1549 matches found
krb5: possible leak of sensitive data from krb5kdc using krb4 request
The Kerberos 4 support in KDC in MIT Kerberos 5 krb5kdc does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."...
krb5: possible leak of sensitive data from krb5kdc using krb4 request
The Kerberos 4 support in KDC in MIT Kerberos 5 krb5kdc does not properly clear the unused portion of a buffer when generating an error message, which might allow remote attackers to obtain sensitive information, aka "Uninitialized stack values."...
DEBIAN-CVE-2008-0888
The NEEDBITS macro in the inflatedynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data...
CVE-2008-0888
The NEEDBITS macro in the inflatedynamic function in inflate.c for unzip can be invoked using invalid buffers, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors that trigger a free of uninitialized or previously-freed data...
security flaw
The sysgetthreadarea function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information...
Microsoft Windows NTFS Information Disclosure
Microsoft Windows NTFS Information Disclosure I. Synopsis Affected Systems: Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Risk: Moderate Impact: Local Information Leak Status: Maintenance Release Planned Uncoordinated release Author: Matthew Murphy [email protected]...
DEBIAN-CVE-2004-0082
The mksmbpasswd shell script mksmbpasswd.sh in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password...
DEBIAN-CVE-2003-0688
The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service process crash via an invalid DNS response that causes Sendmail to free incorrect data...
Midnight commander buffer overflow
Uninitialized buffer data triggers buffer overflow during archive listing...