183 matches found
xorg-x11-server: integer overflow in GLX extension requests when calculating memory needs for requests
Multiple integer overflow flaws were found in the way the X.Org server calculated memory requirements for certain GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges...
xorg-x11-server: out of bounds access due to not validating length or offset values in XC-MISC extension
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...
xorg-x11-server: out of bounds access due to not validating length or offset values in Render extension
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...
xorg-x11-server: out of bounds access due to not validating length or offset values in RandR extension
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...
xorg-x11-server: out of bounds access due to not validating length or offset values in DBE extension
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server, or leak memory contents to the client...
xorg-x11-server: out of bounds access due to not validating length or offset values in XC-MISC extension
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...
xorg-x11-server: out of bounds access due to not validating length or offset values in XInput extension
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...
xorg-x11-server: integer overflow in X11 core protocol requests when calculating memory needs for requests
Multiple integer overflow flaws were found in the way the X.Org server calculated memory requirements for certain X11 core protocol requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges...
xorg-x11-server: out of bounds access due to not validating length or offset values in XFixes extension
Multiple out-of-bounds access flaws were found in the way the X.Org server calculated memory requirements for certain requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server...
xorg-x11-server: integer overflow in GLX extension requests when calculating memory needs for requests
Multiple integer overflow flaws were found in the way the X.Org server calculated memory requirements for certain GLX extension requests. A malicious, authenticated client could use either of these flaws to crash the X.Org server or, potentially, execute arbitrary code with root privileges...
[SECURITY] [DLA 98-1] openvpn security update
Package : openvpn Version : 2.1.3-2+squeeze3 CVE ID : CVE-2014-8104 Dragana Damjanovic discovered that an authenticated client could crash an OpenVPN server by sending a control packet containing less than four bytes as payload. For the oldstable distribution squeeze, this problem has been fixed ...
openvpn: denial of service
It was discovered that an authenticated client could trigger an ASSERT in OpenVPN by sending a too-short control channel packet to the server. This could cause the OpenVPN server to crash and deny access to the VPN to other legitimate users...
DLA-98-1 openvpn - security update
Bulletin has no description...
Debian Security Advisory DSA 3084-1 (openvpn - security update)
Dragana Damjanovic discovered that an authenticated client could crash an OpenVPN server by sending a control packe containing less than four bytes as payload. OpenVAS Vulnerability Test $Id: deb3084.nasl 6750 2017-07-18 09:56:47Z teissa $ Auto-generated from advisory DSA 3084-1 using nvtgen 1.0...
DSA-3084-1 openvpn - security update
Bulletin has no description...
Samba 3.6.x < 3.6.24 / 4.0.x < 4.0.19 / 4.1.x < 4.1.9 Multiple Vulnerabilities
According to its banner, the version of Samba on the remote host is 3.6.x prior to 3.6.24, 4.0.x prior to 4.0.19, or 4.1.x prior to 4.1.9. It is, therefore, affected by the following vulnerabilities : - A denial of service flaw exists with 'nmbd'. A remote attacker, with a specially crafted packe...
DD-WRT 24-sp2 CSRF / Command Injection
DD-WRT v24-sp2 is prone to command injection from specially crafted configuration values containing shell meta-characters. A remote attacker can potentially use CSRF from an authenticated client to execute commands on the router as the root user. Successful exploitation can result in system wide...
FreeBSD : puppet26 -- multiple vulnerabilities (04042f95-14b8-4382-a8b9-b30e365776cf)
Moses Mendoza reports : A vulnerability found in Puppet could allow an authenticated client to cause the master to execute arbitrary code while responding to a catalog request. Specifically, in order to exploit the vulnerability, the puppet master must be made to invoke the 'template' or...
FreeBSD : openvpn -- denial of service: malicious authenticated 'tap' client can deplete server virtual memory (1986449a-8b74-40fa-b7cc-0d8def8aad65)
James Yonan reports : A malicious authenticated client in 'dev tap' ethernet bridging mode could theoretically flood the server with packets appearing to come from hundreds of thousands of different MAC addresses, causing the OpenVPN process to deplete system virtual memory as it expands its...
MySQL -- Information Disclosure and Buffer Overflow Vulnerabilities
Secunia reports: MySQL have some vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information and compromise a vulnerable system. 1 An error within the code that generates an error response to an invalid COMTABLEDUMP packet can be exploited by an...