BlackBerry Z10 Authentication Bypass Vulnerability

BlackBerry Z10 suffers from a storage and access file-exchange authentication bypass vulnerability. BlackBerry Z10 Authentication Bypass Vulnerability --------------------------------------------------------------------- --------------------------------------------------------------------- 1...

Authentication Bypass Bug Fixed in BlackBerry Z10

There’s a remotely exploitable authentication bypass vulnerability in the BlackBerry Z10 phone that affects the service that lets users share files with machines on a wireless network. The bug could allow an attacker to steal users’ personal data or hit them with targeted malware. The Z10 is one ...

windows live messenger plus! fileserver 1.0 - Directory Traversal vuln

No description provided by source. Windows Live Messenger Plus! FileServer 1.0 Found by joepie91 The FileServer script allows a user using Windows Live Messenger Plus! to share a defined folder and its subfolders and files with a contact. Authentication is done using a user-defined username and...

[oss-security] CVE request: OpenAFS 1.6.8 TMAY fileserver crashes

New code introduced in OpenAFS 1.6.8 does not properly zero fields in the host structure in the OpenAFS fileserver, leading to some variables in the host structure being left initialized from recycled heap memory. While no mechanism for exploitation is currently known, the affected file server...

Debian DSA-2899-1 : openafs - security update

Michael Meffie discovered that in OpenAFS, a distributed filesystem, an attacker with the ability to connect to an OpenAFS fileserver can trigger a buffer overflow, crashing the fileserver, and potentially permitting the execution of arbitrary code. In addition, this update addresses a minor deni...

Scientific Linux Security Update : openafs on SL5.x, SL6.x i386/x86_64 (20140411)

An attacker with the ability to connect to an OpenAFS fileserver can trigger a buffer overflow, crashing the server. The GetStatistics64 remote procedure call RPC was introduced in OpenAFS 1.4.8 as part of the support for fileserver partitions larger than 2 TiB. The GetStatistics64 RPC is used by...

DEBIAN-CVE-2013-1794

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry...

CVE-2013-1794

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry...

CVE-2013-1794

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry...

Buffer overflow

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry...

CVE-2013-1794

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry...

CVE-2013-1794

Buffer overflow in certain client utilities in OpenAFS before 1.6.2 allows remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long fileserver ACL entry...

Scientific Linux Security Update : openafs on SL5.x SL6.x i386/x86_64 (20130304)

By carefully crafting an ACL entry an attacker may overflow fixed length buffers within the OpenAFS fileserver, crashing the fileserver, and potentially permitting the execution of arbitrary code. To perform the exploit, the attacker must already have permissions to create ACLs on the fileserver ...

SuSE 10 Security Update : Linux kernel (ZYPP Patch Number 6437)

This patch updates the SUSE Linux Enterprise 10 SP2 kernel to fix various bugs and some security issues. The following security issues were fixed: CVE-2009-2692: A missing NULL pointer check in the socket sendpage function can be used by local attackers to gain root privileges. No cve yet A...

Marcelo Costa FileServer Component Directory Traversal Vulnerability

Marcelo Costa FileServer with Windows Live Messenger and Messenger Plus! Live is prone to a directory traversal vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

Marcelo Costa FileServer Component Directory Traversal Vulnerability

This host is running Marcelo Costa FileServer with Windows Live Messenger and Messenger Plus! Live, and is prone to directory traversal vulnerability. OpenVAS Vulnerability Test $Id: secpodmarcelocostafileserverdirtravvuln.nasl 8193 2017-12-20 10:46:55Z cfischer $ Marcelo Costa FileServer Compone...

CVE-2009-2544

Directory traversal vulnerability in the Marcelo Costa FileServer component 1.0 for Microsoft Windows Live Messenger and Messenger Plus! Live MPL allows remote authenticated users to list arbitrary directories and read arbitrary files via a .. dot dot in a pathname...

Directory traversal

Directory traversal vulnerability in the Marcelo Costa FileServer component 1.0 for Microsoft Windows Live Messenger and Messenger Plus! Live MPL allows remote authenticated users to list arbitrary directories and read arbitrary files via a .. dot dot in a pathname...

CVE-2009-2544

Marcelo Costa FileServer Component Directory Traversal Vulnerability (CVE-2009-2544) affects Marcelo Costa FileServer 1.0 used with Windows Live Messenger and Messenger Plus! Live. The vulnerability allows remote authenticated users to enumerate arbitrary directories and read arbitrary files thro...

CVE-2009-2544

Directory traversal vulnerability in the Marcelo Costa FileServer component 1.0 for Microsoft Windows Live Messenger and Messenger Plus! Live MPL allows remote authenticated users to list arbitrary directories and read arbitrary files via a .. dot dot in a pathname...