CVE-2010-3411

Removed by vendor...

Squid 3.1.6 DNS Reply Denial of Service

According to its banner, the version of the Squid proxy caching server installed on the remote host is 3.1.6. This version is affected by a denial of service vulnerability that is caused by an assertion failure when contacting IPv4-only DNS resolvers. Note that Nessus has relied only on the versi...

openSUSE Security Update : perl (openSUSE-SU-2010:0519-1)

perl Safe.pm module was affected by two problems where attackers could break out of such a safed execution. CVE-2010-1447 , CVE-2010-1168 This update fixes this problem. Also the following bugs were fixed : - fix tell cornercase bnc596167 - fix regex memory leak bnc557636 - also run h2ph on...

Microsoft Windows win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks

Microsoft Windows win32k!xxxRealDrawMenuItem missing HBITMAP bounds checks ---------------------------------------------------------------------------- Microsoft produce two builds of each of thier supported operating system, a checked build and a free build. The free build is intended for end...

avahi: assertion failure after receiving a packet with corrupted checksum

The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service assertion failure and daemon exit via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability...

CVE-2010-2244

The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service assertion failure and daemon exit via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability...

CVE-2010-2244

The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service assertion failure and daemon exit via a DNS packet with an invalid checksum followed by a DNS packet with a valid checksum, a different vulnerability...

CVE-2010-2596

The OJPEGPostDecode function in tifojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted TIFF image, related to "downsampled OJPEG input."...

CVE-2010-2596

The OJPEGPostDecode function in tifojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted TIFF image, related to "downsampled OJPEG input."...

Input validation

The OJPEGPostDecode function in tifojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service assertion failure and application exit via a crafted TIFF image, related to "downsampled OJPEG input."...

CVE-2010-2596

CVE-2010-2596 affects LibTIFF: the OJPEGPostDecode function (tif_ojpeg.c) in LibTIFF 3.9.0 and 3.9.2, as used by tiff2ps, allows remote attackers to cause a denial of service via a crafted TIFF image (downsampled OJPEG input). Connected advisories confirm impact and fixes; upstream patches exist ...

Fedora 13 : krb5-1.7.1-7.fc13 (2010-4608)

A GSSAPI-authenticated service could be remotely forced to trigger an assertion failure by sending it certain invalid messages MITKRB5-SA-2010-002, CVE-2010-0628. The included patch for adding PAM support to the bundled FTP server contained a bug which would cause the service to crash if a client...

CVE-2010-1203

The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp...

Memory corruption

The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp...

CVE-2010-1203

The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors that trigger an assertion failure in jstracer.cpp...

TeamSpeak Server多个拒绝服务和绕过安全限制漏洞

BUGTRAQ ID: 40918 TeamSpeak是一种专门为网络游戏玩家设计的IP语音通信系统。 TeamSpeak服务器在执行通过UDP 9987端口所接收到的受限制命令时没有要求认证，用户可以非授权执行各种管理命令。以下是部分有漏洞命令的列表： banclient bandel channeladdperm/channeldelperm channelclientaddperm/channelclientdelperm channeldelete channeledit channelmove clientaddperm/clientdelperm clientdbdelete...

FreeBSD Ports: krb5

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

RedHat Update for squid RHSA-2010:0221-04

Check for the Version of squid OpenVAS Vulnerability Test RedHat Update for squid RHSA-2010:0221-04 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

squid: temporary DoS (assertion failure) triggered by truncated DNS packet (SQUID-2010:1)

lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial of service assertion failure via a crafted DNS packet that only contains a header...

CVE-2010-0628

The spnegogssacceptseccontext function in lib/gssapi/spnego/spnegomech.c in the SPNEGO GSS-API functionality in MIT Kerberos 5 aka krb5 1.7 before 1.7.2 and 1.8 before 1.8.1 allows remote attackers to cause a denial of service assertion failure and daemon crash via an invalid packet that triggers...