Lucene search
+L

1549 matches found

RedHat Linux
RedHat Linux
added 2008/03/18 6:54 p.m.4 views

krb5: possible leak of sensitive data from krb5kdc using krb4 request

The Kerberos 4 support in KDC in MIT Kerberos 5 krb5kdc does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."...

7.5CVSS7.4AI score0.03478EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/03/18 6:35 p.m.3 views

krb5: possible leak of sensitive data from krb5kdc using krb4 request

The Kerberos 4 support in KDC in MIT Kerberos 5 krb5kdc does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."...

7.5CVSS7.4AI score0.03478EPSS
Exploits1References4
OSV
OSV
added 2008/03/17 9:44 p.m.8 views

DEBIAN-CVE-2008-0888

The NEEDBITS macro in the inflatedynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data...

9.3CVSS8AI score0.0629EPSS
Exploits1References1
Debian CVE
Debian CVE
added 2008/03/17 9:0 p.m.40 views

CVE-2008-0888

The NEEDBITS macro in the inflatedynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data...

9.3CVSS7.9AI score0.0629EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2006/01/17 8:36 a.m.5 views

security flaw

The sysgetthreadarea function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information...

2.1CVSS5.8AI score0.00446EPSS
Exploits1References4
securityvulns
securityvulns
added 2005/07/01 12:0 a.m.27 views

Microsoft Windows NTFS Information Disclosure

Microsoft Windows NTFS Information Disclosure I. Synopsis Affected Systems: Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Risk: Moderate Impact: Local Information Leak Status: Maintenance Release Planned Uncoordinated release Author: Matthew Murphy [email protected]...

7.1AI score
Exploits0
OSV
OSV
added 2004/03/03 5:0 a.m.3 views

DEBIAN-CVE-2004-0082

The mksmbpasswd shell script mksmbpasswd.sh in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password...

7.5CVSS9.1AI score0.03497EPSS
Exploits0References1
OSV
OSV
added 2003/10/20 4:0 a.m.8 views

DEBIAN-CVE-2003-0688

The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service process crash via an invalid DNS response that causes Sendmail to free incorrect data...

5CVSS7AI score0.03564EPSS
Exploits0References1
securityvulns
securityvulns
added 2003/09/22 12:0 a.m.36 views

Midnight commander buffer overflow

Uninitialized buffer data triggers buffer overflow during archive listing...

4.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder