IBM Lotus Domino IMAP Service Mailbox Name Overflow

The IMAP server component of IBM Lotus Domino Server installed on the remote host fails to properly validate the mailbox name before copying it into a fixed-size stack buffer as part of handling certain unspecified commands. Using a specially crafted mailbox name to which he is subscribed, an...

[SECURITY] Fedora 7 Update: dovecot-1.0.3-14.fc7

Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats...

[SECURITY] Fedora Core 6 Update: wireshark-0.99.6-1.fc6

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...

GNU Findutils release 4.2.31 fixes CVE-2007-2452 (GNU locate heap buffer overrun)

$Revision: 1.4 $; $Date: 2007/05/30 22:04:52 $ I. BACKGROUND ============= GNU findutils is a set of programs which search for files on Unix-like systems. It is maintained by the GNU Project of the Free Software Foundation. For more information, see http://www.gnu.org/software/findutils. II...

file integer overflow vulnerability

Overview The file program contains a vulnerability that may allow an attacker to execute arbitrary code or create a denial-of-service condition. Description file is a program for Unix-like operating systems that is used to determine what type of data is contained in a file.file contains a buffer...

[SECURITY] Fedora Core 5 Update: dovecot-1.0-0.beta8.3.fc5

Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats...

GNU tar: Buffer overflow

Background GNU tar is the standard GNU utility for creating and manipulating tar archives, a common format used for creating backups and distributing files on UNIX-like systems. Description Jim Meyering discovered a flaw in the handling of certain header fields that could result in a buffer...

Clam AntiVirus vulnerable to memory corruption via specially crafted UPX packed file

Overview A vulnerability in the ClamAV antivirus toolkit may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Clam AntiVirus is an antivirus toolkit for Unix-like systems that is commonly integrated with mail servers for email attachment scanning. It supports ...

Wine: Windows Metafile SETABORTPROC vulnerability

Background Wine is a free implementation of Windows APIs for Unix-like systems. Description H D Moore discovered that Wine implements the insecure-by-design SETABORTPROC GDI Escape function for Windows Metafile WMF files. Impact An attacker could entice a user to open a specially crafted Windows...

Webmin, Usermin: Format string vulnerability

Background Webmin is a web-based interface for Unix-like systems. Usermin is a simplified version of Webmin designed for use by normal users rather than system administrators. Description Jack Louis discovered that the Webmin and Usermin "miniserv.pl" web server component is vulnerable to a Perl...

Firefox / Opera code execution

Command lines arguments can be pasted through URL if Firefox or Opera are invoked from external application in Unix-like systems...

Asterisk vmail.cgi vulnerability

Assurance.com.au - Vulnerability Advisory ----------------------------------------------- Release Date: 07-Nov-2005 Software: Asterisk Web-VoiceMail Comedian VoiceMail http://www.asterisk.org/ Asterisk is a complete PBX in software. It runs on Linux, BSD and MacOSX and provides all of the feature...

[Full-disclosure] iDEFENSE Security Advisory 10.24.05: SCO Openserver authsh 'Home' Buffer Overflow Vulnerability

SCO Openserver authsh 'Home' Buffer Overflow Vulnerability iDEFENSE Security Advisory 10.24.05 http://www.idefense.com/application/poi/display?type=vulnerabilities October 24, 2005 I. BACKGROUND SCO OpenServer is a UNIX-like operating system for x86 platforms. II. DESCRIPTION Local exploitation o...

ClamAV < 0.86.3 Content-parsing Multiple Overflows (deprecated)

Binary data 3229.prm...

picasm.txt

picasm error handling stack overflow vulnerability Name: picasm error handling stack overflow Versions Affected: picasm Author: Shaun Colley Vendor Notified: May 7th 2005 Public Disclosure: May 20th 2005 BACKGROUND picasm is a Microchip PIC16Cxx assembler, designed to run on most UNIX-like...

KDE kimgio: PCX handling buffer overflow

Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. kimgio is the KDE image handler provided by kdelibs. Description kimgio fails to properly validate input when handling PCX files. Impact By enticing a user to load a specially-crafted PCX ima...

[SECURITY] [DSA 701-2] New samba packages fix correct sporadic crash

-------------------------------------------------------------------------- Debian Security Advisory DSA 701-2 [email protected] http://www.debian.org/security/ Martin Schulze April 21st, 2005 http://www.debian.org/security/faq -...

Debian DSA-701-2 : samba - integer overflows

It has been discovered that the last security update for Samba, a LanManager like file and printer server for GNU/Linux and Unix-like systems caused the daemon to crash upon reload. This has been fixed. For reference below is the original advisory text : Greg MacManus discovered an integer overfl...

DSA-701-1 samba - integer overflows

Bulletin has no description...

KDE: Local Denial of service

Background KDE is a feature-rich graphical desktop environment for Linux and Unix-like Operating Systems. DCOP is KDE's simple IPC/RPC mechanism. Description Sebastian Krahmer discovered that it is possible to stall the dcopserver of other users. Impact An attacker could exploit this to cause a...