F-Secure Products Integer Overflow Vulnerability (Oct 2008) - Linux

F-Secure Products is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DEBIAN-CVE-2008-5161

Error handling in the SSH protocol in 1 SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1;...

CVE-2008-2433

CVE-2008-2433 affects Trend Micro OfficeScan 7.0–8.0, Worry-Free Business Security 5.0, and Client/Server/Messaging Suite 3.5–3.6. The root cause is insufficient entropy in the web management console’s session token generation, which relies only on login time (granularity of one second). This wea...

Trend Micro Web Management Authentication Bypass Vulnerability

This Remote host is installed with Trend Micro OfficeScan, which is prone to Authentication Bypass Vulnerability. OpenVAS Vulnerability Test $Id: secpodtrendmicroofficescanauthbypassvuln900205.nasl 5370 2017-02-20 15:24:26Z cfi $ Description: Trend Micro Web Management Authentication Bypass...

Vulnerabilities in DNS Could Allow Spoofing (953230)

This host is missing critical security update according to Microsoft Bulletin MS08-037. OpenVAS Vulnerability Test $Id: secpodms08-037900005.nasl 6382 2017-06-20 15:08:09Z cfischer $ Description: Vulnerabilities in DNS Could Allow Spoofing 953230 Authors: Chandan S Copyright: Copyright C 2008...

Trend Micro产品ObjRemoveCtrl类缓冲区溢出漏洞

BUGTRAQ ID:30633 CVE ID：CVE-2008-3364 CNCVE ID：CNCVE-20083364 多个Trend Micro产品处理ObjRemoveCtrl类存在安全问题，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 当通过WEB接口配置产品时OfficeScan Web控制台利用多个ActiveX控件，其中ObjRemoveCtrl类ActiveX控件存在边界错误，可触发基于堆栈的缓冲区溢出，精心构建WEB页，诱使用户访问可导致应用程序权限执行任意指令。 Trend Micro Client Server Messaging Security for...

Buffer overflow

Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2597 and CVE-2008-2599...

CVE-2008-2599

Unspecified vulnerability in the TimesTen Client/Server component in Oracle Times Ten In-Memory Database 7.0.3.0.0 has unknown impact and remote attack vectors, a different vulnerability than CVE-2008-2597 and CVE-2008-2598...

USN-612-6: OpenVPN regression

USN-612-3 addressed a weakness in OpenSSL certificate and keys generation in OpenVPN by adding checks for vulnerable certificates and keys to OpenVPN. A regression was introduced in OpenVPN when using TLS, multi-client/server mode, and specifying a user or group which caused OpenVPN to not start...

X.Org X server and Xfont library: Multiple vulnerabilities

Background The X Window System is a graphical windowing system based on a client/server model. Description regenrecht reported multiple vulnerabilities in various X server extension via iDefense: The XFree86-Misc extension does not properly sanitize a parameter within a PassMessage request,...

[SECURITY] Fedora 8 Update: mysql-5.0.45-6.fc8

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

Design/Logic Flaw

Use-after-free vulnerability in the Client/Server Run-time Subsystem CSRSS in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...

CVE-2007-1209

Use-after-free vulnerability in the Client/Server Run-time Subsystem CSRSS in Microsoft Windows Vista does not properly handle connection resources when starting and stopping processes, which allows local users to gain privileges by opening and closing multiple ApiPort connections, which leaves a...

CVE-2007-0325

CVE-2007-0325 is a remote buffer overflow in Trend Micro OfficeScan’s Web-Deployment SetupINICtrl ActiveX control (OfficeScanSetupINI.dll, SetupINICtrl) used by OfficeScan Web deployment. The flaw affects OfficeScan 7.0 before Build 1344, OfficeScan 7.3 before Build 1241, and Client/Server/Messag...

CVE-2006-6797

The Client Server Run-Time Subsystem CSRSS in Microsoft Windows allows local users to cause a denial of service crash or read arbitrary memory from csrss.exe via crafted arguments to the NtRaiseHardError function with status 0x50000018, a different vulnerability than CVE-2006-6696...

CVE-2006-6696

Double free vulnerability in Microsoft Windows 2000, XP, 2003, and Vista allows local users to gain privileges by calling the MessageBox function with a MBSERVICENOTIFICATION message with crafted data, which sends a HardError message to Client/Server Runtime Server Subsystem CSRSS process, which ...

SYMSA-2006-013: Multiple Vulnerabilities in Mandiant First Response

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Symantec Vulnerability Research http://www.symantec.com/research Security Advisory Advisory ID: SYMSA-2006-013 Advisory Title: Multiple Vulnerabilities in Mandiant First Response Author: Brian Reilly / [email protected] Release Date: 18-12-2006...

CVE-2006-5585

The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest within an application, aka "File Manifest Corruption Vulnerability."...

CVE-2006-5585

The Client-Server Run-time Subsystem in Microsoft Windows XP SP2 and Server 2003 allows local users to gain privileges via a crafted file manifest within an application, aka "File Manifest Corruption Vulnerability."...

EasyCafe 2.12.2 - Security Restriction Bypass

EasyCafe 2.12.2 - Security Restriction Bypass // source: https://www.securityfocus.com/bid/19401/info EasyCafe is prone to a vulnerability that lets attackers bypass security restrictions. This issue occurs because the application fails to prevent an attacker from gaining unauthorized access to a...