8805 matches found
gdb, kernel security update
CentOS Errata and Security Advisory CESA-2007:0436 Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the ninth regular update. This security advisory has been rated as having important security impact by the Red Hat...
Important: Red Hat Security Advisory: Updated kernel packages for Red Hat Enterprise Linux 3 Update 9
Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the ninth regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles t...
[SECURITY] Fedora 7 Update: NetworkManager-0.6.5-3.fc7
NetworkManager attempts to keep an active network connection available at a ll times. It is intended only for the desktop use-case, and is not intended f or usage on servers. The point of NetworkManager is to make networking configuration and setup as painless and automatic as possible. If using ...
linux-disclose-v2.txt
include include include include include include include define BUFSIZE 0x10000000 int mainint argc, char argv void mem = mmap0, BUFSIZE, PROTREAD | PROTWRITE, MAPANONYMOUS | MAPPRIVATE, 0, 0; if mem == void-1 printf"Alloc failed\n"; return -1; / SOCKDCCP, IPPROTODCCP / int s = socketPFINET, 6, 33...
Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003)
Binary data 3947.prm...
Mac OS X < 10.4.9 Multiple Vulnerabilities (Security Update 2007-003)
The remote host is running a version of Mac OS X 10.4 which is older than version 10.4.9 or a version of Mac OS X 10.3 which does not have Security Update 2007-003 applied. This update contains several security fixes for the following programs : - ColorSync - CoreGraphics - Crash Reporter - CUPS ...
Embedded nulls in location.hostname confuse same-domain checks — Mozilla
Michal Zalewski demonstrated that setting location.hostname to a value with embedded null characters can confuse the browsers domain checks. Setting the value triggers a load, but the networking software reads the hostname only up to the null character while other checks for "parent domain" start...
MOAB-29-01-2007: Apple iChat Bonjour Multiple Denial of Service Vulnerabilities
Summary The vendor Apple provides the following description of Bonjour and iChat: Bonjour, also known as zero-configuration networking, enables automatic discovery of computers, devices, and services on IP networks. Bonjour uses industry standard IP protocols to allow devices to automatically...
迅雷5 ThunderAgent Module 远程拒绝服务漏洞
迅雷是由Thunder Networking公司开发的一个下载软件,在中国有着非常广泛的用户。迅雷5的ThunderAgent005.dll中注册了一个 activex控件,当Internet Explorer调用他的某些方法时,将会造成整数溢出,成功利用将造成Internet Explorer崩溃。 在ThunderAgent005.dll中,有两处方法调用时忽略了输入参数异常的情况,当输入参数为精心构造的负数或大整数时,将造成整数溢出,产生不可预料的结果,从而造成浏览器崩溃。 该Activex注册控件的Object Classid是...
CVE-2006-6427
The CVE-2006-6427 entry concerns Xerox WorkCentre and WorkCentre Pro web UIs affected by command-injection in the WebUI. Affected versions are before 12.060.17.000, 13.x before 13.060.17.000, and 14.x before 14.060.17.000. The vulnerability allows remote attackers to execute arbitrary commands vi...
Broadcom wireless driver fails to properly process 802.11 probe response frames
Overview A buffer overflow vulnerability exists in the Broadcom BCMWL5.SYS wireless driver. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary code, or cause a denial-of-service condition. Description The BCMWL5.SYS driver is a wireless 802.11 device driver...
kernel security update
CentOS Errata and Security Advisory CESA-2006:0437 Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the eighth regular update. This security advisory has been rated as having important security impact by the Red Ha...
security flaw
net/ipv4/netfilter/ipconntrackcore.c in Linux kernel 2.4 and 2.6, and possibly net/ipv4/netfilter/nfconntrackl3protoipv4.c in 2.6, does not clear sockaddrin.sinzero before returning IPv4 socket names from the getsockopt function with SOORIGINALDST, which allows local users to obtain portions of...
Important: Red Hat Security Advisory: Updated kernel packages for Red Hat Enterprise Linux 3 Update 8
Updated kernel packages are now available as part of ongoing support and maintenance of Red Hat Enterprise Linux version 3. This is the eighth regular update. This security advisory has been rated as having important security impact by the Red Hat Security Response Team. The Linux kernel handles...
[Full-disclosure] Cisco Secure ACS Weak Session Management Vulnerability
Cisco Secure ACS Weak Session Management Vulnerability June 23, 2006 Product Overview: Cisco Secure Access Control Server ACS provides a centralized identity networking solution and simplified user management experience across all Cisco devices and security management applications. Cisco Secure A...
GNUNet secure networking library DoS
Endless loop on zero sized UDP packet...
[Full-disclosure] Socket unreachable in GNUnet rev 2780
Luigi Auriemma Application: GNUnet http://www.gnunet.org Versions: = 0.7.0d and revision 2780 Platforms: Windows, nix, BSD, Mac and more Bug: UDP socket unreachable Exploitation: remote Date: 12 May 2006 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 Th...
Fenice OMS 1.10 (long get request) Remote Buffer Overflow Exploit
No description provided by source. / IHS Iran Homeland Security public source code Fenice - Open Media Streaming Server remote BOF exploit author : c0d3r "kaveh razavi" [email protected] package : fenice-1.10.tar.gz and prolly prior versions workaround : update after patch release advisory :...
Code injection
The installation of Cisco Transport Controller CTC for Cisco Optical Networking System ONS 15000 series nodes adds a Java policy file entry with a wildcard that grants the java.security.AllPermission permission to any http URL containing "fs/LAUNCHER.jar", which allows remote attackers to execute...
CVE-2006-1671
Control cards for Cisco Optical Networking System ONS 15000 series nodes before 20060405 allow remote attackers to cause a denial of service card reset via 1 a "crafted" IP packet to a device with secure mode EMS-to-network-element access, aka bug ID CSCsc51390; 2 a "crafted" IP packet to a devic...