Lucene search
+L

9267 matches found

Tenable Nessus
Tenable Nessus
added 2005/06/17 12:0 a.m.31 views

Debian DSA-726-1 : oops - format string vulnerability

A format string vulnerability has been discovered in the MySQL/PgSQL authentication module of Oops, a caching HTTP proxy server written for performance. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

5CVSS5.2AI score0.02298EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2005/06/17 12:0 a.m.28 views

Debian DSA-731-1 : krb4 - buffer overflows

Several problems have been discovered in telnet clients that could be exploited by malicious daemons the client connects to. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-0468 Gael Delalleau discovered a buffer overflow in the envoptadd function...

7.5CVSS9.1AI score0.27073EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added 2005/06/01 1:32 p.m.31 views

Moderate: Red Hat Security Advisory: openssl security update

Updated OpenSSL packages that fix security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols as well as a...

5.6CVSS6.3AI score0.00505EPSS
Exploits0References4
Debian
Debian
added 2005/05/27 5:41 p.m.34 views

[SECURITY] [DSA 730-1] New bzip2 packages fix file unauthorised permissions modification

-------------------------------------------------------------------------- Debian Security Advisory DSA 730-1 [email protected] http://www.debian.org/security/ Martin Schulze May 27th, 2005 http://www.debian.org/security/faq -...

3.7CVSS0.2AI score0.004EPSS
Exploits0
Cvelist
Cvelist
added 2005/05/27 4:0 a.m.26 views

CVE-2004-2131

Stack-based buffer overflow in ontape for IBM Informix Dynamic Server IDS 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable...

7.5AI score0.01425EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2005/05/19 12:0 a.m.29 views

Debian DSA-725-2 : ppxp - missing privilege release

Jens Steube discovered that ppxp, yet another PPP program, does not release root privileges when opening potentially user-supplied log files. This can be tricked into opening a root shell. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

7.2CVSS5.3AI score0.00399EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2005/05/11 12:0 a.m.31 views

Debian DSA-721-1 : squid - design flaw

Michael Bhola discovered a bug in Squid, the popular WWW proxy cache. Squid does not trigger a fatal error when it identifies missing or invalid ACLs in the httpaccess configuration, which could lead to less restrictive ACLs than intended by the administrator. %NASLMINLEVEL 70300 C Tenable Networ...

7.5CVSS5.3AI score0.01727EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2005/05/11 12:0 a.m.22 views

Debian DSA-722-1 : smail - buffer overflow

A buffer overflow has been discovered in Smail, an electronic mail transport system, which allows remote attackers and local users to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

10CVSS5.9AI score0.09002EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2005/05/04 12:0 a.m.25 views

Debian DSA-720-1 : smartlist - wrong input processing

Jeroen van Wolffelaar noticed that the confirm add-on of SmartList, the listmanager used on lists.debian.org, which is used on that host as well, could be tricked to subscribe arbitrary addresses to the lists. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

7.5CVSS5.6AI score0.012EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2005/04/29 12:0 a.m.29 views

Debian DSA-718-2 : ethereal - buffer overflow

This version lists the correct packages in the packages section. A buffer overflow has been detected in the IAPP dissector of Ethereal, a commonly used network traffic analyser. A remote attacker may be able to overflow a buffer using a specially crafted packet. More problems have been discovered...

5CVSS5.7AI score0.07606EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2005/04/29 12:0 a.m.26 views

Debian DSA-719-1 : prozilla - format string problems

Several format string problems have been discovered in prozilla, a multi-threaded download accelerator, that can be exploited by a malicious server to execute arbitrary code with the rights of the user running prozilla. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

7.5CVSS6AI score0.09869EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2005/04/28 12:0 a.m.22 views

Debian DSA-717-1 : lsh-utils - buffer overflow, typo

Several security relevant problems have been discovered in lsh, the alternative secure shell v2 SSH2 protocol server. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2003-0826 Bennett Todd discovered a heap buffer overflow in lshd which could lead...

7.5CVSS6AI score0.11818EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2005/04/28 12:0 a.m.26 views

Debian DSA-715-1 : cvs - several vulnerabilities

Several problems have been discovered in the CVS server, which serves the popular Concurrent Versions System. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2004-1342 Maks Polunin and Alberto Garcia discovered independently that using the pserver access...

7.5CVSS5.5AI score0.02282EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2005/04/22 12:0 a.m.19 views

Debian DSA-713-1 : junkbuster - several vulnerabilities

Several bugs have been found in junkbuster, a HTTP proxy and filter. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CAN-2005-1108 James Ranson discovered that an attacker can modify the referrer setting with a carefully crafted URL by accidentally...

7.5CVSS5.9AI score0.03312EPSS
Exploits0References3
Debian
Debian
added 2005/04/19 2:56 p.m.43 views

[SECURITY] [DSA 712-1] New geneweb packages fix insecure file operations

-------------------------------------------------------------------------- Debian Security Advisory DSA 712-1 [email protected] http://www.debian.org/security/ Martin Schulze April 19th, 2005 http://www.debian.org/security/faq -...

5CVSS0.4AI score0.0137EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/04/19 12:0 a.m.15 views

Debian DSA-711-1 : info2www - missing input sanitising

Nicolas Gregoire discovered a cross-site scripting vulnerability in info2www, a converter for info files to HTML. A malicious person could place a harmless looking link on the web that could cause arbitrary commands to be executed in the browser of the victim user. %NASLMINLEVEL 70300 C Tenable...

4.3CVSS5.1AI score0.01472EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2005/04/19 12:0 a.m.25 views

Debian DSA-712-1 : geneweb - insecure file operations

Tim Dijkstra discovered a problem during the upgrade of geneweb, a genealogy software with web interface. The maintainer scripts automatically converted files without checking their permissions and content, which could lead to the modification of arbitrary files. %NASLMINLEVEL 70300 C Tenable...

5CVSS5.6AI score0.0137EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2005/04/18 12:0 a.m.21 views

Debian DSA-710-1 : gtkhtml - NULL pointer dereference

Alan Cox discovered a problem in gtkhtml, an HTML rendering widget used by the Evolution mail reader. Certain malformed messages could cause a crash due to a NULL pointer dereference. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

5CVSS5.3AI score0.02526EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2005/04/15 12:0 a.m.26 views

Debian DSA-709-1 : libexif - buffer overflow

Sylvain Defresne discovered a buffer overflow in libexif, a library that parses EXIF files such as JPEG files with extra tags. This bug could be exploited to crash the application and maybe to execute arbitrary code as well. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive tex...

2.6CVSS5.8AI score0.0446EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2005/04/15 12:0 a.m.35 views

Debian DSA-708-1 : php3 - missing input sanitising

An iDEFENSE researcher discovered two problems in the image processing functions of PHP, a server-side, HTML-embedded scripting language, of which one is present in PHP3 as well. When reading a JPEG image, PHP can be tricked into an endless loop due to insufficient input validation. %NASLMINLEVEL...

5CVSS5.2AI score0.02709EPSS
Exploits1References3
Rows per page
Query Builder