CVE-2018-6484

CVE-2018-6484 affects ZZIPlib (zziplib) up to and including 0.13.67, with a memory alignment error and bus error in __zzip_fetch_disk_trailer (zzip/zip.c) that can be exploited by crafted ZIP files to cause a denial of service. Connected sources show broader zziplib issues (various CVEs in 0.13.6...

UBUNTU-CVE-2018-6484

In ZZIPlib 0.13.67, there is a memory alignment error and bus error in the zzipfetchdisktrailer function of zzip/zip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted zip file...

Microsoft Windows - IOCTL_VOLUME_GET_VOLUME_DISK_EXTENTS volmgr Pool Memory Disclosure

Microsoft Windows - IOCTLVOLUMEGETVOLUMEDISKEXTENTS volmgr Pool Memory Disclosure / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1154 We have discovered that the handler of the IOCTLVOLUMEGETVOLUMEDISKEXTENTS IOCTL in volmgr.sys discloses portions of uninitialized pool memory...

zziplib - multiple vulnerabilities

NIST reports by search in the range 2017/01/01 - 2018/07/06: 17 security fixes in this release: Heap-based buffer overflow in the zzipget32 function in fetch.c. Heap-based buffer overflow in the zzipget64 function in fetch.c. Heap-based buffer overflow in the zzipmementryextrablock function in...

Debian Security Advisory DSA 769-1 (gaim)

The remote host is missing an update to gaim announced via advisory DSA 769-1. Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in libgadu from ekg, console Gadu Gadu client, an instant messaging program which is included in gaim, a multi-protocol instant messaging...

Debian Security Advisory DSA 1318-1 (ekg)

The remote host is missing an update to ekg announced via advisory DSA 1318-1. OpenVAS Vulnerability Test $Id: deb13181.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1318-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian: Security Advisory (DSA-1318-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-769-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-1318-1 : ekg - several vulnerabilities

Several remote vulnerabilities have been discovered in ekg, a console Gadu Gadu client. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2005-2370 It was discovered that memory alignment errors may allow remote attackers to cause a denial of service on...

DSA-1318-1 ekg

Bulletin has no description...

PHP 5.2.0 header() Space Trimming Buffer Underflow Exploit (MacOSX)

No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | \| || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / //...

MOPB-extfilter.txt

?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || \ // // | |/ || '|/ |/ -| ' \ / -/ |||| /| || / // // ||||,||| ,|||||||,| || |||||| // // // // Proof of concept code from the Hardened-PHP Project // // C Copyright 2007 Stefan...

PHP 5.2.0 header() Space Trimming Buffer Underflow Exploit (MacOSX)

Exploit for macOS platform in category local exploits =================================================================== PHP 5.2.0 header Space Trimming Buffer Underflow Exploit MacOSX =================================================================== ?php...

PHP 5.2.0 ext/filter Space Trimming Buffer Underflow Exploit (MacOSX)

Exploit for macOS platform in category local exploits ===================================================================== PHP 5.2.0 ext/filter Space Trimming Buffer Underflow Exploit MacOSX ===================================================================== ?php...

FreeBSD : libgadu -- multiple vulnerabilities (3b4a6982-0b24-11da-bc08-0001020eed82)

Wojtek Kaniewski reports : Multiple vulnerabilities have been found in libgadu, a library for handling Gadu-Gadu instant messaging protocol. It is a part of ekg, a Gadu-Gadu client, but is widely used in other clients. Also some of the user contributed scripts were found to behave in an insecure...

Debian DSA-813-1 : centericq - several vulnerabilities

Several problems have been discovered in libgadu which is also part of centericq, a text-mode multi-protocol instant messenger client. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-2369 Multiple integer signedness errors may allow remote attackers...

[Full-disclosure] [SECURITY] [DSA 813-1] New centericq packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 813-1 [email protected] http://www.debian.org/security/ Martin Schulze September 15th, 2005 http://www.debian.org/security/faq -...

DSA-813-1 centericq - several

Bulletin has no description...

gaim

New gaim packages are available for Slackware 9.0, 9.1, 10.0, 10.1, and -current to fix some security issues. including: AIM/ICQ away message buffer overflow AIM/ICQ non-UTF-8 filename crash Gadu-Gadu memory alignment bug Sites that use GAIM should upgrade to the new version. More details about...

USN-168-1: Gaim vulnerabilities

Daniel Atallah discovered a Denial of Service vulnerability in the file transfer handler of OSCAR the module that handles various instant messaging protocols like ICQ. A remote attacker could crash the Gaim client of an user by attempting to send him a file with a name that contains invalid UTF-8...