658 matches found
DEBIAN-CVE-2003-0775
saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service memory consumption or crash...
DEBIAN-CVE-2003-0778
saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service memory consumption...
CVE-2003-0775
saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service memory consumption or crash...
sane-backends multiple bugs
Multiple DoS conditions...
[SECURITY] [DSA 379-1] New sane-backends packages fix several vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 379-1 [email protected] http://www.debian.org/security/ Martin Schulze September 11th, 2003 http://www.debian.org/security/faq -...
CVE-2003-0776
CVE-2003-0776 affects the saned daemon in sane-backends (earlier than or equal to 1.0.7). The issue arises because saned does not validate RPC numbers before accessing parameters, enabling unintended behavior that can lead to reliability issues (and, per related advisories, remote exploitation sc...
CVE-2003-0777
The CVE-2003-0777 issue affects the sane-backends package (notably the saned daemon). When debug messages are enabled and a connection is dropped, strings may not be null-terminated, potentially triggering a segmentation fault (denial of service). Multiple advisories reference this family of prob...
CVE-2003-0775
CVE-2003-0775 affects sane-backends (notably the saned daemon) up to version 1.0.7 and earlier. The root cause is that saned mallocs memory based on a size value, which can be sent, or may be left unknown if the connection is dropped before the size is transmitted, enabling remote attackers to tr...
CVE-2003-0774
CVE-2003-0774 affects saned in sane-backends up to 1.0.7. The issue stems from poor handling of connection drops, allowing a remote attacker to trigger memory access after the wire buffer and cause a segmentation fault (DoS). Affected platforms include Debian, Red Hat, SuSE, Mandrake, and related...
CVE-2003-0777
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service segmentation fault...
CVE-2003-0774
saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service segmentation fault when invalid memory is accessed...
CVE-2003-0773
CVE-2003-0773 affects the sane-backends package (SANE) prior to version 1.0.7, where saned does not validate the IP address of the connecting host during the SANE_NET_INIT RPC. This allows remote attackers to access saned services even if saned.conf would restrict them. The issue is part of multi...
CVE-2003-0774
saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service segmentation fault when invalid memory is accessed...
CVE-2003-0777
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service segmentation fault...
CVE-2003-0775
saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service memory consumption or crash...
[SECURITY] [DSA 379-1] New sane-backends packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 379-1 [email protected] http://www.debian.org/security/ Martin Schulze September 11th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 379-1] New sane-backends packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 379-1 [email protected] http://www.debian.org/security/ Martin Schulze September 11th, 2003 http://www.debian.org/security/faq -...
DSA-379 sane-backends - several vulnerabilities
Bulletin has no description...