MidnightBSD

Advisories for altlinux

CVE-2004-1139 MEDIUM

Unknown vulnerability in the DICOM dissector in Ethereal 0.10.4 through 0.10.7 allows remote attackers to cause a denial of service (application crash).

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.11
suse suse_linux 9.0
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.6
redhat enterprise_linux_desktop 3.0
sgi propack 3.0
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
suse suse_linux 8.2
ethereal_group ethereal 0.10.2
conectiva linux 9.0
ethereal_group ethereal 0.10.3
altlinux alt_linux 2.3
redhat enterprise_linux 3.0
ethereal_group ethereal 0.9.6
suse suse_linux 9.2
ethereal_group ethereal 0.9.5
suse suse_linux 9.1
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9.8
redhat linux_advanced_workstation 2.1
suse suse_linux 8.1
suse suse_linux 8.0
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10
ethereal_group ethereal 0.9.15
debian debian_linux 3.0
conectiva linux 10.0
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.16
redhat enterprise_linux 2.1
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9
ethereal_group ethereal 0.9.13
CVE-2004-1142 MEDIUM

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed SMB packet.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.11
suse suse_linux 9.0
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.6
redhat enterprise_linux_desktop 3.0
sgi propack 3.0
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
suse suse_linux 8.2
ethereal_group ethereal 0.10.2
conectiva linux 9.0
ethereal_group ethereal 0.10.3
altlinux alt_linux 2.3
redhat enterprise_linux 3.0
ethereal_group ethereal 0.9.6
suse suse_linux 9.2
ethereal_group ethereal 0.9.5
suse suse_linux 9.1
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9.8
redhat linux_advanced_workstation 2.1
suse suse_linux 8.1
suse suse_linux 8.0
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10
ethereal_group ethereal 0.9.15
debian debian_linux 3.0
conectiva linux 10.0
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.16
redhat enterprise_linux 2.1
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9
ethereal_group ethereal 0.9.13
CVE-2004-1145 MEDIUM

Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ethereal_group ethereal 0.9.10
ethereal_group ethereal 0.9.11
suse suse_linux 9.0
ethereal_group ethereal 0.9.1
ethereal_group ethereal 0.10.6
redhat enterprise_linux_desktop 3.0
sgi propack 3.0
ethereal_group ethereal 0.10.1
ethereal_group ethereal 0.10.5
suse suse_linux 8.2
ethereal_group ethereal 0.10.2
conectiva linux 9.0
ethereal_group ethereal 0.10.3
altlinux alt_linux 2.3
redhat enterprise_linux 3.0
ethereal_group ethereal 0.9.6
suse suse_linux 9.2
ethereal_group ethereal 0.9.5
suse suse_linux 9.1
ethereal_group ethereal 0.9.12
ethereal_group ethereal 0.9.8
redhat linux_advanced_workstation 2.1
suse suse_linux 8.1
suse suse_linux 8.0
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.9.14
ethereal_group ethereal 0.10
ethereal_group ethereal 0.9.15
debian debian_linux 3.0
conectiva linux 10.0
ethereal_group ethereal 0.9.7
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.9.2
ethereal_group ethereal 0.9.9
ethereal_group ethereal 0.9.3
ethereal_group ethereal 0.9.16
redhat enterprise_linux 2.1
ethereal_group ethereal 0.9.4
ethereal_group ethereal 0.9
ethereal_group ethereal 0.9.13
CVE-2005-0398 MEDIUM

The KAME racoon daemon in ipsec-tools before 0.5 allows remote attackers to cause a denial of service (crash) via malformed ISAKMP packets.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
ipsec-tools ipsec-tools 0.3.3
kame racoon 2004-05-03
kame racoon 2005-01-24
kame racoon 2005-01-10
kame racoon 2003-07-11
redhat enterprise_linux_desktop 3.0
kame racoon 2005-03-07
sgi propack 3.0
kame racoon 2005-02-14
altlinux alt_linux 2.3
redhat enterprise_linux 3.0
suse suse_linux 9.2
kame racoon 2004-04-07b
suse suse_linux 9.1
redhat enterprise_linux 4.0
kame racoon 2005-01-03
kame racoon 2005-01-17
kame racoon 2005-02-07
kame racoon 2004-04-05
ipsec-tools ipsec-tools 0.5
suse suse_linux *
kame racoon 2005-02-21
kame racoon 2005-01-31
redhat enterprise_linux_desktop 4.0
kame racoon 2005-02-28
CVE-2005-0605 HIGH

scan.c for LibXPM may allow attackers to execute arbitrary code via a negative bitmap_unit value that leads to a buffer overflow.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
xfree86_project x11r6 4.0
x.org x11r6 6.8.1
xfree86_project x11r6 4.1.11
suse suse_linux 9.0
xfree86_project x11r6 3.3.4
suse suse_linux 7.3
suse suse_linux 6.3
x.org x11r6 6.7.0
xfree86_project x11r6 4.2.0
suse suse_linux 6.4
xfree86_project x11r6 3.3.5
redhat enterprise_linux_desktop 3.0
suse suse_linux 8.2
altlinux alt_linux 2.3
suse suse_linux 9.1
xfree86_project x11r6 4.3.0.1
xfree86_project x11r6 3.3.3
redhat enterprise_linux 4.0
xfree86_project x11r6 4.3.0.2
suse suse_linux 8.1
xfree86_project x11r6 4.2.1
xfree86_project x11r6 4.0.1
redhat enterprise_linux_desktop 4.0
xfree86_project x11r6 4.0.2.11
mandrakesoft mandrake_linux 10.0
suse suse_linux 6.2
redhat fedora_core core_2.0
mandrakesoft mandrake_linux 10.1
suse suse_linux 7.1
suse suse_linux 6.1
mandrakesoft mandrake_linux 10.2
xfree86_project x11r6 4.1.0
suse suse_linux 7.0
xfree86_project x11r6 4.0.3
xfree86_project x11r6 4.3.0
lesstif lesstif 0.93.94
mandrakesoft mandrake_linux_corporate_server 3.0
sgi propack 3.0
xfree86_project x11r6 3.3.2
redhat enterprise_linux 3.0
suse suse_linux 9.2
xfree86_project x11r6 4.1.12
suse suse_linux 8.0
redhat fedora_core core_3.0
xfree86_project x11r6 3.3.6
suse suse_linux 7.2
x.org x11r6 6.8
mandrakesoft mandrake_linux_corporate_server 2.1
xfree86_project x11r6 3.3
CVE-2005-0638 HIGH

xloadimage before 4.1-r2, and xli before 1.17, allows attackers to execute arbitrary commands via shell metacharacters in filenames for compressed images, which are not properly quoted when calling the gunzip command.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.1
suse suse_linux 3.0
suse suse_linux 6.1
suse suse_linux 4.2
suse suse_linux 9.0
suse suse_linux 7.3
suse suse_linux 7.0
suse suse_linux 6.3
xli xli 1.15
suse suse_linux 6.4
xli xli 1.17
suse suse_linux 9.3
suse suse_linux 5.1
suse suse_linux 8.2
suse suse_linux 2.0
altlinux alt_linux 2.3
suse suse_linux 9.2
suse suse_linux 5.3
suse suse_linux 9.1
suse suse_linux 4.4.1
suse suse_linux 4.3
suse suse_linux 5.2
suse suse_linux 8.1
suse suse_linux 8.0
suse suse_linux 1.0
suse suse_linux 6.0
suse suse_linux 4.0
suse suse_linux 4.4
suse suse_linux 7.2
xli xli 1.14
xli xli 1.16
suse suse_linux 6.2
suse suse_linux 5.0
CVE-2005-0639 HIGH

Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
suse suse_linux 7.1
suse suse_linux 3.0
suse suse_linux 6.1
suse suse_linux 4.2
suse suse_linux 9.0
suse suse_linux 7.3
suse suse_linux 7.0
suse suse_linux 6.3
xli xli 1.15
suse suse_linux 6.4
xli xli 1.17
suse suse_linux 9.3
suse suse_linux 5.1
suse suse_linux 8.2
suse suse_linux 2.0
altlinux alt_linux 2.3
suse suse_linux 9.2
suse suse_linux 5.3
suse suse_linux 9.1
suse suse_linux 4.4.1
suse suse_linux 4.3
suse suse_linux 5.2
suse suse_linux 8.1
suse suse_linux 8.0
suse suse_linux 1.0
suse suse_linux 6.0
suse suse_linux 4.0
suse suse_linux 4.4
suse suse_linux 7.2
xli xli 1.14
xli xli 1.16
suse suse_linux 6.2
suse suse_linux 5.0
CVE-2005-0667 MEDIUM

Buffer overflow in Sylpheed before 1.0.3 and other versions before 1.9.5 allows remote attackers to execute arbitrary code via an e-mail message with certain headers containing non-ASCII characters that are not properly handled when the user replies to the message.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sylpheed sylpheed 0.9.10
sylpheed sylpheed 1.0.2
sylpheed sylpheed 0.9.4
redhat linux_advanced_workstation 2.1
sylpheed sylpheed 0.9.99
sylpheed sylpheed 0.9.11
redhat fedora_core core_3.0
sylpheed sylpheed 0.9.6
sylpheed sylpheed 0.9.9
sylpheed sylpheed 1.0.0
sylpheed sylpheed 0.9.7
sylpheed sylpheed 0.8.11
sylpheed sylpheed 0.9.5
sylpheed sylpheed 0.9.8
gentoo linux *
sylpheed sylpheed 1.0.1
altlinux alt_linux 2.3
redhat enterprise_linux 2.1
sylpheed-claws sylpheed-claws 1.0.2
sylpheed sylpheed 0.9.12
CVE-2005-0699 HIGH

Multiple buffer overflows in the dissect_a11_radius function in the CDMA A11 (3G-A11) dissector (packet-3g-a11.c) for Ethereal 0.10.9 and earlier allow remote attackers to execute arbitrary code via RADIUS authentication packets with large length values.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
redhat enterprise_linux 4.0
redhat linux_advanced_workstation 2.1
altlinux alt_linux junior_2.3
ethereal_group ethereal 0.10.8
ethereal_group ethereal 0.10.7
ethereal_group ethereal 0.10.6
redhat enterprise_linux_desktop 3.0
conectiva linux 10.0
ethereal_group ethereal 0.10.4
ethereal_group ethereal 0.10.9
altlinux alt_linux compact_2.3
ethereal_group ethereal 0.10.5
redhat enterprise_linux_desktop 4.0
conectiva linux 9.0
ethereal_group ethereal 0.10.3
redhat enterprise_linux 3.0
redhat enterprise_linux 2.1