36 matches found
Debian DSA-2425-1 : plib - buffer overflow
It was discovered that PLIB, a library used by TORCS, contains a buffer overflow in error message processing, which could allow remote attackers to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted fr...
Debian DSA-2413-1 : libarchive - buffer overflows
Two buffer overflows have been discovered in libarchive, a library providing a flexible interface for reading and writing archives in various formats. The possible buffer overflows while reading ISO 9660 or tar streams allow remote attackers to execute arbitrary code depending on the application...
Debian DSA-2392-1 : openssl - out-of-bounds read
Antonio Martin discovered a denial-of-service vulnerability in OpenSSL, an implementation of TLS and related protocols. A malicious client can cause the DTLS server implementation to crash. Regular, TCP-based TLS is not affected by this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
Debian DSA-2344-1 : python-django-piston - deserialization vulnerability
It was discovered that the Piston framework can deserializes untrusted YAML and Pickle data, leading to remote code execution CVE-2011-4103 . %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...
Debian DSA-2270-1 : qemu-kvm - programming error
It was discovered that incorrect sanitising of virtio queue commands in KVM, a solution for full virtualization on x86 hardware, could lead to denial of service or the execution of arbitrary code. The oldstable distribution lenny is not affected by this problem. %NASLMINLEVEL 70300 C Tenable...
Debian DSA-2236-1 : exim4 - command injection
It was discovered that Exim, Debian's default mail transfer agent, is vulnerable to command injection attacks in its DKIM processing code, leading to arbitrary code execution. CVE-2011-1407 The default configuration supplied by Debian does not expose this vulnerability. The oldstable distribution...
CVE-2010-3009
Unspecified vulnerability in HP System Management Homepage SMH for Linux 6.0 and 6.1 allows remote authenticated users to obtain sensitive information and gain root privileges via unknown vectors...
CUPS '_cupsImageReadTIFF()'整数溢出漏洞
BUGTRAQ ID: 34571 CVE ID:CVE-2009-0163 CNCVE ID:CNCVE-20090163 Common Unix Printing SystemCUPS是一款通用Unix打印系统,是Unix环境下的跨平台打印解决方案,基于Internet打印协议,提供大多数PostScript和raster打印机服务。 CUPS处理TIFF图像存在整数溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。...
CVE-2004-0267
The 1 inoregupdate, 2 uniftest, or 3 unimove scripts in eTrust InoculateIT for Linux 6.0 allow local users to overwrite arbitrary files via a symlink attack on files in /tmp...
PT-2004-1421 · Ca · Etrust Inoculateit
Name of the Vulnerable Software and Affected Versions: eTrust InoculateIT for Linux version 6.0 Description: The issue allows local users to overwrite arbitrary files via a symlink attack on files in /tmp, specifically through the inoregupdate, uniftest, or unimove scripts. Recommendations: For...
CVE-1999-1495
CVE-1999-1495 describes a local vulnerability in xtvscreen for SuSE Linux 6.0 where a symlink attack on the file “pic000.pnm” lets a local user overwrite arbitrary files. The underlying issue is a symlink-based file-overwrite path within xtvscreen. Documented impact indicates no confidentiality o...
CVE-2000-0365
The CVE-2000-0365 entry concerns Red Hat Linux 6.0 where the /dev/pts file system is mounted with insecure modes. This configuration allows local users to write to other tty devices. The provided documents describe the affected component (/dev/pts) and the resulting local access impact but do not...
CVE-2000-0364
The CVE-2000-0364 entry concerns Red Hat Linux 6.0 where screen and rxvt fail to properly set tty device modes, enabling a local user to write to other virtual consoles. The vulnerability is localized (attack vector LOCAL) with low complexity and no authentication, and it can impact confidentiali...
ISC INN 2.2 RedHat Linux 6.0 - inews Buffer Overflow
ISC INN 2.2 RedHat Linux 6.0 - inews Buffer Overflow // source: https://www.securityfocus.com/bid/616/info INN versions 2.2 and earlier have a buffer overflow-related security condition in the inews program. inews is a program used to inject new postings into the news system. It is used by many...
ISC INN 2.2 / RedHat Linux 6.0 - inews Buffer Overflow
// source: https://www.securityfocus.com/bid/616/info INN versions 2.2 and earlier have a buffer overflow-related security condition in the inews program. inews is a program used to inject new postings into the news system. It is used by many news reading programs and scripts. The default...
CVE-1999-1495
xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file...