Frugalware Linux - Let's make things Frugal!

Vydania

frugalware-0.8 (Kalgan)
Mar 11, 2008

frugalware-0.7 (Sayshell)
Oct 13, 2007

frugalware-0.6 (Terminus)
Mar 22, 2007

frugalware-0.5 (Siwenna)
Sep 14, 2006

frugalware-0.4 (Wanda)
Mar 30, 2006

frugalware-0.3 (Trantor)
Oct 13, 2005

frugalware-0.2 (Aurora)
Apr 28, 2005

frugalware-0.1 (Genesis)
Nov 02, 2004

RSS

dary

Prispejte na vývoj.

posledné aktualizácie

devel-core/
pacman-tools
1.1.2-2solaria1-x86_64
devel-core/
pacman-tools
1.1.2-2solaria1-i686
base/pacman-g2
3.7.2-2solaria1-x86_64
base/pacman-g2
3.7.2-2solaria1-i686
devel-extra/fwsetup
0.9.5-2solaria1-x86_64
devel-extra/fwsetup
0.9.5-2solaria1-i686
devel-extra/fwsetup
0.9.5-1-x86_64
devel-extra/fwsetup
0.9.5-1-i686
xapps/splashy
0.3.11-4-i686
xapps/splashy
0.3.11-4-i686

RSS

jazyky

informácie

Informácia o serveri

v prevádzke:
0 day(s) 10 h 28 m 16 s

Bezpečnostné oznámenia Frugalware (FSA)

Toto je zoznam oznámení týkajúcich sa bezpečnosti, ktoré boli vydané pre aktuálnu stable verziu Frugalware

FSA525 - pidgin

balík::	pidgin
Dátum:	2008-08-31
zraniteľná verzia::	2.4.3-1kalgan1
odolná verzia::	2.4.3-1kalgan2
hlásená chyba::	http://bugs.frugalware.org/task/3308
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3532
opis:	A security issue has been reported in Pidgin, which can be exploited by malicious people to conduct spoofing attacks. The problem is that the certificate presented by e.g. a Jabber server at the beginning of an SSL session is not verified. This can be exploited to spoof valid servers via a man-in-the-middle attack. Successful exploitation requires that Pidgin is configured to use the NSS plugin.

FSA524 - graphicsmagick

balík::	graphicsmagick
Dátum:	2008-08-31
zraniteľná verzia::	1.1.14-1kalgan1
odolná verzia::	1.2.4-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3204
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3134
opis:	Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) Multiple errors exist in the AVI, AVS, DCM, EPT, FITS, MTV, PALM, RLA, and TGA decoders. These can be exploited to trigger crashes, overly large memory allocations, or the execution of infinite loops. 2) An error within the "GetImageCharacteristics()" function in magick/image.c can be exploited to crash an affected application via specially crafted e.g. PNG, JPEG, BMP, or TIFF files.

FSA523 - poppler

balík::	poppler
Dátum:	2008-08-31
zraniteľná verzia::	0.6.4-1
odolná verzia::	0.6.4-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3311
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2950
opis:	A vulnerability has been reported in Poppler, which potentially can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to the "Page" constructor leaving the "pageWidgets" object uninitialized under specific circumstances. This can be exploited to potentially trigger the "free()" of an arbitrary address when the object is deleted. Successful exploitation may allow execution of arbitrary code via a specially crafted PDF file.

FSA522 - mono

balík::	mono
Dátum:	2008-08-31
zraniteľná verzia::	1.2.6-3
odolná verzia::	1.2.6-4kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3306
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3422
opis:	Dean Brettle has reported some security issues in Mono, which can be exploited by malicious people to conduct cross-site scripting attacks. The security issues are caused due to Mono's ASP.net implementation not properly sanitising certain attributes (e.g. "HtmlSelect.Value", "HtmlSelect.Text", and the "action" attribute of the "form" element). This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

FSA521 - openttd

balík::	openttd
Dátum:	2008-08-31
zraniteľná verzia::	0.5.3-1
odolná verzia::	0.6.2-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3303
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3576 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3577
opis:	A vulnerability has been reported in OpenTTD, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "TruncateString()" function in src/gfx.cpp. This can be exploited to potentially cause a buffer overflow via a specially crafted string. Successful exploitation may allow execution of arbitrary code.

FSA520 - freetype2

balík::	freetype2
Dátum:	2008-08-31
zraniteľná verzia::	2.3.5-2
odolná verzia::	2.3.7-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3178
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1806 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1808
opis:	Some vulnerabilities have been reported in FreeType, which potentially can be exploited by malicious people to compromise an application using the library. 1) An integer overflow error exists in the processing of PFB font files. This can be exploited to cause a heap-based buffer overflow via a PFB file containing a specially crafted "Private" dictionary table. 2) An error in the processing of PFB font files can be exploited to trigger the "free()" of memory areas that are not allocated on the heap. 3) An off-by-one error exists in the processing of PFB font files. This can be exploited to cause a one-byte heap-based buffer overflow via a specially crafted PFB file. 4) An off-by-one error exists in the implementation of the "SHC" instruction while processing TTF files. This can be exploited to cause a one-byte heap-based buffer overflow via a specially crafted TTF file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code.

FSA519 - httrack

balík::	httrack
Dátum:	2008-08-31
zraniteľná verzia::	3.42-1
odolná verzia::	3.42_3-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3304
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3429
opis:	A security issue has been reported in HTTrack, which potentially can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to a boundary error when processing command line arguments. This can be exploited to cause a buffer overflow by passing overly long URLs to the application.

FSA518 - python

balík::	python
Dátum:	2008-08-29
zraniteľná verzia::	2.5.2-2kalgan1
odolná verzia::	2.5.2-2kalgan2
hlásená chyba::	http://bugs.frugalware.org/task/3286
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2315 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2316 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3142
opis:	Some vulnerabilities have been reported in Python, where some have unknown impact and others can potentially be exploited by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. 1) Various integer overflow errors exist in core modules e.g. stringobject, unicodeobject, bufferobject, longobject, tupleobject, stropmodule, gcmodule, mmapmodule. 2) An integer overflow in the hashlib module can lead to an unreliable cryptographic digest results. 3) Integer overflow errors in the processing of unicode strings can be exploited to cause buffer overflows on 32-bit systems. 4) An integer overflow exists in the PyOS_vsnprintf() function on architectures that do not have a "vsnprintf()" function. 5) An integer underflow error in the PyOS_vsnprintf() function when passing zero-length strings can lead to memory corruption. Successful exploitation of some of these vulnerabilities may allow to crash an application or to execute arbitrary code, but depends on the implementation of an Python application.

FSA517 - apache

balík::	apache
Dátum:	2008-08-29
zraniteľná verzia::	2.2.8-2kalgan1
odolná verzia::	2.2.8-2kalgan2
hlásená chyba::	http://bugs.frugalware.org/task/3307
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2939
opis:	A vulnerability has been reported in Apache, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to mod_proxy_ftp via an URL containing a FTP wildcard character (e.g. "*"), is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

FSA516 - links

balík::	links
Dátum:	2008-08-29
zraniteľná verzia::	2.1pre33-1
odolná verzia::	2.1-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3272
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3329
opis:	Unspecified vulnerability in Links before 2.1, when "only proxies" is enabled, has unknown impact and attack vectors related to providing "URLs to external programs."

FSA515 - ruby

balík::	ruby
Dátum:	2008-08-29
zraniteľná verzia::	1.8.6-4
odolná verzia::	1.8.6-5kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3300
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3655 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3656 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3657 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3443
opis:	Some vulnerabilities have been reported in Ruby, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and conduct spoofing attacks. 1) Multiple errors in the implementation of safe level restrictions can be exploited to call "untrace_var()", perform syslog operations, and modify "$PROGRAM_NAME" at safe level 4, or call insecure methods at safe levels 1 through 3. 2) An error exists in the usage of regular expressions in "WEBrick::HTTPUtils.split_header_value()". This can be exploited to consume large amounts of CPU via a specially crafted HTTP request. 3) An error in "DL" can be exploited to bypass security restrictions and call potentially dangerous functions. 4) The vulnerability is caused due to resolv.rb not sufficiently randomising the DNS query port number, which can be exploited to poison the DNS cache.

FSA514 - libxslt

balík::	libxslt
Dátum:	2008-08-29
zraniteľná verzia::	1.1.22-2kalgan1
odolná verzia::	1.1.22-2kalgan2
hlásená chyba::	http://bugs.frugalware.org/task/3285
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2935
opis:	Chris Evans has reported some vulnerabilities in libxslt, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. The vulnerabilities are caused due to boundary errors within crypto.c when handling the XSLT "crypto:rc4_encrypt" and "crypto:rc4_decrypt" functions. This can be exploited to cause a heap-based buffer overflow via a specially crafted stylesheet.

FSA513 - git

balík::	git
Dátum:	2008-08-26
zraniteľná verzia::	1.5.4.3-1
odolná verzia::	1.5.6.4-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3305
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3546
opis:	Stack-based buffer overflow in the (1) diff_addremove and (2) diff_change functions in GIT before 1.5.6.4 might allow local users to execute arbitrary code via a PATH whose length is larger than the system's PATH_MAX when running GIT utilities such as git-diff or git-grep.

FSA512 - amarok

balík::	amarok
Dátum:	2008-08-26
zraniteľná verzia::	1.4.8-2
odolná verzia::	1.4.10-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3312
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3699
opis:	A security issue has been reported in Amarok, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the "MagnatuneBrowser::listDownloadComplete()" function handling temporary files in an insecure manner. This can be exploited via symlink attacks in combination with a race condition to overwrite arbitrary files with the privileges of the user running the application.

FSA511 - pdns

balík::	pdns
Dátum:	2008-08-26
zraniteľná verzia::	2.9.21-3
odolná verzia::	2.9.21.1-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3309
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3337
opis:	A weakness has been reported in PowerDNS, which can be exploited by malicious people to conduct spoofing attacks. The weakness is caused due to the server dropping DNS queries for invalid DNS records within a valid domain. This can be exploited to facilitate the spoofing of the valid domain on third-party DNS servers.

FSA510 - thunderbird

balík::	thunderbird
Dátum:	2008-08-26
zraniteľná verzia::	2.0.0.14-1kalgan1
odolná verzia::	2.0.0.16-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3206
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811
opis:	Some vulnerabilities have been reported in Mozilla Thunderbird, which potentially can be exploited by malicious people to compromise a user's system. For more information, see FSA509

FSA509 - firefox

balík::	firefox
Dátum:	2008-08-26
zraniteľná verzia::	2.0.0.14-1kalgan1
odolná verzia::	2.0.0.15-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3202
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2798 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2799 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2800 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2803 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2805 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2806 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2807 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2808 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2809 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2810 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2811
opis:	Some vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, disclose sensitive information, or potentially compromise a user's system. 1) Multiple errors in the layout and JavaScript engines can be exploited to corrupt memory. 2) An error in the handling of unprivileged XUL documents can be exploited to load Chrome scripts from a "fastload" file via "script" elements. 3) An error in the "mozIJSSubScriptLoader.LoadScript()" function can be exploited to bypass XPCNativeWrappers and run arbitrary code with Chrome privileges. Successful exploitation requires that an add-on using the affected function is installed. 4) An error in the block reflow process can be exploited to cause a crash or potentially execute arbitrary code. 5) An error in the processing of file URLs contained within local directory listings can potentially be exploited to execute malicious JavaScript content. 6) Multiple errors in the implementation of the JavaScript same origin policy can be exploited to execute arbitrary script code in the context of a different domain. 7) Multiple errors in the verification of signed JAR files can be exploited to execute arbitrary JavaScript code with the privileges of the JAR's signer. 8) An error in the implementation of file upload forms can be exploited to upload arbitrary local files to a remote webserver via specially crafted "DOM Range" and "originalTarget" elements. 9) An error in the Java LiveConnect implementation on Mac OS X can be exploited to establish arbitrary socket connections. 10) An uninitialized memory access in the processing of improperly encoded ".properties" files can potentially be exploited to disclose sensitive memory via an add-on using the malformed file. 11) An error in the processing of "Alt Names" provided by "peer" trusted certificates can be exploited to conduct spoofing attacks. 12) An error in the processing of Windows URL shortcuts can be exploited to run a remote site as a local file.

FSA507 - postfix

balík::	postfix
Dátum:	2008-08-16
zraniteľná verzia::	2.4.6-1
odolná verzia::	2.4.7-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3296
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2936 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2937
opis:	Sebastian Krahmer has reported some security issues in Postfix, which can be exploited by malicious, local users to disclose potentially sensitive information and perform certain actions with escalated privileges. 1) A security issue is caused due to Postfix incorrectly handling symlink files. This can be exploited to e.g. append mail messages to arbitrary files by creating a hardlink to a symlink owned by the root user. Successful exploitation requires write permission to the mail spool directory, that there is no "root" mailbox, and users can create a hardlink to a symlink (e.g. Linux 2.x, Solaris, Irix 6.5). 2) A security issue is caused due to Postfix not correctly checking the ownership of the destination when delivering email. This can be exploited to e.g. disclose emails by creating an insecure mailbox file for other users. Successful exploitation requires permission to create files within the mail spool directory.

FSA506 - drupal

balík::	drupal
Dátum:	2008-08-16
zraniteľná verzia::	5.9-1kalgan1
odolná verzia::	5.10-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3299
CVEs:	There is no CVE for this issue yet, see http://drupal.org/node/295053
opis:	Some vulnerabilities have been reported in Drupal, which can be exploited by malicious users to conduct script insertion attacks and compromise a vulnerable system, and by malicious people to conduct cross-site scripting and cross-site request forgery attacks. 1) Input passed to an unspecified parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) A vulnerability is caused by the fact that the private filesystem uses the MIME media type it receives from the web browser when handling uploads. This can be exploited for script insertion attacks. Successful exploitation of this vulnerability requires valid user credentials with the right to upload files. 3) A vulnerability is caused due to missing restrictions on what file types that users are allowed to upload in the BlogAPI module. This can be exploited to e.g. execute arbitrary PHP code. Successful exploitation of this vulnerability requires valid user credentials with the "administer content with blog api" permission. 4) A vulnerability is caused due to the application allowing users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to add or delete user access rules, by enticing a logged-in user to visit a malicious web page.

FSA505 - phpmyadmin

balík::	phpmyadmin
Dátum:	2008-08-16
zraniteľná verzia::	2.11.7.1-1kalgan1
odolná verzia::	2.11.8.1-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3271
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3456 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3457
opis:	Aung Khant has reported two vulnerabilities in phpMyAdmin, which can be exploited by malicious local users to conduct cross-site scripting attacks, and by malicious people to conduct spoofing attacks. 1) Many scripts except for index.php do not check if they are linked into another site's frames. This can potentially be used for spoofing and phishing attacks. 2) Input from the config/config.inc.php configuration file to scripts/setup.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

FSA504 - mantis

balík::	mantis
Dátum:	2008-08-15
zraniteľná verzia::	1.1.1-1
odolná verzia::	1.1.2-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3249
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2276 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3331 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3332 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3333
opis:	Some vulnerabilities have been reported in Mantis, which can be exploited by malicious users to compromise a vulnerable system and malicious people to conduct cross-site scripting and request forgery attacks. 1) Input passed to the "filter_target" parameter in return_dynamic_filters.php is not properly sanitised before being returned to a user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) A vulnerability is caused due to the application allowing users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to e.g. add a new user with administrative privileges by enticing a logged-in administrator to visit a malicious site. 3) Input passed to the "value" parameter in adm_config_set.php is not properly sanitised before being used in an "eval()" statement. This can be exploited to e.g. execute arbitrary PHP commands via a specially crafted request. Successful exploitation requires administrator access, but see vulnerability #2. 4) Input passed to the "language" parameter in account_prefs_update.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources.

FSA503 - openldap

balík::	openldap
Dátum:	2008-07-27
zraniteľná verzia::	2.3.41-1
odolná verzia::	2.3.43-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3207
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2952
opis:	A vulnerability has been reported in OpenLDAP, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "ber_get_next()" function in libraries/liblber/io.c. This can be exploited to trigger an "assert()" and terminate the "slapd" process via a specially crafted ASN.1 BER encoded packet.

FSA502 - afuse

balík::	afuse
Dátum:	2008-07-27
zraniteľná verzia::	0.2-1
odolná verzia::	0.2-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3243
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2232
opis:	Anders Kaseorg discovered that afuse, an automounting file system in user-space, did not properly escape meta characters in paths. This allowed a local attacker with read access to the filesystem to execute commands as the owner of the filesystem.

FSA501 - phpbb

balík::	phpbb
Dátum:	2008-07-27
zraniteľná verzia::	2.0.22-1
odolná verzia::	3.0.2-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3244
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3224
opis:	Unspecified vulnerability in phpBB before 3.0.1 has unknown impact and attack vectors related to "urls gone through redirect() being used within login_box()."

FSA500 - pidgin

balík::	pidgin
Dátum:	2008-07-27
zraniteľná verzia::	2.3.1-2
odolná verzia::	2.4.3-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3217
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2927
opis:	Some vulnerabilities have been reported in Pidgin, which potentially can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to integer overflow errors in the "msn_slplink_process_msg" function in libpurple/protocols/msnp9/slplink.c and libpurple/protocols/msn/slplink.c, and can potentially be exploited to execute arbitrary code via a specially crafted SLP message. Successful exploitation requires that the attacker is allowed to send messages to a victim (by default only users in the buddy list).

FSA499 - ffmpeg

balík::	ffmpeg
Dátum:	2008-07-27
zraniteľná verzia::	20070422-3
odolná verzia::	20070422-4kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3252
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3162
opis:	A vulnerability has been reported in FFmpeg, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "str_read_packet()" function in libavformat/psxstr.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted STR file.

FSA498 - checkinstall

balík::	checkinstall
Dátum:	2008-07-27
zraniteľná verzia::	1.6.1-1
odolná verzia::	1.6.1-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3209
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2958
opis:	Two security issues have been reported in CheckInstall, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issues are caused due to the "checkinstall" and "installwatch" scripts creating directories in an insecure manner. This can potentially be exploited via symlink attacks to delete or modify arbitrary files with the privileges of the user running the affected scripts.

FSA497 - byacc

balík::	byacc
Dátum:	2008-07-27
zraniteľná verzia::	1.9-1
odolná verzia::	1.9-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3251
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3196
opis:	Otto Moerbeck has reported the following potential out of bounds of the allocated stack access in the yacc binary: Fix an venerable bug: if we're reducing a rule that has an empty right hand side and the yacc stackpointer is pointing at the very end of the allocated stack, we end up accessing the stack out of bounds by the implicit $$ = $1 action. Detected by my new malloc.

FSA496 - perl

balík::	perl
Dátum:	2008-07-27
zraniteľná verzia::	5.10.0-3
odolná verzia::	5.10.0-4kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3210
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2827
opis:	Description: A vulnerability has been reported in Perl, which can be exploited by malicious, local user to perform actions with escalated privileges. The vulnerability is caused due to the insecure use of chmod on symbolic links and can be exploited to change permissions of arbitrary files to 0777 via symlink attacks.

FSA495 - bind

balík::	bind
Dátum:	2008-07-26
zraniteľná verzia::	9.4.2-2
odolná verzia::	9.4.2-3kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3219
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1447
opis:	A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to poison the DNS cache. The vulnerability is caused due to the DNS servers not sufficiently randomising the DNS query port number, which can be exploited to poison the DNS cache.

FSA494 - wireshark

balík::	wireshark
Dátum:	2008-07-26
zraniteľná verzia::	1.0.1-1kalgan1
odolná verzia::	1.0.2-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3224
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3145
opis:	A vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when reassembling packets and can be exploited to cause the application to crash when processing a series of malformed packets that are either captured off the wire or loaded via a capture file.

FSA493 - drupal

balík::	drupal
Dátum:	2008-07-26
zraniteľná verzia::	5.7-1
odolná verzia::	5.9-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3256
CVEs:	There is no CVE for this issue, see http://drupal.org/node/286417
opis:	A vulnerability has been reported in Drupal, which can be exploited by malicious people to conduct session fixation attacks. An error in the handling of certain sessions can be exploited to hijack another user's session by tricking the user into logging in after following a specially crafted link.

FSA492 - drupal

balík::	drupal
Dátum:	2008-07-26
zraniteľná verzia::	5.7-1
odolná verzia::	5.9-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3222
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3219 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3220 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3221 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3222 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3223
opis:	Some vulnerabilities have been reported in Drupal, which can be exploited by malicious people to conduct SQL injection and script insertion attacks. 1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to e.g. delete OpenID identities or translation strings by enticing a logged-in user to visit a malicious site. 2) Certain input passed to numeric fields in the Schema API is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

FSA491 - phpmyadmin

balík::	phpmyadmin
Dátum:	2008-07-26
zraniteľná verzia::	2.11.7-1kalgan1
odolná verzia::	2.11.7.1-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3247
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3197
opis:	Aung Khant has discovered some vulnerabilities in phpMyAdmin, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to create databases and change the connection character set for an authenticated user, who is tricked into visiting a malicious website.

FSA490 - clamav

balík::	clamav
Dátum:	2008-07-26
zraniteľná verzia::	0.93.1-1kalgan1
odolná verzia::	0.93.3-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3250
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2713
opis:	A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a boundary error in libclamav/petite.c. This can be exploited to trigger an out-of-bounds read via a specially crafted Petite packed executable.

FSA489 - kernel

balík::	kernel
Dátum:	2008-07-11
zraniteľná verzia::	2.6.24-4kalgan3
odolná verzia::	2.6.24-4kalgan4
hlásená chyba::	http://bugs.frugalware.org/task/3173
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2750
opis:	A vulnerability has been reported in the Linux Kernel, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a boundary error in the "pppol2tp_recvmsg()" function and can potentially be exploited to corrupt kernel memory via a specially crafted PPP over L2TP packet.

FSA488 - wireshark

balík::	wireshark
Dátum:	2008-07-11
zraniteľná verzia::	1.0.0-1kalgan1
odolná verzia::	1.0.1-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3203
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3137 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3138 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3139 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3140 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3141
opis:	Some vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service). 1) An error in the GSM SMS dissector can be exploited to crash the application. 2) An error in the PANA and KISMET dissectors can be exploited to trigger an application exit. 3) An use-after-free error in the RTMPT dissector can be exploited to crash the application. 4) An unspecified error in the RMI dissector can be exploited to disclose system memory. 5) An error in the syslog dissector can be exploited to crash the application via an incomplete SS7 MSU syslog encapsulated packet.

FSA487 - phpmyadmin

balík::	phpmyadmin
Dátum:	2008-07-11
zraniteľná verzia::	2.11.5.2-1kalgan1
odolná verzia::	2.11.7-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3205
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2960
opis:	Some vulnerabilities have been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via unspecified parameters to files in /libraries is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that "register_globals" is enabled and support for ".htaccess" files is disabled.

FSA486 - opera

balík::	opera
Dátum:	2008-07-11
zraniteľná verzia::	9.27-1kalgan1
odolná verzia::	9.50-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3176
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2714 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2715 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2716
opis:	Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to disclose potentially sensitive information or to conduct spoofing attacks. 1) An error in the handling of certain characters in a page address can be exploited to e.g. make a site's address look like another site's address. 2) An error in the checking of the source of images when used by HTML CANVAS elements can be exploited to retrieve the image data. 3) Pages in frames are able to change the location of pages in other frames on the parent page.

FSA485 - courier-authlib

balík::	courier-authlib
Dátum:	2008-07-02
zraniteľná verzia::	0.60.2-1
odolná verzia::	0.60.6-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3180
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2667
opis:	A vulnerability has been reported in the Courier Authentication Library, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via e.g. the username to the library is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and e.g. potentially bypass authentication. Successful exploitation requires that a MySQL database is used for authentication and that a Non-Latin character set is selected.

FSA484 - xorg-server

balík::	xorg-server
Dátum:	2008-07-02
zraniteľná verzia::	1.4.0.90-5
odolná verzia::	1.4.0.90-6kalgan2
hlásená chyba::	http://bugs.frugalware.org/task/3175
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1379 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2360 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2361 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2362
opis:	Some vulnerabilities have been reported in X.org X11, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information, or to gain escalated privileges. 1) An integer overflow error when calculating the size of the glyph exists in the "AllocateGlyph()" function within the Render extension. This can be exploited to cause a heap-based buffer overflow via a specially crafted request. 2) An integer overflow error when calculating the size of the glyph in the "ProcRenderCreateCursor()" function within the Render extension can be exploited to crash the X server via a specially crafted request. 3) An integer overflow error exists in the Render extension when parsing client requests for the "SProcRenderCreateLinearGradient", "SProcRenderCreateRadialGradient", or "SProcRenderCreateConicalGradient" functions and can be exploited to corrupt heap memory. 4) Multiple input validation errors in the "SProcSecurityGenerateAuthorization()", "SProcRecordCreateContext()", and "SProcRecordRegisterClients()" functions within the Record and Security extensions can be exploited to corrupt heap memory via specially crafted requests. Successful exploitation of vulnerabilities #1, #3, and #4 may allow execution of arbitrary code with privileges of the X server (typically root). 5) An integer overflow error when processing parameters to the "ShmPutImage()" request can be exploited to disclose arbitrary memory of the X server process.

FSA483 - apache

balík::	apache
Dátum:	2008-07-02
zraniteľná verzia::	2.2.8-1
odolná verzia::	2.2.8-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3177
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2364
opis:	A vulnerability has been reported in the Apache mod_proxy module, which potentially can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "ap_proxy_http_process_response()" function when forwarding interim responses. This can be exploited to consume large amounts of memory by tricking mod_proxy into sending an overly large number of interim responses to the client.

FSA482 - net-snmp

balík::	net-snmp
Dátum:	2008-06-26
zraniteľná verzia::	5.4.1-4kalgan1
odolná verzia::	5.4.1-4kalgan2
hlásená chyba::	http://bugs.frugalware.org/task/3142
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0960
opis:	A vulnerability has been reported in Net-SNMP, which can be exploited by malicious people to spoof authenticated SNMPv3 packets. The vulnerability is caused due to an error within the verification of the HMAC digest. This can be exploited to increase the chance of successfully spoofing a packet to 1 in 256 by sending a specially crafted SNMPv3 packet with an incomplete 1 byte HMAC digest. Successful exploitation requires a valid username.

FSA481 - horde-webmail

balík::	horde-webmail
Dátum:	2008-06-26
zraniteľná verzia::	1.1-1kalgan1
odolná verzia::	1.1.1-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3167
CVEs:	There is no CVE for this issue, see http://lists.horde.org/archives/announce/2008/000420.html.
opis:	Some vulnerabilities have been reported in various Horde products, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed to item names is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed. Successful exploitation requires valid user credentials. 2) Input passed to contact views is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is viewed. Successful exploitation requires valid user credentials. 3) Input passed to unspecified input is not properly sanitised before being returned to the user in the add event screen. This can be exploited to execute arbitrary HTML and script code in a user's browser session in contact of an affected site.

FSA480 - exiv2

balík::	exiv2
Dátum:	2008-06-26
zraniteľná verzia::	0.16-1
odolná verzia::	0.16-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3135
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2696
opis:	A vulnerability has been reported in Exiv2, which potentially can be exploited by malicious people to crash an application using the library. The vulnerability is caused due to a floating point exception within the pretty printing functionality when processing certain Nicon camera lens information. This can be exploited to crash an application linked against the Exiv2 library when a image containing specially-crafted metadata is processed.

FSA479 - kernel

balík::	kernel
Dátum:	2008-06-24
zraniteľná verzia::	2.6.24-4kalgan2
odolná verzia::	2.6.24-4kalgan3
hlásená chyba::	http://bugs.frugalware.org/task/3140
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1673
opis:	A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to an error within the ASN.1 BER decoder of the cifs and ip_nat_snmp_basic modules when calculating the buffer size. This can be exploited to cause a crash or potentially execute arbitrary code by sending specially crafted BER encoded data to a vulnerable system.

FSA478 - xdvik

balík::	xdvik
Dátum:	2008-06-13
zraniteľná verzia::	22.84.12-1
odolná verzia::	22.84.14-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3127
CVEs:	There is no CVE for this issue, see http://xdvi.sourceforge.net/releases.html#22.84.14
opis:	A security issue has been reported in xdvik, which can be exploited by malicious, local users. The vulnerability is caused by creating predictably named temporary files by using mktemp.

FSA477 - graphicsmagick

balík::	graphicsmagick
Dátum:	2008-06-13
zraniteľná verzia::	1.1.12-1kalgan1
odolná verzia::	1.1.14-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3137
CVEs:	There is no CVE for this issue, see: http://sourceforge.net/project/shownotes.php?release_id=604785 http://sourceforge.net/project/shownotes.php?release_id=604837
opis:	Some vulnerabilities have been reported in GraphicsMagick, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. 1) Two boundary errors exist within the "ReadPALMImage()" function in coders/palm.c. These can be exploited to cause a heap-based buffer underflow via a specially crafted PALM image. 2) A boundary error exists within the "DecodeImage()" function in coders/pict.c. This can be exploited to cause a heap-based buffer overflow via a specially crafted PICT image. 3) Multiple unspecified errors within the processing of XCF, DPX, and CINEON images can be exploited to crash the application. Successful exploitation may allow execution of arbitrary code.

FSA476 - asterisk-addons

balík::	asterisk-addons
Dátum:	2008-06-13
zraniteľná verzia::	1.4.4-1
odolná verzia::	1.4.7-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3136
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2543
opis:	A vulnerability has been reported in Asterisk Addons, which can be exploited by malicious people to cause a DoS (Denial of Service). The problem is that the "ooh323" channel driver extracts memory addresses from incoming TCP packets and uses them in memory operations. This can be exploited to crash an affected application by sending a TCP packet containing invalid memory references.

FSA475 - samba

balík::	samba
Dátum:	2008-06-13
zraniteľná verzia::	3.0.28-1
odolná verzia::	3.0.30-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3115
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1105
opis:	Secunia Research has discovered a vulnerability in Samba, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "receive_smb_raw()" function in lib/util_sock.c when parsing SMB packets. This can be exploited to cause a heap-based buffer overflow via an overly large SMB packet received in a client context. Successful exploitation allows execution of arbitrary code by tricking a user into connecting to a malicious server (e.g. by clicking an "smb://" link) or by sending specially crafted packets to an "nmbd" server configured as a local or domain master browser.

FSA474 - blender

balík::	blender
Dátum:	2008-06-13
zraniteľná verzia::	2.45-1
odolná verzia::	2.45-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3039
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1102
opis:	Secunia Research has discovered a vulnerability in Blender, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "imb_loadhdr()" function in source/blender/imbuf/intern/radiance_hdr.c, which can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted Blender (*.blend) file containing a malicious Radiance RGBE image. Successful exploitation allows execution of arbitrary code.

FSA473 - libvorbis

balík::	libvorbis
Dátum:	2008-06-13
zraniteľná verzia::	1.2.0-1
odolná verzia::	1.2.0-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3093
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1419 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1420 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1423
opis:	Some vulnerabilities have been reported in libvorbis, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise an application using the library. 1) An input validation error can be exploited to crash an application, cause an infinite loop, or to cause a heap overflow via a specially crafted OGG file containing a codebook dimension of "0". 2) An integer overflow error in the processing of residue partition values can be exploited to cause a heap-based buffer overflow via a specially crafted OGG file. 3) An integer overflow error exists in the computation of "quantvals" and of required space for "quantlist". This can be exploited to cause a heap-based buffer overflow via a specially crafted OGG file. Successful exploitation may allow execution of arbitrary code.

FSA472 - emacs

balík::	emacs
Dátum:	2008-06-13
zraniteľná verzia::	22.1-3kalgan1
odolná verzia::	22.1-3kalgan2
hlásená chyba::	http://bugs.frugalware.org/task/3086
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142
opis:	Morten Welinder has reported a vulnerability in GNU Emacs, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the processing of fast-lock files (.flc) for corresponding source files. This can be exploited to execute arbitrary Emacs Lisp code when e.g. a source file is opened and a specially crafted fast-lock file exists in the same directory. Successful exploitation requires that "font-lock-support-mode" is set to "fast-lock-mode".

FSA471 - stunnel

balík::	stunnel
Dátum:	2008-06-13
zraniteľná verzia::	4.21-1
odolná verzia::	4.24-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3122
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2420
opis:	A security issue has been reported in Stunnel, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to an unspecified error in the OCSP functionality and can lead to a revoked certificate being successfully authenticated.

FSA470 - imlib2

balík::	imlib2
Dátum:	2008-06-13
zraniteľná verzia::	1.4.0-1
odolná verzia::	1.4.0-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3124
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2426
opis:	Secunia Research has discovered two vulnerabilities in imlib2, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise an application using the library. 1) A boundary error exists within the "load()" function in src/modules/loaders/loader_pnm.c when processing the header of a PNM image file. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted PNM image in an application using the imlib2 library. Successful exploitation allows execution of arbitrary code. 2) A boundary error exists within the "load()" function in src/modules/loader_xpm.c when processing an XPM image file. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted XPM image in an application using the imlib2 library. Successful exploitation may allow execution of arbitrary code.

FSA469 - mrxvt

balík::	mrxvt
Dátum:	2008-06-13
zraniteľná verzia::	0.5.3-1
odolná verzia::	0.5.3-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3090
CVEs:	There is no CVE for this issue.
opis:	A security issue has been reported in mrxvt, which can be exploited by malicious, local users to gain escalated privileges. For more information, see FSA466.

FSA468 - rxvt-unicode

balík::	rxvt-unicode
Dátum:	2008-06-13
zraniteľná verzia::	9.02-1
odolná verzia::	9.02-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3089
CVEs:	There is no CVE for this issue.
opis:	A security issue has been reported in rxvt-unicode, which can be exploited by malicious, local users to gain escalated privileges. For more information, see FSA466.

FSA467 - aterm

balík::	aterm
Dátum:	2008-06-13
zraniteľná verzia::	1.0.1-1
odolná verzia::	1.0.1-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3088
CVEs:	There is no CVE for this issue.
opis:	A security issue has been reported in aterm, which can be exploited by malicious, local users to gain escalated privileges. For more information, see FSA466.

FSA466 - rxvt

balík::	rxvt
Dátum:	2008-06-13
zraniteľná verzia::	2.6.4-2
odolná verzia::	2.7.10-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/2925
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1142
opis:	Bernhard R. Link has reported a security issue in rxvt, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the program using ":0" as it's X11 display if the DISPLAY environment variable is missing. This can be exploited to execute arbitrary commands with the privileges of the user running rxvt via a malicious X server.

FSA465 - net-snmp

balík::	net-snmp
Dátum:	2008-06-10
zraniteľná verzia::	5.4.1-3
odolná verzia::	5.4.1-4kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3092
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2292
opis:	A vulnerability has been reported in Net-snmp, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "__snprint_value()" function in perl/SNMP/SNMP.xs. This can be exploited to cause a buffer overflow in an application using the Net-snmp Perl module by tricking the user into connecting to a malicious SNMP agent.

FSA464 - horde-webmail

balík::	horde-webmail
Dátum:	2008-06-06
zraniteľná verzia::	1.0.6-1kalgan1
odolná verzia::	1.1-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3120
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6018
opis:	Secunia Research has discovered a vulnerability in IMP Webmail Client and Horde Groupware Webmail Edition, which can be exploited by malicious people to bypass certain security restrictions and manipulate data. The HTML filter does not filter out frame and frameset HTML elements. Additionally, the application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the request. This can be exploited to (a) delete an arbitrary number of e-mail messages by referencing their numeric IDs and (b) purge deleted mails, when the victim opens a malicious HTML mail. Successful exploitation requires that the victim opens the HTML part of a malicious message.

FSA463 - openssl

balík::	openssl
Dátum:	2008-06-06
zraniteľná verzia::	0.9.8-11
odolná verzia::	0.9.8-12kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3114
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0891 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1672
opis:	Two vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) A double-free error in the handling of server name extension data if "server_name" set to 0x00 can be exploited to crash a server application using OpenSSL by sending a specially crafted TLS 1.0 Client Hello packet. Successful exploitation requires that OpenSSL is compiled using the TLS server name extensions. 2) A NULL pointer dereference error can be exploited by a malicious server to crash a client application when the "Server Key exchange message" is omitted from a TLS handshake and anonymous Diffie-Hellman key exchange is used.

FSA462 - libxslt

balík::	libxslt
Dátum:	2008-05-26
zraniteľná verzia::	1.1.22-2kalgan1
odolná verzia::	1.1.22-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3104
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1767
opis:	A vulnerability has been reported in libxslt, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a vulnerable system. The vulnerability is caused due to an error in the handling of XSL style-sheet files. This can potentially be exploited to trigger the use of uninitialized memory in e.g. a call to "free()" when a specially crafted XSL file is being processed by an application using the library. Successful exploitation may allow execution of arbitrary code.

FSA461 - mysql

balík::	mysql
Dátum:	2008-05-26
zraniteľná verzia::	5.0.51-2
odolná verzia::	5.0.51-3kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3075
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2079
opis:	A security issue has been reported in MySQL, which can be exploited by malicious, local users to bypass certain security restrictions. The problem is that it is possible to bypass certain privilege checks by creating a MyISAM table with certain DATA DIRECTORY and INDEX DIRECTORY options to overwrite existing table files in the MySQL data directory.

FSA460 - seamonkey

balík::	seamonkey
Dátum:	2008-05-26
zraniteľná verzia::	1.1.9-1kalgan1
odolná verzia::	1.1.9-1kalgan2
hlásená chyba::	http://bugs.frugalware.org/task/3021
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1380
opis:	A vulnerability has been reported in Mozilla SeaMonkey, which can potentially be exploited by malicious people to compromise a user's system. For more information, see FSA431.

FSA459 - django

balík::	django
Dátum:	2008-05-26
zraniteľná verzia::	0.96.1-1
odolná verzia::	0.96.2-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3084
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2302
opis:	A vulnerability has been reported in Django, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL is not properly sanitised before being returned to the user through the login form. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

FSA458 - asterisk

balík::	asterisk
Dátum:	2008-05-26
zraniteľná verzia::	1.4.17-1
odolná verzia::	1.4.19.2-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3077
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1897 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1923
opis:	A vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to improper verification of ACK responses during IAX2 handshakes, which can be exploited to spoof an IAX2 handshake and cause a DoS via high bandwidth usage.

FSA457 - kvm

balík::	kvm
Dátum:	2008-05-25
zraniteľná verzia::	61-2
odolná verzia::	61-3kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3044
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004
opis:	A vulnerability has been reported in KVM, which can be exploited by malicious, local users to bypass certain security restrictions or cause a DoS (Denial of Service). The error can be exploited by a guest to read arbitrary files on the host via a specially crafted disk header. For more information, see FSA455.

FSA456 - xemacs

balík::	xemacs
Dátum:	2008-05-25
zraniteľná verzia::	21.4.21-1
odolná verzia::	21.4.21-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3041
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1694
opis:	Some security issues have been reported in XEmacs, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issues are caused due to the use of vulnerable GNU Emacs code. For more information, see FSA423.

FSA455 - qemu

balík::	qemu
Dátum:	2008-05-25
zraniteľná verzia::	0.9.1-2
odolná verzia::	0.9.1-3kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3043
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2004
opis:	A vulnerability has been reported in QEMU, which can be exploited by malicious, local users to bypass certain security restrictions. The vulnerability is caused due to the "drive_init()" function in vl.c determining the format of a disk from data contained in the disk's header. This can be exploited by a malicious user in a guest system to e.g. read arbitrary files on the host by writing a fake header to a raw formatted disk image.

FSA454 - chicken

balík::	chicken
Dátum:	2008-05-25
zraniteľná verzia::	2.732-1
odolná verzia::	3.1.10-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3091
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0674
opis:	A vulnerability been reported in Chicken, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerabilities are caused due to the use of a vulnerable version of the PCRE library.

FSA453 - gnutls

balík::	gnutls
Dátum:	2008-05-25
zraniteľná verzia::	2.2.0-1
odolná verzia::	2.2.5-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3100
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1948 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1949 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1950
opis:	Some vulnerabilities have been reported in GnuTLS, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise an application using the library. 1) A boundary error exists in the processing "Client Hello" messages containing a "Server Name" extension. This can be exploited to cause a heap-based buffer overflow via a specially crafted TLS packet. Successful exploitation may allow execution of arbitrary code. 2) A NULL-pointer dereference error in the processing of TLS packets containing multiple "Client Hello" messages can be exploited to crash an affected application. 3) A signedness error exists within the "_gnutls_ciphertext2compressed()" function in lib/gnutls_cipher.c. This can be exploited to cause an out of bounds read and crash an affected application via specially crafted, encrypted TLS data.

FSA452 - graphicsmagick

balík::	graphicsmagick
Dátum:	2008-05-20
zraniteľná verzia::	1.1.11-1
odolná verzia::	1.1.12-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3076
CVEs:	There is no CVE for this issue, see http://sourceforge.net/project/shownotes.php?release_id=595544
opis:	A security issue has been reported in GraphicsMagick, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the improper processing of file extensions and can be exploited to e.g. access X11 or to invoke certain delegate programs. Successful exploitation requires that a user is tricked into processing a malicious file with a specific file extension.

FSA451 - audacity

balík::	audacity
Dátum:	2008-05-20
zraniteľná verzia::	1.3.3-2
odolná verzia::	1.3.5-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3080
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6061
opis:	Viktor Griph has reported a security issue in Audacity, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to delete arbitrary files and directories. The security issue is caused due to the "AudacityApp::OnInit()" method in src/AudacityApp.cpp handling temporary files in an insecure manner. This can be exploited to delete arbitrary files and directories via symlink attacks, or to cause a deadlock.

FSA450 - pngcrush

balík::	pngcrush
Dátum:	2008-05-20
zraniteľná verzia::	1.6.4-1
odolná verzia::	1.6.5-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3079
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
opis:	A vulnerability has been reported in Pngcrush, which can be exploited by malicious people to disclose potentially sensitive information or potentially compromise a user's system. The vulnerability is caused due to the use of vulnerable libpng code. For more information, see FSA434.

FSA449 - rdesktop

balík::	rdesktop
Dátum:	2008-05-20
zraniteľná verzia::	1.5.0-2
odolná verzia::	1.6.0-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3078
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1801 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1802 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1803
opis:	Some vulnerabilities have been reported in rdesktop, which can be exploited by malicious people to compromise a user's system. 1) An integer underflow error in iso.c when processing RDP requests can be exploited to cause a heap-based buffer overflow. 2) An input validation error in rdp.c when processing RDP redirect requests can be exploited to cause a BSS-based buffer overflow. 3) A signedness error within "xrealloc()" in rdesktop.c can be exploited to cause a heap-based buffer overflow. Successful exploitation allows execution of arbitrary code but requires that a user is tricked into connecting to a malicious RDP server.

FSA448 - php

balík::	php
Dátum:	2008-05-20
zraniteľná verzia::	5.2.5-2
odolná verzia::	5.2.6-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3074
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2050 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2108
opis:	Some vulnerabilities have been reported in PHP, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions, and potentially by malicious people to cause a DoS (Denial of Service) or to compromise a vulnerable system. 1) An unspecified error in the FastCGI SAPI can be exploited to cause a stack-based buffer overflow. 2) An error in the processing of multibyte characters within the "escapeshellcmd()" and "escapeshellarg()" functions can be exploited to escape the inserted backslash or quote characters via certain multibyte characters. Successful exploitation allows to bypass the "safe_mode_exec_dir" and "disable_functions" directives, and potentially to inject arbitrary shell commands via user controlled input, but requires that the shell uses a locale with a variable width character (e.g. GBK, EUC-KR, SJIS). 3) A vulnerability is caused due to an error during path translation in cgi_main.c. This can potentially be exploited to execute arbitrary code, but depends on how a targeted application is using PHP. 4) An error in cURL can be exploited to bypass the "safe_mode" directive. 5) A boundary error in PCRE can potentially be exploited by malicious people to cause a DoS or compromise a vulnerable system.

FSA447 - eterm

balík::	eterm
Dátum:	2008-05-15
zraniteľná verzia::	0.9.4-2
odolná verzia::	0.9.4-3kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/2918
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1692
opis:	A security issue has been reported in Eterm, which can be exploited by malicious, local users to gain escalated privileges. Eterm 0.9.4 opens a terminal window on :0 if -display is not specified and the DISPLAY environment variable is not set, which might allow local users to hijack X11 connections. NOTE: realistic attack scenarios require that the victim enters a command on the wrong machine.

FSA446 - kdelibs

balík::	kdelibs
Dátum:	2008-05-15
zraniteľná verzia::	3.5.9-1
odolná verzia::	3.5.9-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3047
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1671
opis:	A vulnerability has been reported in KDE, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges. The vulnerability is caused due to an error in the start_kdeinit script (installed setuid root by default). This can be exploited to send signals to privileged processes, cause a DoS, or potentially execute arbitrary code in the context of the target process.

FSA445 - kernel

balík::	kernel
Dátum:	2008-05-15
zraniteľná verzia::	2.6.24-4kalgan1
odolná verzia::	2.6.24-4kalgan2
hlásená chyba::	http://bugs.frugalware.org/task/3060
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1669
opis:	A vulnerability has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error when preventing race conditions between "fcntl_setlk()" and "close()" calls on SMP systems. This can be exploited to trigger the improper, reordered access to the file descriptor table and the "file_lock" structure of an inode, between threads running on different CPUs.

FSA444 - thunderbird

balík::	thunderbird
Dátum:	2008-05-15
zraniteľná verzia::	2.0.0.12-1
odolná verzia::	2.0.0.14-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/2906
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1233 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1234 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1235 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1236 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1237
opis:	Some vulnerabilities have been reported in Mozilla Thunderbird, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, or potentially compromise a user's system. For more information, see FSA407.

FSA443 - util-linux-ng

balík::	util-linux-ng
Dátum:	2008-05-15
zraniteľná verzia::	2.13.1-1
odolná verzia::	2.13.1-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3046
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1926
opis:	A weakness has been reported in util-linux-ng, which can be exploited by malicious people to manipulate certain data. The security issue is caused due to an error in login.c while logging login attempts. This can be exploited to inject e.g. an arbitrary address in the audit logs via a specially crafted username.

FSA442 - wordpress

balík::	wordpress
Dátum:	2008-05-15
zraniteľná verzia::	2.3.3-2kalgan1
odolná verzia::	2.5.1-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3048
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1930 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2068
opis:	Two vulnerabilities have been reported in WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and to compromise a vulnerable system. 1) A vulnerability is caused due to improper access restriction of the administration section. This can be exploited to bypass the authentication mechanism and gain administrative access by setting a specially crafted cookie. This can further be exploited to execute arbitrary PHP code. Successful exploitation of this vulnerability requires that registering new accounts is enabled. The vulnerability is reported in version 2.5. 2) Input passed to an unspecified parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

FSA441 - kernel

balík::	kernel
Dátum:	2008-05-05
zraniteľná verzia::	2.6.24-3
odolná verzia::	2.6.24-4kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3050
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1375
opis:	A vulnerability has been reported in the Linux kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) or to potentially gain escalated privileges. A race condition error exists in the dnotify subsystem between calls to "fcntl()" and "close()". This can be exploited to cause a system crash or potentially gain root privileges.

FSA440 - frugalwareutils

balík::	frugalwareutils
Dátum:	2008-05-05
zraniteľná verzia::	0.7.9-1
odolná verzia::	0.7.9-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3052
CVEs:	There is no CVE for this issue.
opis:	A vulnerability has been reported in frugalwareutils, which can potentially be exploited by malicious people to cause a DoS on a vulnerable system. The vulnerability is caused due to creating new files as root without checking the current value of umask. Successful exploitation may allow execution of arbitrary code.

FSA439 - vorbis-tools

balík::	vorbis-tools
Dátum:	2008-05-05
zraniteľná verzia::	1.1.1-3
odolná verzia::	1.1.1-4kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3032
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
opis:	A vulnerability has been reported in vorbis-tools, which can potentially be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the use of vulnerable libfishsound; an input validation error when processing Speex headers, which can be exploited via a specially crafted Speex stream containing a negative "modeID" field in the header. Successful exploitation may allow execution of arbitrary code.

FSA438 - xine-lib

balík::	xine-lib
Dátum:	2008-05-05
zraniteľná verzia::	1.1.11-1kalgan2
odolná verzia::	1.1.11-1kalgan3
hlásená chyba::	http://bugs.frugalware.org/task/3027
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1878
opis:	Guido Landi has discovered a vulnerability in xine-lib, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "demux_nsf_send_chunk()" function in src/demuxers/demux_nsf.c. This can be exploited to cause a stack-based buffer overflow via an overly long NSF title.

FSA437 - xine-lib

balík::	xine-lib
Dátum:	2008-05-05
zraniteľná verzia::	1.1.11-1kalgan2
odolná verzia::	1.1.11-1kalgan3
hlásená chyba::	http://bugs.frugalware.org/task/3010
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1686
opis:	A vulnerability has been reported in xine-lib, which can potentially be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the use of vulnerable libfishsound; an input validation error when processing Speex headers, which can be exploited via a specially crafted Speex stream containing a negative "modeID" field in the header. Successful exploitation may allow execution of arbitrary code.

FSA436 - phpmyadmin

balík::	phpmyadmin
Dátum:	2008-04-25
zraniteľná verzia::	2.11.5.1-1kalgan1
odolná verzia::	2.11.5.2-1kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3035
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1924
opis:	A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious users to disclose sensitive information. The vulnerability is caused due to an unspecified error and can be exploited to disclose arbitrary files via a specially crafted HTTP POST request. Successful exploitation requires a certain level of access e.g. on a shared host.

FSA435 - openssh

balík::	openssh
Dátum:	2008-04-25
zraniteľná verzia::	4.7p1-4kalgan1
odolná verzia::	4.7p1-4kalgan2
hlásená chyba::	http://bugs.frugalware.org/task/2961
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1657
opis:	A weakness has been reported in OpenSSH, which can be exploited by malicious, local users to bypass certain security restrictions. The weakness is caused due to the improper implementation of the "ForceCommand" directive. This can be exploited to execute arbitrary commands via the ~/.ssh/rc file even if a "ForceCommand" directive is in effect.

FSA434 - libpng

balík::	libpng
Dátum:	2008-04-25
zraniteľná verzia::	1.2.24-1
odolná verzia::	1.2.24-2kalgan1
hlásená chyba::	http://bugs.frugalware.org/task/3013
CVEs:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1382
opis:	Tavis Ormandy has reported a vulnerability in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service), disclose potentially sensitive information, or potentially compromise an application using the library. The vulnerability is caused due to the improper handling of PNG chunks un