554 matches found
Low: Red Hat Security Advisory: pine security update
An updated Pine package is now available for Red Hat Enterprise Linux 2.1 to fix a denial of service attack. Pine is an email user agent. The c-client IMAP client library, as used in Pine 4.44 contains an integer overflow and integer signedness flaw. An attacker could create a malicious IMAP serv...
CVE-2004-0642
Double free vulnerabilities in the error handling code for ASN.1 decoders in the 1 Key Distribution Center KDC library and 2 client library for MIT Kerberos 5 krb5 1.3.4 and earlier may allow remote attackers to execute arbitrary code...
Neon < 0.24.6 WebDAV Client Library ne_rfc1036_parse Function Heap Overflow
Binary data 1780.prm...
RHEL 2.1 : mysql (RHSA-2003:094)
Updated packages are available that fix both a double-free security vulnerability and a remote root exploit security vulnerability found in the MySQL server. Updated 11 Aug 2003 Updated mysqlclient9 packages are now included. These were previously missing from this erratum. MySQL is a multi-user,...
Important: Red Hat Security Advisory: cadaver security update
An updated cadaver package that fixes a vulnerability in neon exploitable by a malicious DAV server is now available. cadaver is a command-line WebDAV client that uses inbuilt code from neon, an HTTP and WebDAV client library. Versions of the neon client library up to and including 0.24.4 have be...
Neon WebDAV Client Library 0.2x - Format String
source: https://www.securityfocus.com/bid/10136/info It has been reported that the Neon client library is prone to multiple remote format string vulnerabilities. This issue is due to a failure of the application to properly implement format string functions. Ultimately this vulnerability could...
Important: Red Hat Security Advisory: : Updated MySQL packages fix vulnerabilities
Updated MySQL server packages fix both a double-free security vulnerability and a root exploit security vulnerability. Updated 1 May 2003 Added updated packages for Red Hat Linux 9, which is vulnerable to CAN-2003-0150. MySQL is a multi-user, multi-threaded SQL database server. A double-free...
Important: Red Hat Security Advisory: apache, openssl, php security update for Stronghold
Updated versions of Stronghold 3.0 are available to fix a number of vulnerabilities in OpenSSL, Apache, and PHP. Stronghold 3.0 contains a number of open source technologies such as OpenSSL, Apache, and PHP. The following paragraphs describe a number of issues that have been found in versions of...
Important: Red Hat Security Advisory: apache, openssl, php, tomcat security update for Stronghold
Updated versions of Stronghold 4 cross-platform are available to fix a number of vulnerabilities in OpenSSL, Apache, PHP, and Tomcat. Also included in this update are bug fixes for modproxy and the modauthzldap package. Stronghold 4 cross platform contains a number of open source technologies suc...
PHP Safe Mode Filesystem Circumvention Problem
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ------------------------------------------------------------------------------ Security Advisory DW020203-PHP Release: 3rd February 2002 PHP Safe Mode Filesystem Circumvention Problem Severity: Medium to high. Affects: PHP, all versions which include...
[GSA2001-01] PHP IMAP overflow fix problems
geekgang Security Advisory gsa2001-01 www.geekgang.co.uk © Copyright 2001 geekgang ID: geekgang GSA2001-01 01 v1.0 Topic: PHP IMAP overflow fix problems Status: Released 5th March, 2001 Author: pre Abstract PHP 4.0.4 contains a fix for a buffer overflow in the imap module. Unfortunately this fix...
CVE-2000-0847
The CVE-2000-0847 entry describes a buffer overflow in the University of Washington c-client library (used by Pine and other programs). The vulnerability arises from processing a long X-Keywords header, enabling remote attackers to execute arbitrary commands. Documents explicitly identify the aff...
CVE-2000-0847
Buffer overflow in University of Washington c-client library used by pine and other programs allows remote attackers to execute arbitrary commands via a long X-Keywords header...
UW c-client library vulnerability
It seems, that c-client libraries by University of Washington have some bugs, that makes some programs that depend upon those libraries go crazy. AFAIK affected programs include at least Pine read "pain", ipop3d and IMAPD. And those programs and libraries are commonly used in Unixes. I don't know...