1850 matches found
CVE-2008-1440
Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast PGM packets, which allows remote attackers to cause a denial of service infinite loop and system hang via a crafted PGM packet, aka the "PGM Invalid...
Security feature bypass
Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast PGM packets, which allows remote attackers to cause a denial of service infinite loop and system hang via a crafted PGM packet, aka the "PGM Invalid...
CVE-2008-1440
Microsoft Windows XP SP2 and SP3, and Server 2003 SP1 and SP2, does not properly validate the option length field in Pragmatic General Multicast PGM packets, which allows remote attackers to cause a denial of service infinite loop and system hang via a crafted PGM packet, aka the "PGM Invalid...
Microsoft Windows PGM Packet Handling Denial of Service (MS08-036; CVE-2008-1440)
PGM is a reliable and scalable multicast protocol that enables receivers to detect loss, request retransmission of lost data, or notify an application of unrecoverable loss. The vulnerability is due to the PGM's parsing code that fails to properly validate the option field length of a PGM packet....
MS08-036: Vulnerabilities in Pragmatic General Multicast (PGM) Could Allow Denial of Service (950762)
The remote version of Windows is affected by a vulnerability in the Pragmatic General Multicast protocol installed with the MSMQ service. An attacker may exploit this flaw to crash the remote host remotely. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid33137;...
MDAP ANTs PWNAGE: dumping the admin password of the BT Home Hub
http://www.gnucitizen.org/blog/dumping-the-admin-password-of-the-bt-home-hub/ We're back with more security attacks against the BT Home Hub most popular wireless DSL router in the UK! BT added a new security feature on the latest version 1 of the BT Home Hub firmware 6.2.6.E at time of writing...
Update Protection against Borland StarTeam Multicast Service HTTP Handling Buffer Overflow Vulnerability
A buffer overflow vulnerability has been reported in Borland StarTeam Multicast Service. Borland StarTeam is a software change and configuration management tool, designed for both centralized and geographically distributed software development environments. A remote attacker might exploit this...
Borland StarTeam Multicast Service parse_request buffer overflow
Added: 04/25/2008 CVE: CVE-2008-0311 BID: 28602 OSVDB: 44039 Background Borland StarTeam is a software change and configuration management system. Problem A buffer overflow vulnerability in the PGMWebHandler::parserequest function in the StarTeam Multicast Service allows remote attackers to execu...
Borland StarTeam Multicast Service parse_request buffer overflow
Added: 04/25/2008 CVE: CVE-2008-0311 BID: 28602 OSVDB: 44039 Background Borland StarTeam is a software change and configuration management system. Problem A buffer overflow vulnerability in the PGMWebHandler::parserequest function in the StarTeam Multicast Service allows remote attackers to execu...
Borland StarTeam Multicast Service parse_request buffer overflow
Added: 04/25/2008 CVE: CVE-2008-0311 BID: 28602 OSVDB: 44039 Background Borland StarTeam is a software change and configuration management system. Problem A buffer overflow vulnerability in the PGMWebHandler::parserequest function in the StarTeam Multicast Service allows remote attackers to execu...
Borland StarTeam Multicast Service parse_request buffer overflow
Added: 04/25/2008 CVE: CVE-2008-0311 BID: 28602 OSVDB: 44039 Background Borland StarTeam is a software change and configuration management system. Problem A buffer overflow vulnerability in the PGMWebHandler::parserequest function in the StarTeam Multicast Service allows remote attackers to execu...
Borland StarTeam Multicast服务GMWebHandler::parse_request()栈溢出漏洞
BUGTRAQ ID: 28602 CVECAN ID: CVE-2008-0311 Borland CaliberRM是Borland所捆绑的开发部署解决方案中的企业软件要求管理软件。 CaliberRM的实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 CaliberRM的StarTeam多播服务组件(STMulticastService)包含有有漏洞的函数PGMWebHandler::parserequest: .text:003AA15D call PGMWebHandler::parserequestchar const ,uint,char...
Stack overflow
Stack-based buffer overflow in the PGMWebHandler::parserequest function in the StarTeam Multicast Service component STMulticastService 6.4 in Borland CaliberRM 2006 allows remote attackers to execute arbitrary code via a large HTTP request...
Cisco IOS多播虚拟专用网MDT Data Join消息处理数据泄露漏洞
BUGTRAQ ID: 28464 CVECAN ID: CVE-2008-1156 Cisco IOS是思科网络设备所使用的互联网操作系统。 Cisco IOS在实现多播虚拟专用网(MVPN)时存在漏洞,允许攻击者发送特制的多播分布树(MDT)Data Join消息导致在核心路由器上创建额外的多播状态。 这个漏洞还允许泄露其他MPLS VPN的多播通讯,可以接收连接到同一供应商边界(PE)路由器的VPN的多播通讯。如果要成功利用这个漏洞,攻击者必须知道或猜测到远程PE路由器的边界网管协议(BGP)同层IP地址,以及其他MPLS VPN所使用的多播组的地址。 Cisco IOS 12.4...
Design/Logic Flaw
Unspecified vulnerability in the Multicast Virtual Private Network MVPN implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree MDT Data Join message...
CVE-2008-1156
Unspecified vulnerability in the Multicast Virtual Private Network MVPN implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree MDT Data Join message...
CVE-2008-1156
Unspecified vulnerability in the Multicast Virtual Private Network MVPN implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree MDT Data Join message...
CVE-2008-1156
CVE-2008-1156 affects Cisco IOS MVPN implementations (released 12.0–12.4). The vulnerability arises from the MDT Data Join handling, enabling remote attackers to create extra multicast states on core routers and, in some cases, leak multicast traffic between MPLS VPNs when DSP/BDP information is ...
Cisco Security Advisory: Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Multicast Virtual Private Network MVPN Data Leak Advisory ID: cisco-sa-20080326-mvpn http://www.cisco.com/warp/public/707/cisco-sa-20080326-mvpn.shtml Revision 1.0 For Public Release 2008 March 26 1600 UTC GMT Summar...
conga security, bug fix, and enhancement update
0.10.0-6.el5.0.1 - Replaced Redhat copyrighted and trademarked images in the conga-0.10.0 tarball. 0.10.0-6 - Fixed bz253783 - Fixed bz253914 conga doesn't allow you to reuse nfs export and nfs client resources - Fixed bz254038 Impossible to set many valid quorum disk configurations via conga -...