
FSA409 - gnupg
Paquet:gnupg
Date:2008-04-10
Posté par:voroskoi
Version vulnérable:1.4.8-1
Version non affectée:1.4.9-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2905
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1530
Description:A vulnerability has been reported in GnuPG, which can potentially be exploited to compromise a vulnerable system. The vulnerability is caused due to an error when importing keys with duplicated IDs. This can be exploited to cause a memory corruption when importing keys via --refresh-keys or --import. Successful exploitation potentially allows execution of arbitrary code, but has not been proven yet.
FSA408 - wireshark
Paquet:wireshark
Date:2008-04-04
Posté par:vmiklos
Version vulnérable:0.99.8-1
Version non affectée:1.0.0-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2915
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1561 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1562 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1563
Description:Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are caused due to errors in the X.509sat, Roofnet, LDAP, and SCCP dissectors. These can be exploited to cause the application to crash when processing specially crafted packets that are either captured off the wire or loaded via a capture file.
FSA407 - seamonkey
Paquet:seamonkey
Date:2008-04-04
Posté par:vmiklos
Version vulnérable:1.1.8-1
Version non affectée:1.1.9-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2908
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1233 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1234 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1235 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1236 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1237 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1238 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1240 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1241
Description:Some vulnerabilities and weaknesses have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system. For more information, please see FSA406.
FSA406 - firefox
Paquet:firefox
Date:2008-04-04
Posté par:vmiklos
Version vulnérable:2.0.0.12-1
Version non affectée:2.0.0.13-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2907
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4879 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1233 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1234 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1235 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1236 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1237 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1238 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1240 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1241
Description:Some vulnerabilities and weaknesses have been reported in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, conduct cross-site scripting and phishing attacks, and potentially compromise a user's system. 1) An unspecified error in the handling of "XPCNativeWrappers" can lead to the execution of arbitrary Javascript code with the user's privileges via "setTimeout()" calls. 2) Various errors in the handling of Javascript code can be exploited to conduct cross-site scripting attacks or execute arbitrary code. 3) Various errors in the layout engine can be exploited to cause a memory corruption. 4) Various errors in the Javascript engine can be exploited to cause a memory corruption. Successful exploitation of these vulnerabilities may allow execution of arbitrary code. 5) An error within the handling of HTTP "Referer:" headers sent with requests to URLs containing "Basic Authentication" credentials having an empty username can be exploited to bypass cross-site request forgery protections. 6) The problem is that Firefox offers a previously configured private SSL certificate when establishing connections to webservers requesting SSL Client Authentication. This can potentially be exploited to disclose sensitive information via a malicious webserver. 7) An error in the handling of the "jar:" protocol can be exploited to establish connections to arbitrary ports on the local machine. 8) An error when displaying XUL pop-up windows can be exploited to hide the window's borders and facilitate phishing attacks.
FSA405 - openssh
Paquet:openssh
Date:2008-04-01
Posté par:vmiklos
Version vulnérable:4.7p1-3
Version non affectée:4.7p1-4kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2911
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1483
Description:A vulnerability has been discovered in OpenSSH, which can be exploited by malicious, local users to disclose sensitive information. The vulnerability is caused due to sshd improperly binding TCP ports on the local IPV6 interface if required ports on the IPV4 interface are in use. This can be exploited by a malicious, local user to intercept an X11 forwarding session by listening to a port used by sshd to forward the local X11 display (e.g. port 6010/TCP).
FSA404 - phpmyadmin
Paquet:phpmyadmin
Date:2008-04-01
Posté par:vmiklos
Version vulnérable:2.11.5-1
Version non affectée:2.11.5.1-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2917
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1567
Description:im Hermann has discovered a vulnerability in phpMyAdmin, which can potentially be exploited by malicious users to disclose sensitive information. The MySQL username, password, and the Blowfish secret key are stored as plain text in session files. This can potentially be exploited e.g. by users on shared hosts to access that information.
FSA403 - horde-webmail
Paquet:horde-webmail
Date:2008-04-01
Posté par:vmiklos
Version vulnérable:1.0.5-1
Version non affectée:1.0.6-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2910
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1284
Description:A vulnerability has been reported in various Horde products, which can be exploited by malicious users to disclose sensitive information and potentially compromise a vulnerable system. Input passed to the "theme" parameter is not properly sanitised before being used. This can be exploited to include arbitrary files from local resources, using directory traversal attacks and URL-encoded NULL bytes ("%00"). NOTE: Other attack vectors are also reported to exist. Successful exploitation may allow execution of arbitrary code, but requires valid user credentials.
FSA402 - mplayer
Paquet:mplayer
Date:2008-04-01
Posté par:vmiklos
Version vulnérable:1.0rc2-3
Version non affectée:1.0rc2-4kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2913
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1558
Description:k`sOSe has discovered a vulnerability in MPlayer, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error in the "sdpplin_parse()" function in stream/realrtsp/sdpplin.c. This can be exploited to overwrite arbitrary memory regions via an overly large "StreamCount" SDP parameter. Successful exploitation may allow execution of arbitrary code.
FSA401 - j2sdk
Paquet:j2sdk
Date:2008-04-01
Posté par:vmiklos
Version vulnérable:6-7
Version non affectée:6-8kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2845
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1185 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1186 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1187 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1188 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1189 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1190 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1191 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1192 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1193 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1194 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1195 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1196
Description:Some vulnerabilities have been reported in Sun Java, which can be exploited by malicious people to cause a DoS (Denial of Service), to bypass certain security restrictions, or to compromise a vulnerable system. 1) Two unspecified errors in the Java Runtime Environment Virtual Machine can be exploited by a malicious, untrusted applet to read and write local files and execute local applications. 2) An unspecified error in the Java Runtime Environment (JRE) when processing XSLT transformations can be exploited by untrusted applets or applications to e.g. read certain URL resources or potentially execute arbitrary code. 3) A boundary error exists in the "useEncodingDecl()" function when parsing the xml header character encoding attribute. This can be exploited to cause a stack-based buffer overflow and execute arbitrary code via a specially crafted JNLP file containing an overly long charset name in the xml header. 4) A boundary error exists in the "useEncodingDecl()" function when processing xml-based JNLP files for UTF8 characters. This can be exploited to cause a stack-based buffer overflow and execute arbitrary code via a specially crafted JNLP file containing overly long key name in the xml header. 5) A boundary error exist in Java Web Start, which can be exploited e.g. by an untrusted Java Web Start application to read and write local files and execute local applications. 6) An unspecified error in Java Web Start can be exploited by a malicious, untrusted applet to read and write local files or execute local applications. 7) An unspecified error in Java Web Start can be exploited by an untrusted Java Web Start application to create files on the system and run local applications with the privileges of the user running the untrusted Java Web Start application. 8) An unspecified error in the Java Plug-in can be exploited by an applet to bypass the same origin policy and to execute local applications. 9) Some errors in the Java Runtime Environment image parsing library within the processing of ICC profiles can be exploited to crash the JVM or to write local files and execute local applications. 10) An error in the Java Runtime Environment may allow java script code within a browser to make connections through Java APIs to network services on the local system. 11) A boundary error exists in Java Web Start in the processing of JNLP files, which can be exploited to cause a stack-based buffer overflow when a user visits a malicious web site.
FSA400 - bzip2
Paquet:bzip2
Date:2008-03-27
Posté par:voroskoi
Version vulnérable:1.0.4-1
Version non affectée:1.0.5-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2903
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1372
Description:A vulnerability has been reported in bzip2, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the handling of malformed archives and can potentially be exploited to cause a DoS.
FSA399 - xine-lib
Paquet:xine-lib
Date:2008-03-24
Posté par:vmiklos
Version vulnérable:1.1.10.1-1
Version non affectée:1.1.11-1kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2887
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0073
Description:Secunia Research has discovered a vulnerability in xine-lib, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "sdpplin_parse()" function in input/libreal/sdpplin.c. This can be exploited to overwrite arbitrary memory regions via an overly large "streamid" SDP parameter included in a malicious RTSP stream. Successful exploitation allows execution of arbitrary code.
FSA398 - tetex
Paquet:tetex
Date:2008-03-24
Posté par:vmiklos
Version vulnérable:3.0-12
Version non affectée:3.0-13kalgan1
Entrée de suivi des bugs:http://bugs.frugalware.org/task/2592
CVEs:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5935 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5936 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5937
Description:Some vulnerabilities have been reported in teTeX, which can be exploited by malicious, local users to disclose and manipulate sensitive information and by malicious people to potentially compromise a vulnerable