[eddie5659]

Hiya

Both gv and ggv are applications which use the Ghostscript PostScript
interpreter to display PostScript and PDF documents under the X Window
System.

Zen Parse found a local buffer overflow in gv version 3.5.8 and earlier.

Under this vulnerability, an attacker can create a carefully crafted,
malformed PDF or PostScript file that, when viewed using gv, executes
arbitrary commands on the system.

Because ggv contains code derived from gv, it has the same vulnerability.
All users of gv and ggv are advised to upgrade to these errata packages to
correct this vulnerability.

http://www.linuxsecurity.com/advisor...sory-2432.html

There is a vulnerability in ypxfrd that allows a local user
(possibly remote) to read any file on a system running the
daemon.


http://www.linuxsecurity.com/advisor...sory-2434.html

A directory traversal vulnerability was discovered in unzip version
5.42 and earlier that allows attackers to overwrite arbitrary files
during extraction of the archive by using a ".." (dot dot) in an
extracted filename, as well as prefixing filenames in the archive with
"/" (slash).

http://www.linuxsecurity.com/advisor...sory-2436.html

A directory traversal vulnerability was discovered in GNU tar version
1.13.25 and earlier that allows attackers to overwrite arbitrary files
during extraction of the archive by using a ".." (dot dot) in an
extracted filename.

http://www.linuxsecurity.com/advisor...sory-2437.html

Updated squirrelmail packages are now available for Red Hat Linux.

http://www.linuxsecurity.com/advisor...sory-2438.html

KGhostview includes a DSC 3.0 parser from GSview, which is vulnerable
to a buffer overflow while parsing a specially crafted .ps input
file. It also contains code from gv 3.5.x which is vulnerable to another
buffer overflow triggered by malformed postscript or Adobe pdf files.

http://www.linuxsecurity.com/advisor...sory-2439.html

kpf is a file sharing utility that can be docked into the
KDE kicker bar. It uses a subset of the HTTP protocol internally
and acts much similiar to a webserver.

A feature added in KDE 3.0.1 accidently allowed retrieving any
file, not limited to the configured shared directory, if it is
readable by the user kpf runs under.


http://www.linuxsecurity.com/advisor...sory-2440.html

Regards

eddie

[eddie5659]

The glibc package contains standard libraries which are used by
multiple programs on the system. In order to save disk space and
memory, as well as to make upgrading easier, common system code is
kept in one place and shared between programs. This particular package
contains the most important sets of shared libraries: the standard C
library and the standard math library. Without these two libraries, a
Linux system will not function. The glibc package also contains
national language (locale) support and timezone databases.

http://www.linuxsecurity.com/advisor...sory-2465.html

PostgreSQL is an advanced Object-Relational database management system
(DBMS) that supports almost all SQL constructs (including
transactions, subselects and user-defined types and functions). The
postgresql package includes the client programs and libraries that
you'll need to access a PostgreSQL DBMS server. These PostgreSQL
client programs are programs that directly manipulate the internal
structure of PostgreSQL databases on a PostgreSQL server. These client
programs can be located on the same machine with the PostgreSQL
server, or may be on a remote machine which accesses a PostgreSQL
server over a network connection. This package contains the docs
in HTML for the whole package, as well as command-line utilities for
managing PostgreSQL databases on a PostgreSQL server.

If you want to manipulate a PostgreSQL database on a remote PostgreSQL
server, you need this package. You also need to install this package
if you're installing the postgresql-server package.

http://www.linuxsecurity.com/advisor...sory-2466.html

Python is an interpreted, interactive, object-oriented programming
language often compared to Tcl, Perl, Scheme or Java. Python includes
modules, classes, exceptions, very high level dynamic data types and
dynamic typing. Python supports interfaces to many system calls and
libraries.

Programmers can write new built-in modules for Python in C or C++.
Python can be used as an extension language for applications that
need a programmable interface. This package contains most of the
standard Python modules, as well as modules for interfacing to RPM.

http://www.linuxsecurity.com/advisor...sory-2468.html

The ppp package contains the PPP (Point-to-Point Protocol) daemon
and documentation for PPP support. The PPP protocol provides a
method for transmitting datagrams over serial point-to-point links.

The ppp package should be installed if your machine need to support
the PPP protocol.

http://www.linuxsecurity.com/advisor...sory-2469.html

It is recommended that all Gentoo Linux users who are running
app-text/ggv-1.99.90 and earlier update their systems
as follows:

emerge rsync
emerge ggv
emerge clean

http://www.linuxsecurity.com/advisor...sory-2470.html

Zen-parse discovered a buffer overflow in gv, a PostScript and PDF
viewer for X11. The same code is present in gnome-gv. This problem
is triggered by scanning the PostScript file and can be exploited by
an attacker sending a malformed PostScript or PDF file. The attacker
is able to cause arbitrary code to be run with the privileges of the
victim.

This problem has been fixed in version 1.1.96-3.1 for the current
stable distribution (woody), in version 0.82-2.1 for the old stable
distribution (potato) and version 1.99.7-9 for the unstable
distribution (sid).

http://www.linuxsecurity.com/advisor...sory-2472.html

Olaf Kirch of SuSE has discovered a vulnerability in dvips that
allowed remote users with printing access to execute command as the
lp user by sending carefully crafted printjobs.


http://www.linuxsecurity.com/advisor...sory-2473.html

Regards

eddie

[eddie5659]

There is a buffer overflow in the processing of keyboard input by trek(6).

On NetBSD 1.5 and prior, trek(6) is executed via dm(8), so a malicious
local user could elevate privilege to group "games".

On NetBSD 1.6 and NetBSD-current systems, trek(6) will terminate if
the input is too long

http://www.linuxsecurity.com/advisor...sory-2498.html

Roberto Zunino discovered a vulnerability in the MIT-SHM extension of
XFree86 prior to versions 4.2.1. The vulnerability allows a local
user who can run XFree86 to gain read/write access to any shared
memory segment in the system. Although the use of shared memory
segments to store trusted data is not a common practice, by
exploiting this vulnerability the attacker potentially can get and/or
change sensitive information.

http://www.linuxsecurity.com/advisor...sory-2499.html

Zope (www.zope.org) will reveal the complete physical location where the
server and its components are installed if it receives "incorrect" XML-RPC
requests.
In some cases it will reveal also information about the serves in the
protected LAN (10.x.x.x for example) on which current server is relaying


http://www.linuxsecurity.com/advisor...sory-2500.html

The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote
attackers to cause a denial of service (crash) via a certain
malformed packet, which causes Ethereal to allocate memory
incorrectly, possibly due to zero-length fields.

SMB dissector in Ethereal 0.9.3 and earlier allows remote
attackers to cause a denial of service (crash) or execute
arbitrary code via malformed packets that cause Ethereal to
dereference a NULL pointer.

Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier
allows remote attackers to cause a denial of service (crash)
and possibly execute arbitrary code while Ethereal is parsing
keysyms.

DNS dissector in Ethereal before 0.9.3 allows remote attackers
to cause a denial of service (CPU consumption) via a malformed
packet that causes Ethereal to enter an infinite loop.

Vulnerability in GIOP dissector in Ethereal before 0.9.3
allows remote attackers to cause a denial of service (memory
consumption).


http://www.linuxsecurity.com/advisor...sory-2501.html

A vulnerability exists in KGhostview, part of the kdegraphics package.
It includes a DSC 3.0 parser from GSview then is vulnerable to a buffer
overflow while parsing a specially crafted .ps file. It also contains
code from gv which is vulnerable to a similar buffer overflow triggered
by malformed PostScript and PDF files. This has been fixed in KDE
3.0.4 and patches have been applied to correct these packages

http://www.linuxsecurity.com/advisor...sory-2502.html

A cross-site scripting vulnerability was discovered in mod_ssl by Joe
Orton. This only affects servers using a combination of wildcard DNS
and "UseCanonicalName off" (which is not the default in Mandrake
Linux). With this setting turned off, Apache will attempt to use the
hostnameort that the client supplies, which is where the problem
comes into play. With this setting turned on (the default), Apache
constructs a self-referencing URL and will use ServerName and Port to
form the canonical name.

It is recommended that all users upgrade, regardless of the setting of
the "UseCanonicalName" configuration option.


http://www.linuxsecurity.com/advisor...sory-2503.html

There are several format string coding bugs as well as unsecure
open() calls in the inn program.

http://www.linuxsecurity.com/advisor...sory-2504.html

Regards

eddie