Secunia
[SA13406] Red Hat update for ImageMagick
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-12-09
Red Hat has issued an update for ImageMagick. This fixes some
vulnerabilities, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/13406/
[SA13395] SUSE Updates for Multiple Packages
Critical: Highly critical
Where: From remote
Impact: Privilege escalation, DoS, System access
Released: 2004-12-08
SUSE has issued updates for multiple packages. These fix various
vulnerabilities, which can be exploited to overwrite files, gain
escalated privileges, or potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13395/
[SA13386] Mandrake update for ImageMagick
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-12-07
MandrakeSoft has issued an update for ImageMagick. This fixes a
vulnerability, which potentially can be exploited by malicious people
to compromise a user's system.
Full Advisory:
http://secunia.com/advisories/13386/
[SA13382] Gentoo update for imlib
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-12-07
Gentoo has issued an update for imlib. This fixes some vulnerabilities,
which potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/13382/
[SA13381] Imlib Image Decoding Integer Overflow Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-12-07
Pavel Kankovsky has reported multiple vulnerabilities in imlib, which
potentially can be exploited by malicious people to compromise a
vulnerable system.
Full Advisory:
http://secunia.com/advisories/13381/
[SA13378] LessTif libXpm Multiple Image Processing Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-12-06
Multiple vulnerabilities have been reported in LessTif, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13378/
[SA13373] Gentoo update for pdflib
Critical: Highly critical
Where: From remote
Impact: DoS, System access
Released: 2004-12-06
Gentoo has issued an update for pdflib. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system or cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/13373/
[SA13366] SUSE update for cyrus-imapd
Critical: Highly critical
Where: From remote
Impact: System access
Released: 2004-12-06
SUSE has issued an update for cyrus-imapd. This fixes some
vulnerabilities, which can be exploited by malicious people to
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13366/
[SA13362] Mac OS X Security Update Fixes Multiple Vulnerabilities
Critical: Highly critical
Where: From remote
Impact: Security Bypass, Spoofing, Exposure of sensitive
information, Privilege escalation, DoS, System access
Released: 2004-12-03
Apple has issued a security update for Mac OS X, which fixes various
vulnerabilities.
Full Advisory:
http://secunia.com/advisories/13362/
[SA13380] Debian update for ViewCVS
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-12-06
Debian has issued an update for viewcvs. This fixes a vulnerability,
which can be exploited by malicious users to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/13380/
[SA13367] Darwin Streaming Server "DESCRIBE" Request Denial of Service
Vulnerability
Critical: Moderately critical
Where: From remote
Impact: DoS
Released: 2004-12-08
A vulnerability has been reported in Darwin Streaming Server, which can
be exploited by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/13367/
[SA13358] Big Medium Unspecified Script Upload Vulnerability
Critical: Moderately critical
Where: From remote
Impact: System access
Released: 2004-12-02
A vulnerability has been reported in Big Medium, which potentially can
be exploited by malicious users to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13358/
[SA13401] Sun Solaris in.rwhod Unspecified Vulnerability
Critical: Moderately critical
Where: From local network
Impact: System access
Released: 2004-12-08
A vulnerability has been reported in Sun Solaris, which can be
exploited by malicious users to compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13401/
[SA13371] Debian hpsockd Buffer Overflow Vulnerability
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2004-12-03
infamous41md has reported a vulnerability in hpsockd, which can be
exploited by malicious people to cause a DoS (Denial of Service) and
potentially compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13371/
[SA13359] Red Hat update for kernel
Critical: Moderately critical
Where: From local network
Impact: Security Bypass, Privilege escalation, DoS
Released: 2004-12-03
Red Hat has issued an update for the kernel. This fixes multiple
vulnerabilities, which potentially can be exploited to gain escalated
privileges, bypass certain security restrictions, or cause a DoS
(Denial of Service).
Full Advisory:
http://secunia.com/advisories/13359/
[SA13407] Fedora update for mysql
Critical: Less critical
Where: From local network
Impact: Security Bypass, Privilege escalation, DoS, System access
Released: 2004-12-09
Fedora has issued an update for mysql. This fixes multiple
vulnerabilities, which can be exploited to perform certain actions on a
system with escalated privileges, bypass certain security restrictions,
cause a DoS (Denial of Service), or potentially compromise a vulnerable
system.
Full Advisory:
http://secunia.com/advisories/13407/
[SA13403] Debian update for nfs-utils
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-12-09
Debian has issued an update for nfs-utils. This fixes a vulnerability,
which can be exploited by malicious people to cause a DoS (Denial of
Service).
Full Advisory:
http://secunia.com/advisories/13403/
[SA13390] Mandrake update for nfs-utils
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-12-07
MandrakeSoft has issued an update for nfs-utils. This fixes a
vulnerability, which can be exploited by malicious people to cause a
DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/13390/
[SA13384] nfs-utils "SIGPIPE" TCP Connection Termination Denial of
Service Vulnerability
Critical: Less critical
Where: From local network
Impact: DoS
Released: 2004-12-07
SGI has reported a vulnerability in nfs-utils, which can be exploited
by malicious people to cause a DoS (Denial of Service).
Full Advisory:
http://secunia.com/advisories/13384/
[SA13405] rootsh Escape Sequences Logging Security Bypass
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2004-12-09
A security issue has been reported in rootsh, which can be exploited by
malicious, local users to bypass the logging functionality.
Full Advisory:
http://secunia.com/advisories/13405/
[SA13392] Gentoo mirrorselect Insecure Temporary File Creation
Vulnerability
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-12-07
Ervin Nemeth has reported a vulnerability in mirrorselect, which can be
exploited by malicious, local users to perform certain actions on a
vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/13392/
[SA13388] Gentoo update for perl
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-12-07
Gentoo has issued an update for perl. This fixes some vulnerabilities,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/13388/
[SA13387] Mandrake update for gzip
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-12-07
MandrakeSoft has issued an update for gzip. This fixes some
vulnerabilities, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.
Full Advisory:
http://secunia.com/advisories/13387/
[SA13385] Mandrake update for lvm
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-12-07
MandrakeSoft has issued an update for lvm. This fixes a vulnerability,
which can be exploited by malicious, local users to perform certain
actions on a vulnerable system with escalated privileges.
Full Advisory:
http://secunia.com/advisories/13385/
[SA13383] Mandrake update for openssl
Critical: Less critical
Where: Local system
Impact: Privilege escalation
Released: 2004-12-07
MandrakeSoft has issued an update for openssl. This fixes a
vulnerability, which can be exploited by malicious, local users to
perform certain actions on a vulnerable system with escalated
privileges.
Full Advisory:
http://secunia.com/advisories/13383/
[SA13379] Gentoo rssh Arbitrary Command Execution Vulnerability
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2004-12-06
Gentoo has acknowledged a vulnerability in rssh, which can be exploited
by malicious users to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/13379/
[SA13376] file Unspecified ELF Header Parsing Vulnerability
Critical: Less critical
Where: Local system
Impact: Unknown
Released: 2004-12-06
A vulnerability with an unknown impact has been reported in file.
Full Advisory:
http://secunia.com/advisories/13376/
[SA13370] AIX Unspecified System Startup Scripts Vulnerability
Critical: Less critical
Where: Local system
Impact: Manipulation of data, DoS
Released: 2004-12-03
A vulnerability has been reported in AIX, which can be exploited by
malicious, local users to inject arbitrary data into the ODM (Object
Data Manager) or cause a vulnerable system to hang during boot.
Full Advisory:
http://secunia.com/advisories/13370/
[SA13369] Gentoo update for scponly
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2004-12-06
Gentoo has issued an update for scponly. This fixes a vulnerability,
which can be exploited by malicious users to bypass certain security
restrictions.
Full Advisory:
http://secunia.com/advisories/13369/
[SA13364] scponly Security Bypass Arbitrary Command Execution
Vulnerability
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2004-12-03
Jason Wies has reported a vulnerability in scponly, which can be
exploited by malicious users to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/13364/
[SA13363] rssh Security Bypass Arbitrary Command Execution
Vulnerability
Critical: Less critical
Where: Local system
Impact: Security Bypass
Released: 2004-12-03
Jason Wies has reported a vulnerability in rssh, which can be exploited
to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/13363/
Cross Platform:--
[SA13402] Netscape Window Injection Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Spoofing
Released: 2004-12-08
A vulnerability has been reported in Netscape, which can be exploited
by malicious people to spoof the content of websites.
Full Advisory:
http://secunia.com/advisories/13402/
[SA13400] WebLibs Directory Traversal Vulnerability
Critical: Moderately critical
Where: From remote
Impact: Exposure of system information, Exposure of sensitive
information
Released: 2004-12-08
John Bissell has reported a vulnerability in WebLibs, which can be
exploited by malicious people to access sensitive information.
Full Advisory:
http://secunia.com/advisories/13400/
[SA13375] ViewCVS Restricted Directory Access Security Bypass
Critical: Moderately critical
Where: From remote
Impact: Security Bypass
Released: 2004-12-06
Hajvan Sehic has reported a vulnerability in ViewCVS, which can be
exploited by malicious users to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/13375/
[SA13397] MaxDB Web Tools Buffer Overflow and Denial of Service
Vulnerabilities
Critical: Moderately critical
Where: From local network
Impact: DoS, System access
Released: 2004-12-08
Evgeny Demidov has reported two vulnerabilities in MaxDB, which can be
exploited by malicious people to cause a DoS (Denial of Service) or
compromise a vulnerable system.
Full Advisory:
http://secunia.com/advisories/13397/
[SA13393] Codestriker Unspecified Repository Security Bypass Issue
Critical: Less critical
Where: From remote
Impact: Security Bypass
Released: 2004-12-08
A security issue has been reported in Codestriker, which can be
exploited by malicious users to bypass certain security restrictions.
Full Advisory:
http://secunia.com/advisories/13393/
[SA13360] Jakarta Lucene "results.jsp" Cross-Site Scripting
Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-12-03
A vulnerability has been reported in Jakarta Lucene, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/13360/
[SA13357] Serendipity "searchTerm" Cross-Site Scripting Vulnerability
Critical: Less critical
Where: From remote
Impact: Cross Site Scripting
Released: 2004-12-02
Stefan Esser has reported a vulnerability in Serendipity, which can be
exploited by malicious people to conduct cross-site scripting attacks.
Full Advisory:
http://secunia.com/advisories/13357/
[SA13377] Novell NetMail Default NMAP Authentication Credential
Security Issue
Critical: Less critical
Where: From local network
Impact: Manipulation of data, Exposure of system information,
Exposure of sensitive information
Released: 2004-12-06
A security issue has been reported in NetMail, which can be exploited
by malicious people to access the mail store.
Full Advisory:
http://secunia.com/advisories/13377/