3321 matches found
[Full-disclosure] rsnapshot Security Advisory 001
============================================================================ rsnapshot Security Advisory 001 [email protected] http://www.rsnapshot.org/security/ Apr 10th, 2005 Nathan Rosenquist ============================================================================ Severity: high...
Vulnerabilities in Cisco IOS Secure Shell Server
Certain release trains of Cisco Internetwork Operating System IOS®, when configured to use the IOS Secure Shell SSH server in combination with Terminal Access Controller Access Control System Plus TACACS+ as a means to perform remote management tasks on IOS devices, may contain two vulnerabilitie...
Cisco Security Advisory: Crafted Packet Causes Reload on Cisco Routers
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Crafted Packet Causes Reload on Cisco Routers Revision 1.0 For Public Release 2005 January 26 1600 GMT - -------------------------------------------------------------------------- Contents Summary Affected Products Details...
Cisco IOS embedded call processing solutions contain unspecified DoS vulnerability
Overview An unspecified error in Cisco Internetwork Operating System IOS could allow a remote attacker to cause a denial of service. Description Cisco IOS is a very widely deployed network operating system. IOS release trains 12.1YD, 12.2T, 12.3, and 12.3T, when configured for the IOS Telephony...
Cisco Security Advisory: Vulnerability in Cisco IOS Embedded Call Processing Solutions
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Vulnerability in Cisco IOS Embedded Call Processing Solutions Revision 1.0 For Public Release 2005 January 19 1500 UTC +---------------------------------------------------------------------- Contents ======== Summary Affected...
Veritas Backup Exec registration request buffer overflow
Overview Certain versions of Veritas Backup Exec 8.x and 9.x can be remotely exploited to allow execution of arbitrary code on affected servers. Description A buffer overflow exists in Veritas Backup Exec 8.x prior to 8.60.3878 Hotfix 68, and 9.x pritor to 9.1.4691 Hotfix 40. A stack-based buffer...
ACROS Security: Poisoning Cached HTTPS Documents in Internet Explorer
Below please find our public report for the HTTPS cache poisoning issue in Internet Explorer. It includes workarounds for server operators, allowing them to protect their web services without having to rely on users to patch their browsers. Regards, ACROS Security http://www.acrossecurity.com...
ACROS Security: Poisoning Cached HTTPS Documents in Internet Explorer
Below please find our public report for the HTTPS cache poisoning issue in Internet Explorer. It includes workarounds for server operators, allowing them to protect their web services without having to rely on users to patch their browsers. Regards, ACROS Security http://www.acrossecurity.com...
GLSA-200410-06 : CUPS: Leakage of sensitive information
The remote host is affected by the vulnerability described in GLSA-200410-06 CUPS: Leakage of sensitive information When printing to a SMB-shared printer requiring authentication, CUPS leaks the user name and password to a logfile. Impact : A local user could gain knowledge of sensitive...
[Full-Disclosure] Buffer Overflow in DBMS_SYSTEM.KSDWRT() in Oracle8i - 9i
http://www.red-database-security.com/advisory/advisory200409033.htm RDS200409032 - Red-Database-Security GmbH Research Advisory Name Buffer Overflow in DBMSSYSTEM.KSDWRT in Oracle8i - 9i Systems Affected Oracle 8i - Oracle9i all platforms Severity Medium Risk Category Buffer Overflow/Denial of...
[Full-Disclosure] Buffer Overflow in SYS_CONTEXT() in Oracle 9i Rel.2
http://www.red-database-security.com/advisory/advisory200409032.htm RDS200409032 - Red-Database-Security GmbH Research Advisory Name Buffer Overflow in SYSCONTEXT in Oracle 9i Rel.2 Systems Affected Oracle9i Rel. 2 Windows platform only Severity Medium Risk Category Buffer Overflow Vendor URL...
[Full-Disclosure] SQL Injection via CTXSYS.DRILOAD in Oracle 8i/9i
http://www.red-database-security.com/advisory/advisory200409031.htm RDS200409031 - Red-Database-Security GmbH Research Advisory Name SQL Injection via CTXSYS.DRILOAD in Oracle 8i/9i Systems Affected Oracle 8i / Oracle9i all platforms Severity High Risk Category SQL Injection Vendor URL...
[Full-Disclosure] SUSE Security Announcement: kernel (SUSE-SA:2004:028)
-----BEGIN PGP SIGNED MESSAGE----- SUSE Security Announcement Package: kernel Announcement-ID: SUSE-SA:2004:028 Date: Wednesday, Sept 1st 2004 14:26 MEST Affected products: 8.1, 8.2, 9.0, 9.1 SUSE Linux Database Server, SUSE eMail Server III, 3.1 SUSE Linux Enterprise Server 8, 9 SUSE Linux...
Cisco Security Advisory: Cisco Telnet Denial of Service Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Telnet Denial of Service Vulnerability Revision 1.0 For Public Release 2004 August 27 1000 UTC - ------------------------------------------------------------------------- Contents Summary Affected Products Details Impact...
GLSA-200404-21 : Multiple Vulnerabilities in Samba
The remote host is affected by the vulnerability described in GLSA-200404-21 Multiple Vulnerabilities in Samba Two vulnerabilities have been discovered in Samba. The first vulnerability allows a local user who has access to the smbmount command to gain root. An attacker could place a setuid-root...
Cisco Telnet Denial of Service Vulnerability
A specifically crafted Transmission Control Protocol TCP connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System IOS® may block further telnet, reverse telnet, Remote Shell RSH, Secure Shell SSH, and in some cases Hypertext Transport Protocol HTTP...
Cisco Security Advisory: Cisco IOS Malformed OSPF Packet Causes Reload
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Malformed OSPF Packet Causes Reload Revision 1.0 For Public Release 2004 August 18 15:00 UTC GMT - ---------------------------------------------------------------------------- Contents Summary Affected Products Detai...
[Full-Disclosure] Cisco Security Advisory: Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Malformed Packet Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco ONS 15327, ONS 15454, ONS 15454 SDH, and ONS 15600 Malformed Packet Vulnerabilities Revision 1.0 For Public Release 2004 July 21 at 1600 UTC GMT ----------------------------------------------------------------------...
Cisco CatOS TCP ACK handling vulnerability
Overview A vulnerability in Cisco CatOS may allow a remote attacker to cause a denial of service on an affected device. Description Cisco's CatOS is an operating system that runs on some Cisco Catalyst switch products. A vulnerability in the way that TCP services on CatOS handle malformed...
Cisco IOS fails to properly process solicited SNMP operations
Overview Cisco IOS contains a vulnerability in the processing of solicited Simple Network Management Protocol SNMP operations that may result in memory corruption of the device causing it to reload. Sustained exploitation of this vulnerability could lead to a denial of service condition affect a...