Pidgin <2.10.4 XMPP协议文件传输请求处理远程拒绝服务漏洞

BUGTRAQ ID: 53706 CVE ID: CVE-2012-2214 Pidgin是一款多合一世界主流即时通讯软件集成工具。 Pidgin 2.10.4之前版本在处理一系列特制的文件传输请求时刻造成客户端引用无效内存，用户接受了其中一个文件传输请求后，可造成受影响应用崩溃。 0 Pidgin 2.10.4 厂商补丁： Pidgin ------ Pidgin已经为此发布了一个安全公告（CVE-2012-2214）以及相应补丁: CVE-2012-2214：XMPP remote crash 链接：http://www.pidgin.im/news/security/?id=62...

Pidgin < 2.10.4 Multiple DoS Vulnerabilities

The version of Pidgin installed on the remote host is earlier than 2.10.4 and is, therefore, potentially affected by the following issues : - An error exists in the file 'libpurple/proxy.c' that can allow certain file transfer requests to an invalid pointer to be dereferenced, leading to...

FreeBSD : libpurple -- Invalid memory dereference in the XMPP protocol plug-in by processing a series of specially crafted file transfer requests (64f8b72d-9c4e-11e1-9c94-000bcdf0a03b)

Pidgin reports : A series of specially crafted file transfer requests can cause clients to reference invalid memory. The user must have accepted one of the file transfer requests. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

libpurple -- Invalid memory dereference in the XMPP protocol plug-in by processing serie of specially-crafted file transfer requests

Pidgin reports: A series of specially crafted file transfer requests can cause clients to reference invalid memory. The user must have accepted one of the file transfer requests...

Disaster Recovery Disaster: Drill Gone Wrong Leads To Loss Of Data On 800K

Call it a disaster recovery drill disaster. The loss of four magnetic tape cartridges containing data on 800,000 California residents was the unfortunate result of an IBM-managed disaster recovery exercise gone wrong, said Christine Lally, Assistant Secretary, Legislation & Communications for the...

FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability

Title: ====== FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability Date: ===== 2012-03-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=462 VL-ID: ===== 462 Introduction: ============= FlashFXP is a FTP File Transfer Protocol client for Windows, it offers you easy and...

FlashFXP 4.1.8.1701 Buffer Overflow

Title: ====== FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability Date: ===== 2012-03-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=462 VL-ID: ===== 462 Introduction: ============= FlashFXP is a FTP File Transfer Protocol client for Windows, it offers you easy and...

Skype memory corruption

Memory corruption on file transfer...

Skype v5.6.59.x - Memory Corruption Vulnerability

Title: ====== Skype v5.6.59.x - Memory Corruption Vulnerability Date: ===== 2012-02-17 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=315 VL-ID: ===== 315 Introduction: ============= Skype is a software application that allows users to make voice and video calls and...

Skype v5.6.59.x - Memory Corruption Vulnerability

Document Title: =============== Skype v5.6.59.x - Memory Corruption Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=315 Release Date: ============= 2012-02-16 Vulnerability Laboratory ID VL-ID: ==================================== 315 Commo...

Yahoo! Messenger buffer overflow

Buffer overflow on file transfer...

GE D20 Server TFTP File Transfer Detection (SCADA)

Binary data 6273.prm...

GE D20 Server TFTP File Transfer Detection (SCADA)

Binary data 6272.prm...

PuTTY Detection

The remote host has an installation of PuTTY, which is a suite of tools for remote console access and file transfer. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid57364; scriptversion"1.13"; scriptsetattributeattribute:"pluginmodificationdate", value:"2024/12/30";...

TFTP File Transfer Utility

This module will transfer a file to or from a remote TFTP server. Note that the target must be able to connect back to the Metasploit system, and NAT traversal for TFTP is often unsupported. Two actions are supported: "Upload" and "Download," which behave as one might expect -- use 'set action...

HomeSeer HS2 2.5.0.20 - Web Interface Log Viewer Page URI Cross-Site Scripting

HomeSeer HS2 2.5.0.20 - Web Interface Log Viewer Page URI Cross-Site Scripting source: https://www.securityfocus.com/bid/50978/info HS2 web interface is prone to multiple security vulnerabilities: 1. An HTML-injection vulnerability. 2. A cross-site request-forgery vulnerability. 3. A...

HomeSeer HS2 2.5.0.20 - Web Interface Log Viewer Page URI Cross-Site Scripting

source: https://www.securityfocus.com/bid/50978/info HS2 web interface is prone to multiple security vulnerabilities: 1. An HTML-injection vulnerability. 2. A cross-site request-forgery vulnerability. 3. A directory-traversal vulnerability. Attackers can exploit these issues to perform certain...

Vulnerabilities in Serv-U 11.1.0.3

Luigi Auriemma Application: Serv-U FTP http://www.serv-u.com Versions: = 11.1.0.3 Platforms: Windows, Linux bug B should affect only some Windows versions Bugs: A sockets and ports consumption B possible access to the management console Exploitation: remote Date: 03 Dec 2011 Author: Luigi Auriemm...

DEBIAN-CVE-2011-4130

Use-after-free vulnerability in the Response API in ProFTPD before 1.3.3g allows remote authenticated users to execute arbitrary code via vectors involving an error that occurs after an FTP data transfer...

DEBIAN-CVE-2011-1932

Directory traversal vulnerability in io/filesystem/filesystem.cc in Widelands before 15.1 might allow remote attackers to overwrite arbitrary files via . dot characters in a pathname that is used for a file transfer in an Internet game...