January 2007 - security [ARCHIVED] - Fedora Mailing-Lists

[Bug 222410] Remote execution vulnerability in cacti.

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Remote execution vulnerability in cacti. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=222410 imlinux(a)gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |CLOSED Resolution| |NEXTRELEASE ------- Additional Comments From imlinux(a)gmail.com 2007-01-12 13:14 EST ------- Built, should be on the mirrors soon. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

17 years, 3 months

1
0
0 / 0

[Bug 222410] Remote execution vulnerability in cacti.

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Remote execution vulnerability in cacti. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=222410 imlinux(a)gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

17 years, 3 months

1
0
0 / 0

[Bug 222410] Remote execution vulnerability in cacti.

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Remote execution vulnerability in cacti. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=222410 bressers(a)redhat.com changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |Security -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

17 years, 3 months

1
0
0 / 0

[Bug 222410] Remote execution vulnerability in cacti.

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Remote execution vulnerability in cacti. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=222410 bressers(a)redhat.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fedora-security- | |list(a)redhat.com -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

17 years, 3 months

1
0
0 / 0

[Bug 208299] New: CVE-2006-4976: php-adodb information disclosure

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=208299 Summary: CVE-2006-4976: php-adodb information disclosure Product: Fedora Extras Version: fc5 Platform: All URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4976 OS/Version: Linux Status: NEW Severity: normal Priority: normal Component: php-adodb AssignedTo: gauret(a)free.fr ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: extras-qa(a)fedoraproject.org,fedora-security- list(a)redhat.com CVE-2006-4976: The Date Library in John Lim ADOdb Library for PHP allows remote attackers to obtain sensitive information via a direct request for [...] There's not much information about this issue (?) available at the moment. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

17 years, 3 months

1
2
0 / 0

[Bug 219720] New: CVE-2006-6515: mantis bug reminder threshold issue

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=219720 Summary: CVE-2006-6515: mantis bug reminder threshold issue Product: Fedora Extras Version: fc4 Platform: All OS/Version: Linux Status: NEW Severity: normal Priority: normal Component: mantis AssignedTo: giallu(a)gmail.com ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: extras-qa(a)fedoraproject.org,fedora-security- list(a)redhat.com http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-6515 "Mantis before 1.1.0a2 sets the default value of $g_bug_reminder_threshold to "reporter" instead of a more privileged role, which has unknown impact and attack vectors, possibly related to frequency of reminders." The CVE entry says 1.0.6 is vulnerable, however it looks to me as if it's not, see the change in revision 1.283.2.1.2.1.2.1.2.2.2.11 at http://mantisbt.cvs.sourceforge.net/mantisbt/mantisbt/config_defaults_inc... FC-3 and FC-4 appear to be vulnerable. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

17 years, 3 months

1
2
0 / 0

[Bug 191089] mantis multiple vulnerabilities

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: mantis multiple vulnerabilities https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=191089 giallu(a)gmail.com changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution| |NEXTRELEASE ------- Additional Comments From giallu(a)gmail.com 2007-01-09 05:40 EST ------- No more updates are going to FC4. Closing since it is not applicable to FC5 and newer -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

17 years, 3 months

1
0
0 / 0

[Bug 212698] New: CVE-2006-4513: multiple integer overflows in wv < 1.2.3

by Red Hat Bugzilla

Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=212698 Summary: CVE-2006-4513: multiple integer overflows in wv < 1.2.3 Product: Fedora Extras Version: fc6 Platform: All URL: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4513 OS/Version: Linux Status: NEW Severity: normal Priority: normal Component: abiword AssignedTo: uwog(a)uwog.net ReportedBy: ville.skytta(a)iki.fi QAContact: extras-qa(a)fedoraproject.org CC: extras-qa(a)fedoraproject.org,fedora-security- list(a)redhat.com +++ This bug was initially created as a clone of Bug #212696 +++ Multiple integer overflows in wv < 1.2.3: http://nvd.nist.gov/nvd.cfm?cvename=CVE-2006-4513 abiword uses an internal copy of wv, which seems to be 1.0.3 as of abiword 2.4.5, so it may be affected. Additionally, would it be possible to change abiword to use the system installed wv instead of the internal one? -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.

17 years, 3 months

1
6
0 / 0

SPAMMERS in this list

by Chitlesh GOORAH

Hello there, I confirm what I said in my previous mail in this list. There are spammers around here! Chitlesh -- http://clunixchit.blogspot.com

17 years, 3 months

2
2
0 / 0

Re: AUTORESP Fedora-security-list Digest, Vol 11, Issue 4

by stein＠stone-is.com

Indien u als bestaande klant een supportvraag heeft, gelieve een ticket te openen op https://cis.stone-is.net/cp. U zal dan sneller en efficienter geholpen worden. Bedankt! If you have a support question and you are an existing customer, please open a ticket on https://cis.stone-is.net/cp. We will be able to help you in a more efficient way. Thank you! Stone Internet Services bvba / 1-eurohost.com

17 years, 3 months

1
0
0 / 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

security [ARCHIVED] January 2007