520 matches found
USN-279-1: libnasl/nessus vulnerability
Jayesh KS discovered that the naslsplit function in the NASL Nessus Attack Scripting Language library did not check for a zero-length separator argument, which lead to an invalid memory allocation. This library is primarily used in the Nessus security scanner; a remote attacker could exploit this...
CVE-2006-1526
Buffer overflow in the X render Xrender extension in X.org X server 6.8.0 up to allows attackers to cause a denial of service crash, as demonstrated by the 1 XRenderCompositeTriStrip and 2 XRenderCompositeTriFan requests in the rendertest from XCB xcb/xcb-demo, which leads to an incorrect memory...
CVE-2003-1092
Unknown vulnerability in the "Automatic File Content Type Recognition AFCTR Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact...
CVE-2004-1492
Master of Orion III 1.2.5 and earlier allows remote attackers to cause a denial of service game exit via a data packet that contains a large size specifier, which causes a large memory allocation to fail...
CVE-2004-0341
WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a 0Ah byte newline is sent, which allows local users to cause a denial of service CPU consumption by continuing to send a long command that does not contain a newline...
linux PAX DoS
Bug during memory allocation handling...
Gaim contains a buffer overflow vulnerability in the gaim_quotedp_decode() function
Overview There is a buffer overflow vulnerability in the Gaim gaimquotedpdecode function, which could cause a pointer to reference memory beyond the terminating null byte. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It includes a feature tha...
ipsec-tools and iputils contain a remote DoS vulnerability
Background From http://ipsec-tools.sourceforge.n et/ "IPsec-Tools is a port of KAME's IPsec utilities to the Linux-2.6 IPsec implementation." iputils is a collection of network monitoring tools, including racoon, ping and ping6. Description When racoon receives an ISAKMP header, it allocates memo...
Fetchmail 6.2.5 fixes a remote DoS
Background Fetchmail is a utility that retrieves and forwards mail from remote systems using IMAP, POP, and other protocols. Description Fetchmail versions 6.2.4 and earlier can be crashed by sending a specially-crafted email to a fetchmail user. This problem occurs because Fetchmail does not...
CVE-2003-0792
Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service crash via a certain email...
CVE-2003-0792
Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service crash via a certain email...
File 3.x - Utility Local Memory Allocation
File 3.x - Utility Local Memory Allocation // source: https://www.securityfocus.com/bid/7009/info It has been reported that a memory allocation issue exists the file program. Although details of this issue are currently unavailable, it is likely that this issue could be exploited to cause a denia...
File 3.x - Utility Local Memory Allocation
// source: https://www.securityfocus.com/bid/7009/info It has been reported that a memory allocation issue exists the file program. Although details of this issue are currently unavailable, it is likely that this issue could be exploited to cause a denial of service condition, and potentially...
Cyrus SASL library buffer overflows
These overflows are found at least in version 2.1.9, none of them are present in 1.5.28. 2.1.10 was just released which fixed the problems. Note that besides the Cyrus project itself, the SASL library is also used by Postfix-TLS patch, OpenLDAP and probably some other servers. Problem 1 ---------...
RUS-CERT Advisory 2002-08:02: Flaw in calloc and similar routines
Flaw in calloc and similar routines Integer overflow can occur during the computation of the memory region size by calloc and similar functions. As a result, the function returns a buffer which is too small, possibly resulting in a subsequent buffer overflow. Who Should Read This Document This...
suid xman 3.1.6 overflows
xman from at least X11R6-contrib-3.3.2-3.i386.rpm suffers from a classic overflow [email protected] is noted as the packager of this RPM. I do not know the author. root@linux lib ls -al which xman -rwxr-sr-x 1 root man 41076 Jun 17 1998 /usr/X11R6/bin/xman root@linux lib xman root@linux li...
buffer overflow in libsecure (NSA Security-enhanced Linux)
Recently the U.S. National Security Agency released a distribution called Security-enhanced Linux see http://www.nsa.gov/selinux/. This includes a modified version of the kernel and some utilities that provide a new mandatory access control architecture for Linux. The most recent version that...
[pkc] remote heap buffer overflow in oops
pkc001.txt --- Packet Knights Advisory 001 --- http://www.pkcrew.org Author : |CyRaX| [email protected] Application : Oops proxy server 1.4.22 1.4.6 and maybe prior Type: heap buffer overflow --- The problem --- Function listparser in ftputils.c : line is the line sent by the ftp server in result ...
fts.find.du.bsd.txt
Date: Wed, 12 May 1999 14:32:42 +0400 From: Stas Kisel To: [email protected] Subject: fts, du, find Hi. I use FreeBSD-2.2.8 and FreeBSD-2.2.7 and I know that these versions are no longer supported, but: 1. There are many people still using 2.2 2. This bug probably applies to FreeBSD-3.1 and ev...
AIX 4.2 - '/usr/dt/bin/dtterm' Local Buffer Overflow
include include include char prog100="/usr/dt/bin/dtterm"; char prog230="dtterm"; extern int execv; char createvarchar name,char value char c; int l; l=strlenname+strlenvalue+4; if ! c=mallocl perror"error allocating";exit2;; strcpyc,name; strcatc,"="; strcatc,value; putenvc; return c; /The...