qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

Qemu: usb: fix up post load checks

hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."...

qemu: virtio: insufficient validation of num_sg when mapping

The virtqueuemapsg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read...

qemu: usb: insufficient sanity checking of setup_index+setup_len in post_load

The usbdevicepostload function in hw/usb/bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, related to a negative setuplen or setupindex value...

Qemu: usb: fix up post load checks

hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."...

Design/Logic Flaw

COPA-DATA zenon DNP3 NG driver DNP3 master 7.10 and 7.11 through 7.11 SP0 build 10238 and zenon DNP3 Process Gateway DNP3 outstation 7.11 SP0 build 10238 and earlier allow physically proximate attackers to cause a denial of service infinite loop and process crash via crafted input over a serial...

CVE-2014-2346 COPA-DATA zenon DNP3 Improper Input Validation

COPA-DATA zenon DNP3 NG driver DNP3 master 7.10 and 7.11 through 7.11 SP0 build 10238 and zenon DNP3 Process Gateway DNP3 outstation 7.11 SP0 build 10238 and earlier allow physically proximate attackers to cause a denial of service infinite loop and process crash via crafted input over a serial...

CVE-2014-2346

The CVE-2014-2346 issue affects COPA-DATA zenon DNP3 NG driver (DNP3 master) and zenon DNP3 Process Gateway (DNP3 outstation). Affected versions are zenon DNP3 NG driver (7.10 SP0 up to 7.11 SP0 build 10238) and zenon DNP3 Process Gateway (7.11 SP0 build 10238 and prior). The root cause is improp...

COPA-DATA Patches DNP3 SCADA Vulnerability

A vulnerability exists in a particular brand of SCADA software that if left unpatched, could trigger a denial of service condition and go on to compromise the software’s communication connections, resulting in system instability. The problem is an improper input validation vulnerability and exist...

CVE-2014-2343

Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to cause a denial of service excessive data processing via a crafted DNP request over a serial line...

CVE-2014-2343 Triangle MicroWorks SCADA Data Gateway Resource Exhaustion

Triangle MicroWorks SCADA Data Gateway before 3.00.0635 allows physically proximate attackers to cause a denial of service excessive data processing via a crafted DNP request over a serial line...

kernel: security and bugfix update (important)

This Linux kernel security update fixes various security issues and bugs. The Linux Kernel was updated to fix various security issues and bugs. Main security issues fixed: A security issue in the tty layer that was fixed that could be used by local attackers for code execution CVE-2014-0196. Two...

UBUNTU-CVE-2014-3461

hw/usb/bus.c in QEMU 1.6.2 allows remote attackers to execute arbitrary code via crafted savevm data, which triggers a heap-based buffer overflow, related to "USB post load checks."...

Multiple Vulnerabilities in Cisco TelePresence TC and TE Software

Cisco TelePresence TC and TE Software are affected by the following vulnerabilities: Six Session Initiation Protocol SIP denial of service vulnerabilities Cisco TelePresence TC and TE Software DNS Buffer Overflow Vulnerability Cisco TelePresence TC and TE Software Input Validation Vulnerability...

CVE-2013-2828

The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows physically proximate attackers to cause a denial of service interface shutdown via crafted input over a serial line...

Design/Logic Flaw

The DNP Master Driver in the OSIsoft PI Interface before 3.1.2.54 for DNP3 allows physically proximate attackers to cause a denial of service interface shutdown via crafted input over a serial line...

CVE-2013-0662

Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header...

Stack overflow

Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header...

kernel: usb: cdc-wdm buffer overflow triggered by device

Heap-based buffer overflow in the wdmincallback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service system crash or possibly execute arbitrary code via a crafted cdc-wdm USB device...

Schneider Electric产品基于栈的缓冲区溢出漏洞

Bugtraq ID:66500 CVE ID:CVE-2013-0662 施耐德电气为100多个国家的能源及基础设施、工业、数据中心及网络、楼宇和住宅市场提供整体解决方案。 Schneider Electric多个产品使用的Modbus Serial驱动监听TCP 27700端口，当处理连接时，Modbus应用头字段会最先读入缓冲区，当在头字段指定超大缓冲区大小时可触发基于栈的缓冲区溢出，成功利用漏洞可以以应用程序上下文执行任意代码。 0 Schneider Electric TwidoSuite Versions 2.31.04 Schneider Electric PowerSui...