SUSE-SA:2007:012: squid

The remote host is missing the patch for the advisory SUSE-SA:2007:012 squid. This update fixes a remotely exploitable denial-of-service bug in squid that can be triggered by using special ftp:// URLs. CVE-2007-0247 Additionally the 10.2 package needed a fix for another DoS bug CVE-2007-0248 and...

OpenLDAP kbind authentication buffer overflow

There is a remotely exploitable buffer overflow in the Kerberos KBIND authentication code in the OpenLDAP slapd server. The vulnerability is in the krbv4ldapauth function in servers/slapd/kerberos.c. This function processes LDAP bind requests that specify the LDAPAUTHKRBV41 authentication method...

[Full-disclosure] [Madwifi] Madwifi SIOCGIWSCAN buffer overflow // France Telecom

Name: Madwifi SIOCGIWSCAN buffer overflow Vendor: http://www.madwifi.org Release date: December, 7th 2006 CVE ID: CVE-2006-6332 Authors: Laurent BUTTI, Jerome RAZNIEWSKI, Julien TINNES 1. Description There is a buffer overflow in the madwifi Atheros driver in some functions called by SIOCSIWSCAN...

guestbookPHP.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------- SySS-Advisory: XSS-vulnerability in guestbook-php-script - ------------------------------------------------------------------- Problem discovered: February 3d 2006 Vendor contacted:...

Fedora Core 4 : kernel-2.6.15-1.1831_FC4 (2006-102)

This update fixes a remotely exploitable denial of service attack in the icmp networking code CVE-2006-0454. An information leak has also been fixed CVE-2006-0095, and some debugging patches that had accidentally been left applied in the previous update have been removed, restoring the...

IOS Stack Group Bidding Protocol Crafted Packet DoS

The Cisco IOS Stack Group Bidding Protocol SGBP feature in certain versions of Cisco IOS software is vulnerable to a remotely-exploitable denial of service condition. Devices that do not support or have not enabled the SGBP protocol are not affected by this vulnerability. Cisco has made free...

Microsoft Windows MSDTC Memory Corruption Vulnerability

Description The Microsoft Windows MSDTC Microsoft Distribution Transaction Coordinator service is prone to a memory corruption vulnerability. This issue could allow for execution of arbitrary code in the context of the service. The vulnerability may be remotely exploitable in some circumstances,...

Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Buffer Overflow

The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of Cisco IOS software is vulnerable to a remotely-exploitable buffer overflow condition. Devices that do not support, or are not configured for Firewall Authentication Proxy for FTP and/or Teln...

myBloggie "username" SQL Injection Vulnerability

Secunia Advisory: SA16699 Release Date: 2005-09-05 Critical: Moderately critical Impact: Security Bypass Manipulation of data Where: From remote Solution Status: Vendor Patch Software: myBloggie 2.x Select a product and view a complete list of all Patched/Unpatched Secunia advisories affecting it...

Slackware 8.1 / 9.0 / current : Sendmail vulnerabilities fixed (SSA:2003-260-02)

The sendmail packages in Slackware 8.1, 9.0, and -current have been patched to fix security problems. These issues seem to be remotely exploitable, so all sites running sendmail should upgrade right away. Sendmail's 8.12.10 announcement may be found here: http://www.sendmail.org/8.12.10.html...

HP-UX PHSS_27477 : s700_800 11.04 Virtualvault 4.5 Inside Admin Server Update

s700800 11.04 Virtualvault 4.5 Inside Admin Server Update : The remote HP-UX host is affected by multiple vulnerabilities : - Remotely exploitable potential vulnerabilities have been reported in CA-2002-21 and CVE-2002-0658. - A potential remotely exploitable vulnerability in handling of large da...

[Full-Disclosure] Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1

Savant web server Buffer Overflow Exploit Discovered by : Mati Aharoni Coded by : Tal Zeltzer and Mati Aharoni www.see-security.com FOR RESEACRH PURPOSES ONLY! import struct import socket sc = "x90" 21 win32adduser - PASS=pwd EXITFUNC=thread USER=X Size=232 Encoder=PexFnstenvSub...

[SA13012] TortoiseCVS "SSH2_MSG_DEBUG" Packet Handling Buffer Overflow

TITLE: TortoiseCVS "SSH2MSGDEBUG" Packet Handling Buffer Overflow SECUNIA ADVISORY ID: SA13012 VERIFY ADVISORY: http://secunia.com/advisories/13012/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: TortoiseCVS 1.x http://secunia.com/product/4183/ DESCRIPTION: A...

Patch available for multiple high risk vulnerabilities in RealPlayer

John Heasman of NGSSoftware has discovered multiple high risk vulnerabilities in RealPlayer. Versions affected include RealPlayer 10.5 6.0.12.1040 RealPlayer 10.5 Beta 6.0.12.1016 RealPlayer 10 RealOne Player v1, v2 RealPlayer 8 RealPlayer Enterprise The flaws, that include remotely exploitable...

CVE-2001-0612

CVE-2001-0612 affects McAfee Remote Desktop 3.0 and earlier. The vulnerability allows a remote attacker to cause a denial of service (crash) by sending a large number of packets to port 5045. The NVD entry lists a CVSS v2 base score of 5.0 (Medium) with network access, no authentication, and part...

FreeBSD : tnftpd -- remotely exploitable vulnerability (194)

The following package needs to be updated: tnftpd %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgc4b025bbf05d11d89837000c41e2cdad.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...

gaim remotely exploitable vulnerabilities in MSN component

Sebastian Krahmer discovered several remotely exploitable buffer overflow vulnerabilities in the MSN component of gaim. In two places in the MSN protocol plugins object.c and slp.c, strncpy was used incorrectly; the size of the array was not checked before copying to it. Both bugs affect MSN's...

FreeBSD : pound remotely exploitable vulnerability (154)

The following package needs to be updated: pound %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgfb5211199bc411d893660020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-20...

RHEL 2.1 : fileutils (RHSA-2003:310)

Updated fileutils packages that close a potential denial of service vulnerability are now available. The fileutils package contains several basic system utilities. One of these utilities is the 'ls' program, which is used to list information about files and directories. Georgi Guninski discovered...

FreeBSD : seti@home remotely exploitable buffer overflow (176)

The following package needs to be updated: setiathome %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkg0e154a9c5d7a11d880e30020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...