MGASA-2016-0316 Updated curl packages fix security vulnerability

The four libcurl functions curlescape, curleasyescape, curlunescape and curleasyunescape perform string URL percent escaping and unescaping. They accept custom string length inputs in signed integer arguments. The provided string length arguments were not properly checked and due to arithmetic in...

Three bypasses and a fix for one of Flash's Vector.<*> mitigations

Posted by Chris Evans, Cookie Monster With the release of Flash 18.0.0.209, two mitigations were introduced to combat abuse of Vector corruptions -- we covered these in a previous blog post. Flash 18.0.0.232 has just been released and it includes a change to the way one of the mitigations is...

Fedora 21 : hostapd-2.4-3.fc21 (2015-11441)

apply fix for NDEF record payload length checking Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

Nagios Core 3.4.3 Buffer Overflow Vulnerability

Nagios Core version 3.4.3 suffers from a stack-based buffer overflow vulnerability in the history.cgi web interface. history.cgi is vulnerable to a buffer overflow due to the use of sprintf with user supplied data that has not been restricted in size. This vulnerability does not appear to be...

CVE-2012-2330

The Update method in src/nodehttpparser.cc in Node.js before 0.6.17 and 0.7 before 0.7.8 does not properly check the length of a string, which allows remote attackers to obtain sensitive information request header contents and possibly spoof HTTP headers via a zero length string...

Debian Security Advisory DSA 2490-1 (nss)

The remote host is missing an update to nss announced via advisory DSA 2490-1. OpenVAS Vulnerability Test $Id: deb24901.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2490-1 nss Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Debian: Security Advisory (DSA-2490-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2490-1 : nss - denial of service

Kaspar Brand discovered that Mozilla's Network Security Services NSS libraries did insufficient length checking in the QuickDER decoder, allowing to crash a program using the libraries. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin wer...

[SECURITY] [DSA 2490-1] nss security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2490-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst June 7, 2012 http://www.debian.org/security/faq -...

DSA-2490-1 nss - denial of service

Bulletin has no description...

CVE-2006-5339

Unspecified vulnerability in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdogeom, aka Vuln DB11. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties th...

CVE-2006-5339

CVE-2006-5339 affects the Oracle Spatial component of Oracle Database (versions 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.4). The vulnerability is linked to the mdsys.sdo_geom path and is related to a suspected length-checking issue before MD2.RELATE is called, as reported by third parties. The described...

CVE-2006-5345

Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdogeom, aka Vuln DB22. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB22 i...

mysql -- mysql_real_connect buffer overflow vulnerability

The mysqlrealconnect function doesn't properly handle DNS replies by copying the IP address into a buffer without any length checking. A specially crafted DNS reply may therefore be used to cause a buffer overflow on affected systems. Note that whether this issue can be exploitable depends on the...

TracerouteNG - never ending story

Hi everyone, I want to provide some additional information about the recently discovered traceroute-ng flaw. I decided to disclose to details right now because I do not believe that the flaw is easily exploitable. 1 The vulnerablilty. The patch provided by vendors like SuSE is not sufficient. It...

NetBSD Security Advisory 2001-015: Insufficient checking of lengths passed to kernel

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2001-015 ================================= Topic: Insufficient checking of lengths passed from userland to kernel Version: NetBSD-current: source prior to August 5, 2001 NetBSD-1.5.1: affected NetBSD-1.5: affected NetBSD-1.4.: affected...

CVE-2001-0524

eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier...

CVE-2001-0524

eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier...

Security Advisory 2000-011: Insufficient msg_controllen checking for sendmsg&#40;2&#41;

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-011 ================================= Topic: Insufficient msgcontrollen checking for sendmsg2 Version: All releases of NetBSD from 1.3 to 1.5, and -current Severity: Any local user can panic the system Fixed: NetBSD-current: July 1,...