cscope: multiple buffer overflows

Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long include line that is later browsed by the target...

Moderate: Red Hat Security Advisory: cscope security update

An updated cscope package that fixes multiple security issues is now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. cscope is a mature, ncurses-based, C source-code tree browsing tool. Multiple...

cscope: multiple buffer overflows

Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via multiple vectors including 1 a long pathname that is not properly handled during file list parsing, 2 long pathnames that result from path...

cscope security update

15.5-15.1.el53.1 - Release bump to create newer nvr despite dist tag change fc6 - el5 15.5-15.el53.4 - Merge incdir-overflow and snprintf patches for better readability, snprintf is used now with PATHLEN limit without other adjustments, related strlen / %.s / len are no longer needed and were...

cscope security update

15.5-10.RHEL4.3 - Merge incdir-overflow and snprintf patches for better readability, snprintf is used now with PATHLEN limit without other adjustments, related strlen / %.s / len are no longer needed and were dropped - Update tempsec patch, drop extraneous snprintf argument to suppress compiler...

cscope -- multiple buffer overflows

Secunia reports: Some vulnerabilities have been reported in Cscope, which potentially can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to various boundary errors, which can be exploited to cause buffer overflows when parsing specially crafted...

cscope -- buffer overflow

SecurityFocus reports: Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions...

GLSA-200905-02 : Cscope: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200905-02 Cscope: User-assisted execution of arbitrary code James Peach of Apple discovered a stack-based buffer overflow in cscope's handling of long file system paths CVE-2009-0148. Multiple stack-based buffer overflows were...

[SECURITY] [DSA 1806-1] New cscope packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1806-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 24, 2009 http://www.debian.org/security/faq -...

cscope buffer overflow

Buffer overflow on oversized included file name...

Debian DSA-1806-1 : cscope - buffer overflows

Matt Murphy discovered that cscope, a source code browsing tool, does not verify the length of file names sourced in include statements, which may potentially lead to the execution of arbitrary code through specially crafted source code files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Debian: Security Advisory (DSA-1806-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200905-02 (cscope)

The remote host is missing updates announced in advisory GLSA 200905-02. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Debian Security Advisory DSA 1806-1 (cscope)

The remote host is missing an update to cscope announced via advisory DSA 1806-1. OpenVAS Vulnerability Test $Id: deb18061.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1806-1 cscope Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

Gentoo Security Advisory GLSA 200905-02 (cscope)

The remote host is missing updates announced in advisory GLSA 200905-02. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

[SECURITY] [DSA 1806-1] New cscope packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1806-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 24, 2009 http://www.debian.org/security/faq -...

DSA-1806-1 cscope - arbitrary code execution

Bulletin has no description...

Cscope: User-assisted execution of arbitrary code

Background Cscope is a developer's tool for browsing source code. Description James Peach of Apple discovered a stack-based buffer overflow in cscope's handling of long file system paths CVE-2009-0148. Multiple stack-based buffer overflows were reported in the putstring function when processing a...

Cscope Version Detection

This script detect the installed version of Cscope and sets the result in KB. OpenVAS Vulnerability Test $Id: gbcscopedetect.nasl 7823 2017-11-20 08:54:04Z cfischer $ Cscope Version Detection Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This...

Cscope putstring Multiple Buffer Overflow vulnerability

This host has installed Cscope and is prone to Multiple Buffer Overflow vulnerability OpenVAS Vulnerability Test $Id: gbcscopeputstringmultbofvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ Cscope putstring Multiple Buffer Overflow vulnerability. Authors: Antu Sanadi Copyright: Copyright c 2009...