Secunia
[SA12548] GTK+ Multiple Image Decoding Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-09-16
Multiple vulnerabilities have been reported in GTK+, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12548/
[SA12542] GdkPixbuf Multiple Image Decoding Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-09-16
Multiple vulnerabilities have been reported in GdkPixBuf, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12542/
[SA12539] Red Hat update for imlib
Critical: Highly critical
Where: From remote
Impact: System access, DoS
Released: 2004-09-15
Red Hat has issued an update for imlib. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/12539/
[SA12505] Gentoo update for Webmin / Usermin
Critical: Highly critical
Where: From remote
Impact: Unknown, System access
Released: 2004-09-13
Gentoo has issued updates for Webmin / Usermin. These fix two
vulnerabilities, where the most critical can be exploited by malicious
people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12505/
[SA12503] Conectiva update for krb5
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-09-10
Conectiva has issued an update for krb5. This fixes multiple
vulnerabilities, where the most critical potentially can be exploited
by malicious people to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/12503/
[SA12502] Fedora update for imlib
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-09-10
Fedora has issued an update for imlib. This fixes a vulnerability,
which potentially can be exploited by malicious people to compromise a
user's system.
Full Advisory:
http://secunia.com/advisories/12502/
[SA12544] Red Hat update for mc
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-09-15
Red Hat has issued an update for mc. This fixes a vulnerability, which
potentially can be exploited by malicious people to compromise a user's
system.
Full Advisory:
http://secunia.com/advisories/12544/
[SA12536] Mandrake update for squid
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-09-15
MandrakeSoft has issued an update for squid. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/12536/
[SA12521] Conectiva update for kde
Critical: Moderately critical
Where: From remote
Impact: Hijacking, Spoofing, Privilege escalation
Released: 2004-09-14
Conectiva has issued an update for kde. This fixes multiple
vulnerabilities, which can be exploited to perform certain actions on a
vulnerable system with escalated privileges, spoof the content of
websites, or hijack sessions.
Full Advisory:
http://secunia.com/advisories/12521/
[SA12515] ripMIME MIME Decoding Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-09-15
The vendor has acknowledged some vulnerabilities in ripMIME, which
potentially can be exploited by malicious people to bypass filters.
Full Advisory:
http://secunia.com/advisories/12515/
[SA12513] Regulus Multiple Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Security Bypass, Exposure of sensitive information
Released: 2004-09-14
masud_libra has reported some vulnerabilities in Regulus, which can be
exploited by malicious people to access sensitive information or bypass
certain security restrictions.
Full Advisory:
http://secunia.com/advisories/12513/
[SA12547] Red Hat update for httpd
Critical: Less critical
Where: From remote
Impact: Privilege escalation, DoS
Released: 2004-09-15
Red Hat has issued an update for httpd. This fixes multiple
vulnerabilities, which can be exploited to cause a DoS (Denial of
Service) or gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/12547/
[SA12541] Mandrake update for apache2
Critical: Less critical
Where: From remote
Impact: Privilege escalation, DoS
Released: 2004-09-15
MandrakeSoft has issued an update for apache2. This fixes multiple
vulnerabilities, which can be exploited to cause a DoS (Denial of
Service) or gain escalated privileges.
Full Advisory:
http://secunia.com/advisories/12541/
[SA12534] Gentoo update for SUS
Critical: Less critical
Where: From remote
Impact: Privilege escalation
Released: 2004-09-15
Gentoo has issued an update for SUS. This fixes a vulnerability, which
potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/12534/
[SA12552] GNU Radius SNMP String Length Denial of Service
Vulnerability
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-09-15
A vulnerability has been reported in GNU Radius, which can be exploited
by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/12552/
[SA12518] Fedora update for samba
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-09-14
Fedora has issued an update for samba. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/12518/
[SA12517] Gentoo update for samba
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-09-14
Gentoo has issued an update for samba. This fixes two vulnerabilities,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/12517/
[SA12516] Samba Denial of Service Vulnerabilities
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-09-14
Two vulnerabilities have been reported in Samba, which can be exploited
by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/12516/
[SA12508] Squid "clientAbortBody()" Denial of Service Vulnerability
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-09-13
M.A.Young has reported a vulnerability in Squid, which can be exploited
by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/12508/
[SA12546] Red Hat update for openoffice.org
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2004-09-15
Red Hat has issued an update for openoffice.org. This fixes a
vulnerability, which can be exploited by malicious, local users to gain
knowledge of sensitive information.
Full Advisory:
http://secunia.com/advisories/12546/
[SA12537] Debian update for webmin
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-09-15
Debian has issued an update for webmin. This fixes a vulnerability,
which potentially can be exploited by malicious people to perform
certain actions on a system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/12537/
[SA12532] Gentoo update for cdrtools
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-09-15
Gentoo has issued an update for cdrtools. This fixes a vulnerability,
which potentially can be exploited by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/12532/
[SA12530] SUS Logging Format String Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-09-15
Leon Juranic has reported a vulnerability in SUS, allowing malicious
users to escalate their privileges.
Full Advisory:
http://secunia.com/advisories/12530/
[SA12501] Fedora update for cdrtools
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-09-10
Fedora has issued an update for cdrtools. This fixes a vulnerability,
which can be exploited by malicious, local users to gain escalated
privileges.
Full Advisory:
http://secunia.com/advisories/12501/
[SA12526] Mozilla Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Cross Site Scripting, Manipulation of data, Exposure of
sensitive information, System access
Released: 2004-09-14
Details have been released about several vulnerabilities in Mozilla,
Mozilla Firefox, and Thunderbird. These can potentially be exploited by
malicious people to conduct cross-site scripting attacks, access and
modify sensitive information, and compromise a user's system.
Full Advisory:
http://secunia.com/advisories/12526/
[SA12540] Apache apr-util Library and Environment Variable Expansion
Vulnerabilities
Critical: Moderately critical
Where: From remote
Impact: Privilege escalation, DoS, System access
Released: 2004-09-15
Two vulnerabilities have been reported in Apache, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
potentially compromise a system, or by malicious, local users to gain
escalated privileges.
Full Advisory:
http://secunia.com/advisories/12540/
[SA12531] vBulletin "x_invoice_num" SQL Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Manipulation of data
Released: 2004-09-15
al3ndaleeb has reported a vulnerability in vBulletin, which can be
exploited by malicious people to conduct SQL injection attacks.
Full Advisory:
http://secunia.com/advisories/12531/
[SA12527] Apache "mod_dav" LOCK Request Denial of Service
Vulnerability
Critical: Less critical
Where: From remote
Impact: DoS
Released: 2004-09-14
A vulnerability has been reported in Apache, which can be exploited by
malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/12527/
[SA12522] Lexar JumpDrive Secure Password Disclosure Security Issue
Critical: Less critical
Where: Local system
Impact: Exposure of sensitive information
Released: 2004-09-14
@stake has reported a security issue in Lexar Lexar JumpDrive Secure,
which can be exploited by malicious people to gain knowledge of
sensitive information.
Full Advisory:
http://secunia.com/advisories/12522/