183 matches found
samba: Loading shared modules from any path in the system leading to RCE (SambaCry)
A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root...
samba: Loading shared modules from any path in the system leading to RCE (SambaCry)
A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root...
samba: Loading shared modules from any path in the system leading to RCE (SambaCry)
A remote code execution flaw was found in Samba. A malicious authenticated samba client, having write access to the samba share, could use this flaw to execute arbitrary code as root...
FreeBSD : OpenVPN -- two remote denial-of-service vulnerabilities (04cc7bd2-3686-11e7-aa64-080027ef73ec)
Samuli Seppanen reports : OpenVPN v2.4.0 was audited for security vulnerabilities independently by Quarkslabs funded by OSTIF and Cryptography Engineering funded by Private Internet Access between December 2016 and April 2017. The primary findings were two remote denial-of-service vulnerabilities...
SUSE SLED12 / SLES12 Security Update : tigervnc (SUSE-SU-2017:1094-1)
This update for tigervnc provides the several fixes. These security issues were fixed : - CVE-2017-7392, CVE-2017-7396: Client can cause leak in VNC server bsc1031886 - CVE-2017-7395: Authenticated VNC client can crash VNC server bsc1031877 - CVE-2017-7394: Client can crash or block VNC server...
SUSE-SU-2017:1093-1 Security update for tigervnc
This update for tigervnc provides the several fixes. These security issues were fixed: - CVE-2017-7392, CVE-2017-7396: Client can cause leak in VNC server bsc1031886 - CVE-2017-7395: Authenticated VNC client can crash VNC server bsc1031877 - CVE-2017-7394: Client can crash or block VNC server...
CVE-2017-7395
In TigerVNC 1.7.1 SMsgReader.cxx SMsgReader::readClientCutText, by causing an integer overflow, an authenticated client can crash the server...
DEBIAN-CVE-2017-7395
In TigerVNC 1.7.1 SMsgReader.cxx SMsgReader::readClientCutText, by causing an integer overflow, an authenticated client can crash the server...
DEBIAN-CVE-2017-7393
In TigerVNC 1.7.1 VNCSConnectionST.cxx VNCSConnectionST::fence, an authenticated client can cause a double free, leading to denial of service or potentially code execution...
UBUNTU-CVE-2017-7395
In TigerVNC 1.7.1 SMsgReader.cxx SMsgReader::readClientCutText, by causing an integer overflow, an authenticated client can crash the server...
Double free
In TigerVNC 1.7.1 VNCSConnectionST.cxx VNCSConnectionST::fence, an authenticated client can cause a double free, leading to denial of service or potentially code execution...
CVE-2017-7393
In TigerVNC 1.7.1 VNCSConnectionST.cxx VNCSConnectionST::fence, an authenticated client can cause a double free, leading to denial of service or potentially code execution...
CVE-2017-7395
In TigerVNC 1.7.1 SMsgReader.cxx SMsgReader::readClientCutText, by causing an integer overflow, an authenticated client can crash the server...
DSA-3514-1 samba - security update
Bulletin has no description...
Debian DLA-98-1 : openvpn security update
Dragana Damjanovic discovered that an authenticated client could crash an OpenVPN server by sending a control packet containing less than four bytes as payload. For the oldstable distribution squeeze, this problem has been fixed in version 2.1.3-2+squeeze3 in squeeze-lts. We recommend that you...
Amazon Linux AMI : xorg-x11-server (ALAS-2015-470)
Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially...
Important: xorg-x11-server
Issue Overview: Multiple integer overflow flaws and out-of-bounds write flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol and GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...
xorg-x11-server: out of bounds access due to not validating length or offset values in DRI3 & Present extensions
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...
xorg-x11-server: out of bounds access due to not validating length or offset values in XFixes extension
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...
xorg-x11-server: integer overflow in GLX extension requests when calculating memory needs for requests
Multiple integer overflow flaws were found in the way the X.Org server calculated memory requirements for certain GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges...