4652 matches found
OpenLDAP ber_get_next BER Decoding Denial of Service
A denial of service vulnerability exists in OpenLDAP. OpenLDAP is an open-source implementation of the Lightweight Directory Access Protocol LDAP service. LDAP messages are defined using Abstract Syntax Notation One ASN.1. OpenLDAP fails to properly handle crafted ASN.1 packets, allowing remote...
kernel: nfsd: fix buffer overrun decoding NFSv4 acl
Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl...
Code injection
lighttpd before 1.4.20 compares URIs to patterns in the 1 url.redirect and 2 url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data...
CVE-2008-4359
CVE-2008-4359 affects lighttpd before 1.4.20. The vulnerability arises because URIs are compared against url.redirect/url.rewrite patterns prior to URL decoding, potentially bypassing access restrictions and allowing leakage of information or data modification. IBM’s IMM advisory confirms this CV...
lighttpd < 1.4.20 Multiple Vulnerabilities
According to its banner, the version of lighttpd running on the remote host is prior to 1.4.20. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists in the connectionstatemachine function that is triggered when disconnecting before a download has...
Gentoo Security Advisory GLSA 200411-08 (GD)
The remote host is missing updates announced in advisory GLSA 200411-08. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200603-03 (MPlayer)
The remote host is missing updates announced in advisory GLSA 200603-03. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Analysis of the storm database vulnerability principle and the law-vulnerability and early warning-the black bar safety net
I see the storm library vulnerability principle and the law SQL injectionpopular for a long time, we're looking for vulnerability injection purpose is nothing but want to get the database stuff, such as username, password, etc., further the MSSQL database you can also take this to get permission...
CVE-2008-3915
Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl...
Buffer overflow
Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl...
[SECURITY] Fedora 8 Update: xine-lib-1.1.15-1.fc8
This package contains the Xine library. Xine is a free multimedia player. It can play back various media. It also decodes multimedia files from local disk drives, and displays multimedia streamed over the Internet. It interprets many of the most common multimedia formats available - and some of t...
libtiff memory corruption
Memory corruption on LZW decoding...
FreeBSD Ports: squid
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: phpbb
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: ripmime
The remote host is missing an update to the system as announced in the referenced advisory. VID 85e19dff-e606-11d8-9b0a-000347a4fa7d OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
xpm -- image decoding vulnerabilities
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Storm library vulnerability principle and the law-vulnerability and early warning-the black bar safety net
SQL injectionpopular for a long time, we're looking for vulnerability injection purpose is nothing but want to get the database stuff, such as username, password, etc., further the MSSQL database you can also take this to get permission. The Access-based Foundation to say, if we don't have the...
libtiff: use of uninitialized memory in LZW decoder
Multiple buffer underflows in the 1 LZWDecode, 2 LZWDecodeCompat, and 3 LZWDecodeVector functions in tiflzw.c in the LZW decoder in LibTIFF 3.8.2 and earlier allow context-dependent attackers to execute arbitrary code via a crafted TIFF file, related to improper handling of the CODECLEAR code...
libtiff security and bug fix update
3.6.1-12.el4.2 - Get rid of html pages for un-shipped programs, too Resolves: 459404 3.6.1-12.el4.1 - Fix LZW decoding vulnerabilities CVE-2008-2327 Resolves: 458814 - Back-port fix for CVE-2006-2193 Resolves: 458814 - Remove sgi2tiff.1 and tiffsv.1, since they are for programs we don't ship...
libtiff security and bug fix update
3.8.2-7.el5.2 - Use -fno-strict-aliasing per rpmdiff recommendation 3.8.2-7.el5.1 - Fix LZW decoding vulnerabilities CVE-2008-2327 Resolves: 458812 - Remove sgi2tiff.1 and tiffsv.1, since they are for programs we don't ship Resolves: 460120...