Samba: Execution of arbitrary code

Background Samba is a suite of SMB and CIFS client/server programs for UNIX. Description Alin Rad Pop Secunia Research discovered a boundary checking error in the sendmailslot function which could lead to a stack-based buffer overflow. Impact A remote attacker could send a specially crafted...

[CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities

Title: CAID 35724, 35725, 35726: CA BrightStor ARCserve Backup Multiple Vulnerabilities CA Vuln ID CAID: 35724, 35725, 35726 CA Advisory Date: 2007-10-10 CA Advisory Updated: 2007-12-05 Reported By: Anonymous researcher working with the iDefense VCP CVE-2007-5325 Dyon Balding of Secunia Research...

FreeBSD : Squid -- Denial of Service Vulnerability (6eb580d7-a29c-11dc-8919-001c2514716c)

Squid secuirty advisory reports : Due to incorrect bounds checking Squid is vulnerable to a denial of service check during some cache update reply processing. This problem allows any client trusted to use the service to perform a denial of service attack on the Squid service. %NASLMINLEVEL 70300 ...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : tetex-bin, texlive-bin vulnerabilities (USN-554-1)

Bastien Roucaries discovered that dvips as included in tetex-bin and texlive-bin did not properly perform bounds checking. If a user or automated system were tricked into processing a specially crafted dvi file, dvips could be made to crash and execute code as the user invoking the program...

USN-554-1: teTeX and TeX Live vulnerabilities

Bastien Roucaries discovered that dvips as included in tetex-bin and texlive-bin did not properly perform bounds checking. If a user or automated system were tricked into processing a specially crafted dvi file, dvips could be made to crash and execute code as the user invoking the program...

Hewlett-Packard OpenView Network Node Manager Multiple CGI Buffer Overflow Vulnerabilities

These vulnerabilities allow remote attackers to execute arbitrary code on vulnerable installations of Hewlett-Packard HP OpenView Network Node Manager NNM. Authentication is not required to exploit these vulnerabilities. The specific flaws exists within the CGI applications that handle the...

PPStream 2.1.16.1003 overflow-vulnerability warning-the black bar safety net

/ PPStream PowerList. ocx 2.1.6.2916 Description: SetBkImage heap and stack overflows, or before the old problems. The previous patch is a PowerPlayer. dll Here the use of the heap overflow and stack overflow, using CFindFile for parameter checking is not strict, resulting in a heap overflow. In...

liveMedia -- DoS vulnerability

The live555 development team reports: Fixed a bounds-checking error in "parseRTSPRequestString" caused by an int vs. unsigned problem. The function which handles the incoming queries from the clients is affected by a vulnerability which allows an attacker to crash the server remotely using the...

[SECURITY] Fedora 7 Update: link-grammar-4.2.5-1.fc7

A library that can perform grammar checking...

Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : flac vulnerability (USN-540-1)

Sean de Regge discovered that flac did not properly perform bounds checking in many situations. An attacker could send a specially crafted FLAC audio file and execute arbitrary code as the user or cause a denial of service in flac or applications that link against flac. Note that Tenable Network...

USN-540-1: flac vulnerability

Sean de Regge discovered that flac did not properly perform bounds checking in many situations. An attacker could send a specially crafted FLAC audio file and execute arbitrary code as the user or cause a denial of service in flac or applications that link against flac...

[SECURITY] Fedora 8 Update: link-grammar-4.2.5-1.fc8

A library that can perform grammar checking...

Ubuntu 6.06 LTS / 6.10 : slocate vulnerability (USN-425-1)

A flaw was discovered in the permission checking code of slocate. When reporting matching files, locate would not correctly respect the parent directory's 'read' bits. This could result in filenames being displayed when the file owner had expected them to remain hidden from other system users. No...

GLSA-200711-11 : Nagios Plugins: Two buffer overflows

The remote host is affected by the vulnerability described in GLSA-200711-11 Nagios Plugins: Two buffer overflows fabiodds reported a boundary checking error in the 'checksnmp' plugin when processing SNMP 'GET' replies that could lead to a stack-based buffer overflow CVE-2007-5623. Nobuhiro Ban...

openSUSE 10 Security Update : gnutls (gnutls-2118)

A security problem was fixed in the GNU TLS library, where excess data was not checked during signature checking with RSA keys with exponent 3. This problem could be used to fake those RSA signatures. CVE-2006-4790 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

openSUSE 10 Security Update : opera (opera-2181)

This update fixes the RSA signature checking problem found in openssl in the Opera webbrowser which is statically linked against openssl. CVE-2006-4339 A URL tag parsing heap overflow in Opera could be used to potentially execute code. CVE-2006-4819 %NASLMINLEVEL 70300 C Tenable Network Security,...

openSUSE 10 Security Update : ImageMagick (ImageMagick-2006)

Several security problems have been fixed in ImageMagick : - CVE-2006-3744: Several heap buffer overflow were found in the Sun Bitmap decoder of ImageMagick by an audit by the Google Security Team. This problem could be exploited by an attacker to execute code. - CVE-2006-3743: Multiple buffer...

[CAID 35724, 35725, 35726]: CA BrightStor ARCserve Backup Multiple Vulnerabilities

Title: CAID 35724, 35725, 35726: CA BrightStor ARCserve Backup Multiple Vulnerabilities CA Vuln ID CAID: 35724, 35725, 35726 CA Advisory Date: 2007-10-10 Reported By: Anonymous researcher working with the iDefense VCP CVE-2007-5325 Dyon Balding of Secunia Research CVE-2007-5326 Cocoruder of...

user value of JiraAuthenticationContext not set is SOAP service getIssue()

Call to JiraAuthenticationContext.setUser missing during getIssue SOAP service call. Service call will fail silently if there are custom fields with explicit secutity checking for attributes derived from current user. In my case I try to verify existance of an issue using getIssue SOAP service...

libvorbis: Multiple vulnerabilities

Background libvorbis is the reference implementation of the Xiph.org Ogg Vorbis audio file format. It is used by many applications for playback of Ogg Vorbis files. Description David Thiel of iSEC Partners discovered a heap-based buffer overflow in the 01inverse function in res0.c and a boundary...