Jetson Nano, Jetson Nano 2GB Security Vulnerabilities

Fedora Core 3 : squid-2.5.STABLE9-1.FC3.6 (2005-373)

Mon May 16 2005 Jay Fenlason 7:2.5.STABLE9-1.FC3.6 More upstream patches, including ones for bz#157456 CVE-2005-1519 DNS lookups unreliable on untrusted networks bz#156162 CVE-1999-0710 cachemgr.cgi access control bypass The following bugs had already been fixed, but the ...

Security fix for the ALT Linux 8 package squid version 2.5.STABLE9-alt3

May 12, 2005 Denis Ovsienko 2.5.STABLE9-alt3 - applied: + 2005-04-20 14:59 (Medium) Fails to process requests for files larger than 2GB in size + 2005-03-26 23:53 (Minor) rename() related cleanup + 2005-03-29 09:52 (Cosmetic) New cachemgr pending_objects and client_objects actions + 2005-03-30...

(RHSA-2005:080) cpio security update

GNU cpio copies files into or out of a cpio or tar archive. It was discovered that cpio uses a 0 umask when creating files using the -O (archive) option. This creates output files with mode 0666 (all can read and write) regardless of the user's umask setting. The Common Vulnerabilities and...

RHEL 3 : cpio (RHSA-2005:080)

An updated cpio package that fixes a umask bug and supports large files (>2GB) is now available. This update has been rated as having low security impact by the Red Hat Security Response Team GNU cpio copies files into or out of a cpio or tar archive. It was discovered that cpio uses a 0 umask.....

Mandrake Linux Security Advisory : screen (MDKSA-2003:113)

A vulnerability was discovered and fixed in screen by Timo Sirainen who found an exploitable buffer overflow that allowed privilege escalation. This vulnerability also has the potential to allow attackers to gain control of another user's screen session. The ability to exploit is not trivial and...

Microsoft Windows Installed Hotfixes

Using the supplied credentials, Nessus was unable to log into the remote Windows host, enumerate installed hotfixes, or store them in its knowledge base for other plugins to...

Multiple WFTPD Denial of Service vulnerabilities

Name of Advisory: Multiple WFTPD Denial of Service vulnerabilities Severity: Low Discoverer: axl ([email protected]) Released: Today Vendor Notified: Today WFTPD who? what? when? ~~~~~~~~~~~~~~~~~~~~~~ Vendor quote: "WFTPD Server has been a leading FTP server for Windows...

qmail integer overflow

Inger overflow on the message with line over...

GNU screen buffer overflow

Summary Buffer overflow in GNU screen allows privilege escalation for local users. Usually screen is installed either setgid-utmp or setuid-root. It also has some potential for remote attacks or getting control of another user's screen. The problem is that you have to transfer around 2-3 gigabytes....

GNU screen integer overflow

Integer overflow leads to buffer overflow if over 2Gb of data is sent to...

CVE-2003-0647

Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET...

Cisco IOS HTTP remote exploit

Hi there, finally released, the exploit for the Cisco IOS HTTP 2GB overflow http://www.cisco.com/warp/public/707/cisco-sn-20030730-ios-2gb-get.shtml and the IOS 11.x remote sniffer using the bug described here: http://www.cisco.com/warp/public/707/cisco-sn-20030731-ios-udp-echo.shtml Exploit:...

Cisco IOS HTTP Server vulnerable to buffer overflow when processing overly large malformed HTTP GET request

Overview The Cisco IOS HTTP Server contains a vulnerability that may permit a remote attacker to execute arbitrary code on the system. Description Cisco IOS ships with an HTTP Server. A buffer overflow vulnerability exists in the HTTP Server and may be exploited if a remote attacker sends a...

Buffer overflows in multiple IMAP clients

There's two common vulnerabilities in IMAP clients written with C and C++: Handling huge literal sizes. Many clients do malloc(literal_size+1) and then read the literal into it. Problem is that if literal_size is UINT_MAX-1, the +1 overflows it into malloc(0) but server is still allowed to write...

pre-login buffer overflow in Cyrus IMAP server

problem Cyrus IMAP server has a a remotely exploitable pre-login buffer overflow. I checked versions 1.4 (oldest in web page) and 2.1.10 which both had it, so apparently all versions are affected. Problem is that literal lengths aren't verified to be in any reasonable range. The length + 2 is then....

Integer overflow in cyrus-imap

Integer overflow on line longer than...

ISS X-Force response

This vulnerability was originally detected auditing the Apache 2.0 source tree. Apache 2.0 uses the same function to determine the chunk size, and has the same vulnerable signed comparison. It is, however, not vulnerable (by luck?) due to a signed comparison deep within the buffered reading...

SNMP Request Cisco Router Information Disclosure

It is possible to determine the model of the remote CISCO system by sending SNMP requests with the OID 1.3.6.1.4.1.9.1. An attacker may use this information to gain more knowledge about the remote...

Небольшая дырка в joe

при редактировании файла, если в файл были внесены изменения и joe получил сигнал SIGHUP будет создан временный файл DEADJOE без проверки символьных линков. Кроме того считаывает joerc из текущего каталога, что дает возможность выполнить троянскую...

[SECURITY] [DSA-004-1] nano symlink attack

Debian Security Advisory DSA-004-1 [email protected] http://www.debian.org/security/ Wichert Akkerman December 17, 2000 Package : nano Problem type : symlink attack Debian-specific: no The problem that was previously reported for joe also...

Linux news 4.12.00

Ядро 2.4.0-test12-pre4 Linus выпустил очередное pre ядро следующего тестового 2.4.0. В нем он добавил патчи от Alan'а Cox'a, включил патч от Stephen Tweedie, исправляющий ошибки в инодах и наложил еще несколько патчей от различных разработчиков ... Подробнее: http://www.kernel.org OpenBSD 2.8...

Linux news 27.09.00

Linux 2.2.18pre2aa2 Andrea Arcangeli выпустил следующую версию своей модификации ядра Linux для high-end серверов. Патч содержит поддержку до 4Gb памяти на платформе Intel, поддержку до 2Tb памяти на Alpha, улучшения VM для машин с большим объемом оперативки, Raw IO, улучшения SMP планировщика,...

Linux news 1.07.00

Linux Kernel pre-patch 2.4.0 test3-pre2 Вышла очередная предварительная, вторая по счету, версия третьего тестового ядра Linux - Linux Kernel pre-patch 2.4.0 test3-pre2. Подробнее: http://www.icewalk.com/softlib/app/app_00797.html GPL будут тестировать юристы По мнению Д. Е. Поуэла (Dennis E....

iomega-onestep-backup.txt

...

Detectoid for 925528 -- target nVidia chipsets and 2GB memory

This is to check if a machine has the nVidia nForce chipset and 2GB or greater of physical memory for the 925528 vista launch...

Block Nano Servers

Detectoid to block the updates offering to nano...