iDEFENSE Security Advisory 12.16.04: MPlayer Bitmap Parsing Remote Heap Overflow Vulnerability

MPlayer Bitmap Parsing Remote Heap Overflow Vulnerability iDEFENSE Security Advisory 12.16.04 http://www.idefense.com/application/poi/display?id=168 December 16, 2004 I. BACKGROUND MPlayer is a movie player for Linux that also runs on many other Unices, and non- x86 CPUs. It plays most MPEG, VOB,...

RTF2LATEX2E 1.0 - Remote Stack Buffer Overflow

RTF2LATEX2E 1.0 - Remote Stack Buffer Overflow source: https://www.securityfocus.com/bid/11994/info It is reported that rtf2latex2e is susceptible to a stack buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied image data prior to...

ABC2MTEX 1.6.1 - Process ABC Key Field Buffer Overflow

ABC2MTEX 1.6.1 - Process ABC Key Field Buffer Overflow source: https://www.securityfocus.com/bid/12018/info abc2mtex is prone to a buffer overflow vulnerability. This issue is exposed when the program is used to convert ABC music notation files to MTEX format. In particular, the issue is due to...

CSV2XML 0.5.1 - Remote Buffer Overflow

CSV2XML 0.5.1 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/12027/info It is reported that csv2xml is susceptible to a buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it into a...

ABC2MIDI 2004-12-04 - Multiple Stack Buffer Overflow Vulnerabilities

source: https://www.securityfocus.com/bid/12019/info It is reported that abc2midi is susceptible to two stack buffer overflow vulnerabilities. These issues are due to a failure of the application to properly bounds check user-supplied image data prior to copying it into fixed-size memory buffers...

jabberd -- remote buffer overflow vulnerability

Caused by improper bounds-checking of username and password in the C2S module, it is possible for an attacker to cause a remote buffer overflow. The server directly handles the userinput with SQL backend functions - malicious input may lead to buffer overflow...

Raven Software Soldier Of Fortune 2 - Remote Buffer Overflow

Raven Software Soldier Of Fortune 2 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/11735/info It is reported that Soldier of Fortune 2 is susceptible to a buffer overflow vulnerability. This issue is due to a failure of the application to perform sufficient bounds checking on...

Security fix for the ALT Linux 8 package cyrus-imapd version 2.2.9-alt1

Nov. 23, 2004 Alexei Takaseev 2.2.9-alt1 - 2.2.9 - This release implements several bugfixes, notably one where lmtpproxyd could reuse a freed connection, another involving a pre-authentication buffer overrun in "imap magic plus" support CAN-2004-1011 and lack of bounds checking in PARTIAL and...

smbd -- buffer-overrun vulnerability

Caused by improper bounds checking of certain trans2 requests, there is a possible buffer overrun in smbd. The attacker needs to be able to create files with very specific Unicode filenames on the share to take advantage of this issue...

Samba: Multiple vulnerabilities

Background Samba is a freely available SMB/CIFS implementation which allows seamless interoperability of file and print services to other SMB/CIFS clients. Description Samba fails to do proper bounds checking when handling TRANSACT2QFILEPATHINFO replies. Additionally an input validation flaw exis...

XFree86 4.3 - Font Information File Buffer Overflow

XFree86 4.3 - Font Information File Buffer Overflow // source: https://www.securityfocus.com/bid/9636/info It has been reported that the XFree86 X Windows system is prone to a local buffer overflow vulnerability. The issue arises from improper bounds checking when parsing the 'font.alias' file...

Software602 602 LAN Suite - Multiple Remote Denial of Service Vulnerabilities

source: https://www.securityfocus.com/bid/11615/info 602 LAN SUITE is reported prone to multiple remote denial of service vulnerabilities. The following specific issues are reported: It is reported that an attacker may consume CPU and memory resources on a target 602 LAN SUITE server. Reports...

ID Software Quake II Server 3.2 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/11551/info Multiple remote vulnerabilities have been reported to affect Quake II. These issues are due to boundary condition checking failures, access validation failures and failures to handle exceptional conditions. An attacker may leverage these issues...

GLSA-200410-22 : MySQL: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200410-22 MySQL: Multiple vulnerabilities The following vulnerabilities were found and fixed in MySQL: Oleksandr Byelkin found that ALTER TABLE ... RENAME checks CREATE/INSERT rights of the old table instead of the new one...

MySQL: Multiple vulnerabilities

Background MySQL is a popular open-source, multi-threaded, multi-user SQL database server. Description The following vulnerabilities were found and fixed in MySQL: Oleksandr Byelkin found that ALTER TABLE ... RENAME checks CREATE/INSERT rights of the old table instead of the new one CAN-2004-0835...

FreeBSD Security Advisory FreeBSD-SA-04:15.syscons

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:15.syscons Security Advisory The FreeBSD Project Topic: Boundary checking errors in syscons Category: core Module: sysdevsyscons Announced: 2004-10-04 Credits:...

Boundary checking errors in syscons

The syscons CONSSCRSHOT ioctl2 does insufficient validation of its input arguments. In particular, negative coordinates or large coordinates may cause unexpected behavior. It may be possible to cause the CONSSCRSHOT ioctl to return portions of kernel memory. Such memory might contain sensitive...

Debian DSA-475-1 : linux-kernel-2.4.18-hppa - several vulnerabilities

Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the PA-RISC kernel 2.4.18 for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An...

Debian DSA-439-1 : linux-kernel-2.4.16-arm - several vulnerabilities

Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the ARM kernel for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An integer...

Debian DSA-450-1 : linux-kernel-2.4.19-mips - several vulnerabilities

Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the mips kernel 2.4.19 for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An...