6722 matches found
Buffer overflow
flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator flex before 2.5.33 does not allocate enough memory for grammars containing 1 REJECT statements or 2 trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependen...
CVE-2006-0459
flex.skl in Will Estes and John Millaway Fast Lexical Analyzer Generator flex before 2.5.33 does not allocate enough memory for grammars containing 1 REJECT statements or 2 trailing context rules, which causes flex to generate code that contains a buffer overflow that might allow context-dependen...
CVE-2006-0459
CVE-2006-0459 affects the Fast Lexical Analyzer Generator (flex) before version 2.5.33. The issue is a memory allocation fault when processing grammars that contain REJECT statements or trailing context rules, causing generated code to contain a buffer overflow. This could allow context-dependent...
[SECURITY] [DSA 1020-1] New flex packages fix insecure code generation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1020-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28th, 2006 http://www.debian.org/security/faq -...
flex fast lexical analyzer generator buffer overflow
Buffer overflow on REJECT rule parsing...
[SECURITY] [DSA 1020-1] New flex packages fix insecure code generation
-------------------------------------------------------------------------- Debian Security Advisory DSA 1020-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 28th, 2006 http://www.debian.org/security/faq -...
Design/Logic Flaw
PasswordSafe 3.0 beta, when running on Windows before XP, uses a weak random number generator C++ rand function during generation of the database encryption key, which makes it easier for attackers to decrypt the database and steal passwords by generating keys for all possible rand seed values an...
PasswordSafe 3.0 weak random number generator allows key recovery attack
Title : PasswordSafe 3.0 weak random number generator allows key recovery attack Date : March 23, 2006 Product : PasswordSafe 3.0 Discovered by : ElcomSoft Co.Ltd. Overview ====================================================================== PasswordSafe is a program originally written by...
CVE-2005-4730
Unspecified vulnerability in PEAR TextPassword 1.0 has unknown impact and attack vectors, related to "problematic seeding" of the random number generator, possibly predictable seeds...
CVE-2005-4730
Technical details (affected versions, impact, exploit info, and remediation) for CVE-2005-4730 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2006-0936
The CVE-2006-0936 entry concerns Free Host Shop Website Generator 3.3. It describes a vulnerability where remote authenticated users with administrative privileges can upload and execute arbitrary files via a formname parameter using a filename containing a dangerous extension and a trailing %00....
NSAG-202-25.02.2006.txt
Advisory: NSAG-¹202-25.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: WEBSITE GENERATOR 3.3 Site of manufacturer: http://freehostshop.com The status: 19/11/2005 - Publication is postponed...
NSA Group Security Advisory NSAG-№202-25.02.2006 Vulnerability WEBSITE GENERATOR 3.3
Advisory: NSAG-№202-25.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: WEBSITE GENERATOR 3.3 Site of manufacturer: http://freehostshop.com The status: 19/11/2005 - Publication is postponed...
FreeHostShop Website Generator 3.3 - Arbitrary File Upload
FreeHostShop Website Generator 3.3 - Arbitrary File Upload source: https://www.securityfocus.com/bid/16823/info Website generator is prone to an arbitrary file-upload vulnerability. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver...
FreeHostShop Website Generator 3.3 - Arbitrary File Upload
source: https://www.securityfocus.com/bid/16823/info Website generator is prone to an arbitrary file-upload vulnerability. An attacker can exploit this vulnerability to upload arbitrary code and execute it in the context of the webserver process. This may facilitate unauthorized access or privile...
DSA-956-1 lsh-server - filedescriptor leak
Bulletin has no description...
CVE-2006-0353
unixrandom.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys...
Design/Logic Flaw
unixrandom.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys...
DEBIAN-CVE-2006-0353
unixrandom.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys...
CVE-2006-0353
CVE-2006-0353 affects lsh 2.0.1’s lshd, which leaks file descriptors related to the randomness generator. A local attacker can truncate the seed file, potentially preventing lshd from starting or enabling seed/key disclosure. Debian’s DSA-956-1 and related advisories describe a local vulnerabilit...