6887 matches found
libxml2: Remotely exploitable buffer overflow
Background libxml2 is an XML parsing library written in C. Description Multiple buffer overflows have been detected in the nanoftp and nanohttp modules. These modules are responsible for parsing URLs with ftp information, and resolving names via DNS. Impact An attacker could exploit an applicatio...
USN-10-1: XML library vulnerabilities
Several buffer overflows have been discovered in libxml2's FTP connection and DNS resolution functions. Supplying very long FTP URLs or IP addresses might result in execution of arbitrary code with the privileges of the process using libxml2. Since libxml2 is used in packages like php4-imagick, t...
libxml2 remote buffer overflows (not in xml parsing code though)
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Subject: libXML remotely exploitable buffer overflows. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Product Description: Libxml2 is the XML C parser and toolkit developed for the Gno...
libxml2 multiple buffer overflows
Buffer overflow on URL parsing, name resolution...
Libxml2 - Multiple Remote Stack Buffer Overflow Vulnerabilities
Libxml2 - Multiple Remote Stack Buffer Overflow Vulnerabilities // source: https://www.securityfocus.com/bid/11526/info The 'libxml2' library is reported prone to multiple remote stack-based buffer-overflow vulnerabilities caused by insufficient boundary checks. Remote attackers may exploit these...
Libxml2 - Multiple Remote Stack Buffer Overflow Vulnerabilities
// source: https://www.securityfocus.com/bid/11526/info The 'libxml2' library is reported prone to multiple remote stack-based buffer-overflow vulnerabilities caused by insufficient boundary checks. Remote attackers may exploit these issues to execute arbitrary code on a vulnerable computer. The...
GLSA-200403-01 : Libxml2 URI Parsing Buffer Overflow Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200403-01 Libxml2 URI Parsing Buffer Overflow Vulnerabilities Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When the libxml2 library fetches a remote resource via FTP or HTTP, libxml2 uses parsing routine...
Mandrake Linux Security Advisory : libxml2 (MDKSA-2004:018)
A flaw in libxml2 versions prior to 2.6.6 was found by Yuuichi Teranishi. When fetching a remote source via FTP or HTTP, libxml2 uses special parsing routines that can overflow a buffer if passed a very long URL. In the event that the attacker can find a program that uses libxml2 which parses...
Fedora Core 1 2004-087: libxml2
The remote host is missing the patch for the advisory FEDORA-2004-087 libxml2. This library allows to manipulate XML files. It includes support to read, modify and write XML and HTML files. There is DTDs support this includes parsing and validation even with complex DtDs, either at parse time or...
FreeBSD : libxml2 stack buffer overflow in URI parsing (208)
The following package needs to be updated: libxml2 %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg847ade05671711d8b321000a95bc6fae.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...
RHEL 2.1 / 3 : libxml2 (RHSA-2004:090)
Updated libxml2 packages that fix an overflow when parsing remote resources are now available. libxml2 is a library for manipulating XML files. Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When fetching a remote resource via FTP or HTTP, libxml2 uses special parsing...
CVE-2004-0110
Buffer overflow in the 1 nanohttp or 2 nanoftp modules in XMLSoft Libxml 2 Libxml2 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL...
Libxml2 URI parsing errors in nanohttp and nanoftp
Overview Libxml is the XML parser for Gnome, a desktop suite and development platform for Linux systems. Libxml2, the latest version of the library as of this writing, has a buffer overflow vulnerability which may allow execution of arbitrary code. Description Gnome, a desktop suite and developme...
Libxml2 URI Parsing Buffer Overflow Vulnerabilities
Background Description Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When the libxml2 library fetches a remote resource via FTP or HTTP, libxml2 uses parsing routines that can overflow a buffer caused by improper bounds checking if they are passed a URL longer than 4096...
[SECURITY] [DSA 455-1] New libxml packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 455-1 [email protected] http://www.debian.org/security/ Martin Schulze March 3rd, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 455-1] New libxml packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 455-1 [email protected] http://www.debian.org/security/ Martin Schulze March 3rd, 2004 http://www.debian.org/security/faq -...
CVE-2004-0110
Buffer overflow in the 1 nanohttp or 2 nanoftp modules in XMLSoft Libxml 2 Libxml2 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL...
CVE-2004-0110
The CVE-2004-0110 issue is a real vulnerability in libxml (XMLSoft Libxml2) affecting versions 2.6.0–2.6.5, where a long URL can trigger a buffer overflow in the nanohttp/nanoftp URL parsing paths, enabling remote arbitrary code execution. Related CVEs (CVE-2004-0989) cover buffer overflows in FT...
libxml2 long URL causes SEGV
Buffer overflow in the 1 nanohttp or 2 nanoftp modules in XMLSoft Libxml 2 Libxml2 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL...
Moderate: Red Hat Security Advisory: libxml2 security update
Updated libxml2 packages that fix an overflow when parsing remote resources are now available. libxml2 is a library for manipulating XML files. Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When fetching a remote resource via FTP or HTTP, libxml2 uses special parsing...