Note: libgd is need for being able to export png, jpeg and gif files!
Of course libgd needs to be compiled with the proper support for the
mentioned formats relying on 3rd. party libs like libpng and libjpeg.
Note: After some upstream versioning limbo, this is the official first release
of argus 3.0 considered to be an release-candidate. Bug fixes for this
version will make its way into the upcoming 3.0.1!
Note: After some upstream versioning limbo, this is the official first release
of argus 3.0 considered to be an release-candidate. Bug fixes for this
version will make its way into the upcoming 3.0.1!
CVE-2007-6714 (Medium) :
DBMail before 2.2.9, when using authldap with an LDAP server that supports anonymous login
such as Active Directory, allows remote attackers to bypass authentication via an empty
password, which causes the LDAP bind to indicate success based on anonymous authentication.
CVE-2008-0053 (High) :
Multiple buffer overflows in the HP-GL/2-to-PostScript filter in CUPS before 1.3.6 might allow
remote attackers to execute arbitrary code via a crafted HP-GL/2 file.
CVE-2008-1373 (High) :
Buffer overflow in the gif_read_lzw in CUPS 1.3.6 allows remote attackers to have an unknown
impact via a GIF file with a large code_size value, a similar issue to CVE-2006-4484.
CVE-2008-1657 (Medium ) :
OpenSSH before 4.9 allows remote authenticated users to bypass the sshd_config
ForceCommand directive by modifying the .ssh/rc session file.
CVE-2008-1372 (Medium) :
bzlib.c in bzip2 before 1.0.5 allows user-assisted remote attackers to cause a denial of service
(crash) via a crafted file that triggers a buffer over-read, as demonstrated by the PROTOS
GENOME test suite for Archive Formats.
CVE-2008-1530 (High) :
GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and
possibly execute arbitrary code via crafted duplicate keys that are imported from key servers,
which triggers "memory corruption around deduplication of user IDs."
CVE-2008-1530 (High) :
GnuPG (gpg) 1.4.8 and 2.0.8 allows remote attackers to cause a denial of service (crash) and
possibly execute arbitrary code via crafted duplicate keys that are imported from key servers,
which triggers "memory corruption around deduplication of user IDs."
CVE-2008-1768 (Medium) :
Multiple integer overflows in VLC before 0.8.6f allow remote attackers to cause a denial of
service (crash) via the (1) MP4 demuxer, (2) Real demuxer, and (3) Cinepak codec, which
triggers a buffer overflow.
CVE-2008-1769 (Medium) :
VLC before 0.8.6f allow remote attackers to cause a denial of service (crash) via a crafted
Cinepak file that triggers an out-of-bounds array access and memory corruption.
CVE-2007-5198 (Medium) :
Buffer overflow in the redir function in check_http.c in Nagios Plugins before 1.4.10, when
running with the -f (follow) option, allows remote web servers to execute arbitrary code via
Location header responses (redirects) with a large number of leading "L" characters.
CVE-2007-5623 (Medium) :
Buffer overflow in the check_snmp function in Nagios Plugins (nagios-plugins) 1.4.10 allows
remote attackers to cause a denial of service (crash) via crafted snmpget replies.
CVE-2007-5624 (Medium) :
Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject
arbitrary web script or HTML via unknown vectors to unspecified CGI scripts.
CVE-2008-1360 (Medium) :
Cross-site scripting (XSS) vulnerability in Nagios before 2.11 allows remote attackers to inject
arbitrary web script or HTML via unknown vectors to unspecified CGI scripts, a different issue
than CVE-2007-5624.
Christian Wiese
Nagy Karoly Gabriel
Alejandro Mery
Alejandro
Aldas Nabazas