Berkeley-AL20, Berkeley-BD Security Vulnerabilities

[SECURITY] [DSA 2762-1] icedove security update

Debian Security Advisory DSA-2762-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 23, 2013 http://www.debian.org/security/faq Package : icedove Vulnerability : several Problem type : remote...

Debian DSA-2759-1 : iceweasel - several vulnerabilities

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows may lead to the execution of arbitrary code. The Iceweasel version in the oldstable distribution (squeeze) is no longer supported with...

[SECURITY] [DSA 2759-1] iceweasel security update

Debian Security Advisory DSA-2759-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff September 18, 2013 http://www.debian.org/security/faq Package : iceweasel Vulnerability : several Problem type : remote...

Debian Security Advisory DSA 2759-1 (iceweasel - several vulnerabilities)

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, buffer overflows may lead to the execution of arbitrary code. The Iceweasel version in the oldstable distribution (squeeze) is no longer supported with...

Debian Security Advisory DSA 2583-1 (iceweasel - several vulnerabilities)

Multiple vulnerabilities have been found in Iceweasel, the Debian web browser based on Mozilla Firefox: CVE-2012-5829Heap-based buffer overflow in the nsWindow::OnExposeEvent function could allow remote attackers to execute arbitrary code. CVE-2012-5842Multiple unspecified vulnerabilities in the...

Debian Security Advisory DSA 2553-1 (iceweasel - several vulnerabilities)

Several vulnerabilities have been discovered in Iceweasel, a web browser based on Firefox. The included XULRunner library provides rendering services for several other applications included in Debian. The reported vulnerabilities could lead to the execution of arbitrary code or the bypass of...

Debian: Security Advisory (DSA-2759-1)

The remote host is missing an update for the...

Amazon Linux AMI : krb5 (ALAS-2011-15)

Multiple NULL pointer dereference and assertion failure flaws were found in the MIT Kerberos KDC when it was configured to use an LDAP (Lightweight Directory Access Protocol) or Berkeley Database (Berkeley DB) back end. A remote attacker could use these flaws to crash the KDC. (CVE-2011-1527 ,...

[SECURITY] [DSA 2746-1] icedove security update

Debian Security Advisory DSA-2746-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 29, 2013 http://www.debian.org/security/faq Package : icedove Vulnerability : several Problem type : remote...

Fedora Update for bind FEDORA-2013-13863

Check for the Version of...

Facebook Stands By Bug Disclosure Policy, Patches Wall Bug

A member of Facebook’s security team acknowledged over the weekend that the group could have taken further steps to verify a vulnerability initially brought to their attention by an independent security researcher last week but that the company largely adhered to its bug disclosure policy. That...

EHACK : The Largest Information Security Awareness Marathon Globally

More than 9000+ participants enter the Guinness book of World Records for the largest congregation for information Security. E-Hack, world largest Ethical Hacking workshop was organized by InfySEC at SRM University on July 27 and 28,2013 . The expected participant count was 4500+ but on the day...

EHACK : The Largest Information Security Awareness Marathon Globally

More than 9000+ participants enter the Guinness book of World Records for the largest congregation for information Security. E-Hack, world largest Ethical Hacking workshop was organized by InfySEC at SRM University on July 27 and 28,2013 . The expected participant count was 4500+ but on the day...

Twitter Account 'Classifier' Detects Fraudulent Accounts

Fraudulent Twitter accounts are a booming business, accounting for significant underground money for spammers, fake antivirus scams, drive-by downloads and phishing schemes. But research presented at USENIX yesterday proposes a means for driving up the cost for attackers to get these campaigns off....

After Paying $2M in Rewards, Google Multiplies Some Bug Bounties Five Times

Google’s bug bounty program has been one of the more successful reward systems of its kind, and the company has regularly modified and expanded the program over the years to keep pace with what’s going on in the industry. Google also has increased the rewards it offers for certain kinds of...

Debian DSA-2735-1 : iceweasel - several vulnerabilities

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: multiple memory safety errors, missing permission checks and other implementation errors may lead to the execution of arbitrary code, cross-site scripting, privilege escalation, bypass of...

Fedora Update for bind FEDORA-2013-13831

Check for the Version of...

[SECURITY] [DSA 2735-1] iceweasel security update

Debian Security Advisory DSA-2735-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff August 07, 2013 http://www.debian.org/security/faq Package : iceweasel Vulnerability : several Problem type : remote...

Debian Security Advisory DSA 2735-1 (iceweasel - several vulnerabilities)

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: multiple memory safety errors, missing permission checks and other implementation errors may lead to the execution of arbitrary code, cross-site scripting, privilege escalation, bypass of...

Debian: Security Advisory (DSA-2735-1)

The remote host is missing an update for the...

[SECURITY] Fedora 18 Update: bind-9.9.3-4.P2.fc18

BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....

[SECURITY] Fedora 19 Update: bind-9.9.3-5.P2.fc19

BIND (Berkeley Internet Name Domain) is an implementation of the DNS (Domain Name System) protocols. BIND includes a DNS server (named), which resolves host names to IP addresses; a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS.....

CVE-2013-3220

bitcoind and Bitcoin-Qt before 0.4.9rc2, 0.5.x before 0.5.8rc2, 0.6.x before 0.6.5rc2, and 0.7.x before 0.7.3rc2, and wxBitcoin, do not properly consider whether a block's size could require an excessive number of database locks, which allows remote attackers to cause a denial of service (split)...

CVE-2013-3219

bitcoind and Bitcoin-Qt 0.8.x before 0.8.1 do not enforce a certain block protocol rule, which allows remote attackers to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product...

Code injection

bitcoind and Bitcoin-Qt before 0.4.9rc2, 0.5.x before 0.5.8rc2, 0.6.x before 0.6.5rc2, and 0.7.x before 0.7.3rc2, and wxBitcoin, do not properly consider whether a block's size could require an excessive number of database locks, which allows remote attackers to cause a denial of service (split)...

CVE-2013-3219

bitcoind and Bitcoin-Qt 0.8.x before 0.8.1 do not enforce a certain block protocol rule, which allows remote attackers to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product...

Design/Logic Flaw

bitcoind and Bitcoin-Qt 0.8.x before 0.8.1 do not enforce a certain block protocol rule, which allows remote attackers to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product...

CVE-2013-3220

bitcoind and Bitcoin-Qt before 0.4.9rc2, 0.5.x before 0.5.8rc2, 0.6.x before 0.6.5rc2, and 0.7.x before 0.7.3rc2, and wxBitcoin, do not properly consider whether a block's size could require an excessive number of database locks, which allows remote attackers to cause a denial of service (split)...

CVE-2013-3219

bitcoind and Bitcoin-Qt 0.8.x before 0.8.1 do not enforce a certain block protocol rule, which allows remote attackers to bypass intended access restrictions and conduct double-spending attacks via a large block that triggers incorrect Berkeley DB locking in older product...

CVE-2013-3220

bitcoind and Bitcoin-Qt before 0.4.9rc2, 0.5.x before 0.5.8rc2, 0.6.x before 0.6.5rc2, and 0.7.x before 0.7.3rc2, and wxBitcoin, do not properly consider whether a block's size could require an excessive number of database locks, which allows remote attackers to cause a denial of service (split)...

CentOS Update for bind CESA-2013:1114 centos6

The remote host is missing an update for...

CentOS Update for bind CESA-2013:1114 centos6

Check for the Version of...

CentOS Update for bind97 CESA-2013:1115 centos5

The remote host is missing an update for...

CentOS Update for bind97 CESA-2013:1115 centos5

Check for the Version of...

CentOS 5 : bind97 (CESA-2013:1115)

Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is...

Oracle Linux 6 : bind (ELSA-2013-1114)

From Red Hat Security Advisory 2013:1114 : Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score,...

Oracle Linux 5 : bind97 (ELSA-2013-1115)

From Red Hat Security Advisory 2013:1115 : Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score,...

CentOS 6 : bind (CESA-2013:1114)

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is...

bind97 security update

CentOS Errata and Security Advisory CESA-2013:1115 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying...

bind security update

CentOS Errata and Security Advisory CESA-2013:1114 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying...

RHEL 5 : bind97 (RHSA-2013:1115)

Updated bind97 packages that fix one security issue are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is...

(RHSA-2013:1115) Important: bind97 security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial....

(RHSA-2013:1114) Important: bind security update

The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for verifying that the DNS server is operating correctly. A denial....

RHEL 6 : bind (RHSA-2013:1114)

Updated bind packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is...

CORE-2013-0705 - XnView Buffer Overflow Vulnerability

Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ XnView Buffer Overflow Vulnerability Advisory Information Title: XnView Buffer Overflow Vulnerability Advisory ID: CORE-2013-0705 Advisory URL: http://www.coresecurity.com/advisories/xnview-buffer-overflow-vulnerability Date...

Debian Security Advisory DSA 2728-1 (bind9 - denial of service)

Maxim Shudrak and the HP Zero Day Initiative reported a denial of service vulnerability in BIND, a DNS server. A specially crafted query that includes malformed rdata can cause named daemon to terminate with an assertion failure while rejecting the malformed...

XnView 2.03 - '.pct' Buffer Overflow

...

XnView 2.03 - .pct Buffer Overflow

XnView 2.03 - .pct Buffer...

XnView 2.03 (.PCT) - Buffer Overflow Vulnerability

Exploit for windows platform in category dos /...

XnView Buffer Overflow Vulnerability

Advisory Information Title: XnView Buffer Overflow Vulnerability Advisory ID: CORE-2013-0705 Advisory URL: http://www.coresecurity.com/advisories/xnview-buffer-overflow-vulnerability Date published: 2013-07-22 Date of last update: 2013-07-22 Vendors contacted: XnView Release mode: Coordinated...