MDVA-2009:013 : phonon

Phonon in Mandriva Linux 2009.0 was not able to read files with a bracket in their filename. This update corrects the issue. %NASLMINLEVEL 70300 @DEPRECATED@ This script has been deprecated as the associated patch is not currently a security fix. Disabled on 2012/09/06. C Tenable Network Security...

CVE-2009-1336

fs/nfs/client.c in the Linux kernel before 2.6.23 does not properly initialize a certain structure member that stores the maximum NFS filename length, which allows local users to cause a denial of service OOPS via a long filename, related to the encodelookup function...

CVE-2009-1355

Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename...

CVE-2009-1356

Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist .xpl file...

Stack overflow

Stack-based buffer overflow in muxatmd in IBM AIX 5.2, 5.3, and 6.1 allows local users to gain privileges via a long filename...

Stack overflow

Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist .xpl file...

CVE-2009-1356

Stack-based buffer overflow in Elecard AVC HD Player allows remote attackers to execute arbitrary code via a long MP3 filename in a playlist .xpl file...

CVE-2009-1355

CVE-2009-1355 affects IBM AIX: the muxatmd command (/usr/sbin/muxatmd) contains a buffer overflow vulnerability that can be triggered by a long filename, leading to arbitrary code execution with root privileges via a local attack. The issue is reported across multiple AIX releases/TLs (e.g., 5.2–...

Stack overflow

Multiple stack-based buffer overflows in DZIP32.DLL before 5.0.0.8 in DynaZip Max and DZIPS32.DLL before 6.0.0.5 in DynaZip Max Secure; as used in HP OpenView Performance Agent C.04.60, HP Performance Agent C.04.70 and C.04.72, TurboZIP 6.0, and other products; allow user-assisted attackers to...

Windows ZIP folders buffer overflow

Integer overflow in DynaZip DUNZIP32.DLL library on oversized filename in archive...

Mandriva Update for tetex MDKSA-2007:109 (tetex)

Check for the Version of tetex OpenVAS Vulnerability Test Mandriva Update for tetex MDKSA-2007:109 tetex Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Linux Kernel 'NFS filename'本地拒绝服务漏洞

BUGTRAQ ID: 34390 CNCAN ID：CNCAN-2009040701 Linux是一款开放源代码的操作系统。 在结构nfsserver初始化过程中没有正确限制NFS文件名，可导致NFS客户端崩溃。 RedHat Enterprise Linux WS 4 RedHat Enterprise Linux ES 4 RedHat Enterprise Linux AS 4 RedHat Enterprise Linux Desktop version 4 Linux kernel 2.6.21 4 Linux kernel 2.6.21 .7 Linux kernel...

Abee CHM Maker和CHM eBook Creator FileName参数栈溢出漏洞

BUGTRAQ ID: 34279 Abee Chm Maker是用于创建chm文件的程序，Abee Chm eBook Creator是用于创建CHM格式电子书的程序。 Abee CHM Maker和CHM eBook Creator没有正确地处理.chmprj或.cmp项目文件。如果用户受骗打开了定义有超长FileName参数的项目文件的话，就可以触发栈溢出，导致执行任意代码。 AbeeTech Abee CHM Maker 1.9.5 AbeeTech Abee CHM eBook Creator 2.11 AbeeTech --------...

Abee Chm eBook Creator 2.11 (FileName) Local Stack Overflow Exploit

Exploit for unknown platform in category local exploits =================================================================== Abee Chm eBook Creator 2.11 FileName Local Stack Overflow Exploit =================================================================== exploit.py Abee Chm eBook Creator 2.11...

Abee Chm eBook Creator 2.11 - Filename Local Stack Overflow

Abee Chm eBook Creator 2.11 - Filename Local Stack Overflow exploit.py Abee Chm eBook Creator 2.11 Stack overflow Exploit By:Encrypt3d.M!nd it's the same exploit i wrote for chm maker,everything is the same!! but there's a lil note that when importing 'DevilInside.chmprj' a message will pops up a...

Symantec PcAnywhere format string vulnerability

Format string vulnerability with .chm filename...

CVE-2009-0753

Absolute path traversal vulnerability in MLDonkey 2.8.4 through 2.9.7 allows remote attackers to read arbitrary files via a leading "//" double slash in the filename...

CVE-2009-0753

CVE-2009-0753 affects MLDonkey 2.8.4–2.9.7 where the web interface mishandles filenames with leading //, enabling a remote attacker to read arbitrary files. Gentoo GLSA-200903-36 and Debian/Fedora advisories document this as an information-disclosure vulnerability via the web interface. The recom...

Directory traversal

Directory traversal vulnerability in download.php in Text Lines Rearrange Script 1.0, when registerglobals is enabled, allows remote attackers to read arbitrary local files via directory traversal sequences in the filename parameter...

CVE-2008-6334

Directory traversal vulnerability in download.php in eMetrix Extract Website allows remote attackers to read arbitrary files via a .. dot dot in the filename parameter...