Bugs

[Niki Guldbrand]

Hi All.

Here is a new set of Bugs.


1. XFree

    Vendor: XFree86 Project

    Several vulnerabilities were reported in the XFree86 font
    libraries.  A remote user can execute arbitrary code.  A local user
    may be able to exploit Xserver to execute arbitrary code with root
    privileges.

    Impact: Execution of arbitrary code via local system

    Alert: http://securitytracker.com/alerts/2003/Aug/1007598.html


6. Leafnode

    Vendor: Leafnode.org

    A vulnerability was reported in leafnode.  A remote user can
    cause the fetchnews client to hang.

    Impact: Denial of service via network

    Alert: http://securitytracker.com/alerts/2003/Sep/1007640.html


8. Stunnel

    Vendor: Stunnel.org

    A vulnerability was reported in Stunnel.  A leaked file
    descriptor allows a remote authenticated user to hijack the Stunnel
    server process.

    Impact: Modification of system information

    Alert: http://securitytracker.com/alerts/2003/Sep/1007629.html


17. Pam_ldap

    Vendor: PADL Software Pty Ltd

    A vulnerability was reported in pam_ldap.  A remote user may be
    able to access the system when pam_filter host-based access
    controls are used.

    Impact: User access via network

    Alert: http://securitytracker.com/alerts/2003/Sep/1007611.html


18. Exim

    Vendor: Exim.org

    A vulnerability was reported in the Exim mail transfer agent.
    A remote user can trigger a heap overflow.

    Impact: Denial of service via network

    Alert: http://securitytracker.com/alerts/2003/Sep/1007609.html



Niki
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dbguin.lunar-linux.org/mailman/private/lunar-dev/attachments/20030908/e0eb6d5d/attachment.bin