|
|
Colapse all |
Post message
MDKSA-2005:075 - Updated libcdaudio1 packages fix vulnerability 2005-04-21 Mandriva Security Team (security mandriva com) Vulnerability kali's tagboard 2005-04-22 piker piker (piker_666 hotmail com) There are some bugs in the kali's tagboard, you can access to the admin system without password!, you can put iframes, scripts... But the most vulnerabilitie is in the ban ip's, you can put this script: " <? system($cmd) ?> " and execute commands in the server with this url: Example: http://web.c [ more ] [ reply ] MDKSA-2005:073 - Updated cvs packages fix vulnerability 2005-04-21 Mandriva Security Team (security mandriva com) [SECURITY] [DSA 701-2] New samba packages fix correct sporadic crash 2005-04-21 joey infodrom org (Martin Schulze) Re: Postgres: pg_hba.conf, md5, pg_shadow, encrypted passwords 2005-04-21 Josh Berkus (josh agliodbs com) David, Stephen, > I noted that this was a problem back in August, 2002: > > http://archives.postgresql.org/pgsql-admin/2002-08/msg00253.php > > Then, as now, the developers weren't very concerned. Well, from our perspective, a random salt only protects against a very narrow range of attack types [ more ] [ reply ] MDKSA-2005:074 - Updated gnome-vfs2 packages fix vulnerability 2005-04-21 Mandriva Security Team (security mandriva com) MDKSA-2005:076 - Updated xli packages fix multiple vulnerabilities 2005-04-21 Mandriva Security Team (security mandriva com) [SECURITY] [DSA 713-1] New junkbuster packages fix several vulnerabilities 2005-04-21 joey infodrom org (Martin Schulze) [PLSN-0004] - Buffer overflow in PostgreSQL 2005-04-21 Peachtree Linux Security Team (security peachtree burdell org) ------------------------------------------------------------------------ --- Peachtree Linux Security Notice PLSN-0004 April 20, 2005 Buffer overflow in PL/PGSQL parser allowing database users to run arbitrary code as pgsql user CAN-2005-0245, CAN-2005-0247 ------------------------------------------ [ more ] [ reply ] [PLSN-0002] - Multiple vulnerabilities in Gaim 2005-04-21 Peachtree Linux Security Team (security peachtree burdell org) ------------------------------------------------------------------------ --- Peachtree Linux Security Notice PLSN-0002 April 20, 2005 Multiple remote vulnerabilities in Gaim CAN-2005-0965, CAN-2005-0966, CAN-2005-0967, CAN-2005-0208, CAN-2005-0473, CAN-2005-0472 ------------------------------------- [ more ] [ reply ] Linux vsyscalls may be used as attack vectors 2005-04-20 Clad Strife (thadeum gmail com) I send (again !) this e-mail including in attachment an advisory explaining how vsyscalls may be used as powerful attack vectors on Linux 2.6.x kernels. I received many mailer daemon replies for delivery failures in multiple boxes with my last e-mail. I hope this one will be okay. Please, confirm. [ more ] [ reply ] cpio directory traversal vulnerability 2005-04-20 Imran Ghory (imranghory gmail com) ================================ cpio directory traversal vulnerability ================================ Software: cpio Version: cpio 2.6 Software URL: <http://www.gnu.org/software/cpio/> Platform: Unix, Linux. Vulnerability type: Input validation Severity: Medium, local vuln, Can result in privil [ more ] [ reply ] |
|
Privacy Statement |
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Update Advisory
_______________________________________________________________________
Package name: libcdaudio1
Advisory ID
[ more ] [ reply ]