1901 matches found
USN-584-1: OpenLDAP vulnerabilities
Jonathan Clarke discovered that the OpenLDAP slapd server did not properly handle modify requests when using the Berkeley DB backend and specifying the NOOP control. An authenticated user with modify permissions could send a crafted modify request and cause a denial of service via application...
[SECURITY] Fedora 8 Update: cups-1.3.6-2.fc8
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces...
compat, openldap security update
CentOS Errata and Security Advisory CESA-2008:0110 Updated openldap packages that fix security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenLDAP is an open source suite of...
Moderate: Red Hat Security Advisory: openldap security update
Updated openldap packages that fix security issues are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenLDAP is an open source suite of Lightweight Directory Access Protocol LDAP applicatio...
openldap: slapd crash on NOOP control operation on entry in bdb storage
The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service crash via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerability...
CVE-2007-6698
The BDB backend for slapd in OpenLDAP before 2.3.36 allows remote authenticated users to cause a denial of service crash via a potentially-successful modify operation with the NOOP control set to critical, possibly due to a double free vulnerability...
Debian Security Advisory DSA 196-1 (bind)
The remote host is missing an update to bind announced via advisory DSA 196-1. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...
Unfixed XSS vulnerability at www.ocf.berkeley.edu
Security researcher SeeD, has submitted on 11/12/2007 a cross-site-scripting XSS vulnerability affecting www.ocf.berkeley.edu, which at the time of submission ranked 1751 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 16/12/2007. It is current...
[SECURITY] Fedora 7 Update: cups-1.2.12-6.fc7
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces...
Sniffit sniff of installation and use description(linux)-bug warning-the black bar safety net
Sniffit is by the Lawrence Berkeley Laboratory developed, can be in Linux, Solaris, SGI, etc. a variety of platforms running the network Network monitoring software, it is mainly for the TCP/IP Protocol insecurity for running the Protocol of the machine is listening-and, of course, the packet mus...
[SECURITY] Fedora Core 6 Update: cups-1.2.12-4.fc6
The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces...
Solaris finger bug
Hi all: Recently, we monitored a cracker from Eastern Europe, who ran 'finger 9@host' against a Solaris 7 box, and got the following result: Login Name TTY Idle When Where daemon ??? . . . . bin ??? pts/1 Oct 2, 2002 xxx.lbl.gov sys ??? . . . . account1 ??? pts/8 Jul 20, 2000 yyy.lbl.gov account2...
[SECURITY] Fedora 7 Update: bind-9.4.1-7.P1.fc7
BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves host names to IP addresses; a resolver library routines for applications to use when interfacing with DNS; and tools for verifying that the DNS server ...
Moderate: Red Hat Security Advisory: bind security update
Updated bind packages that fix a security issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. ISC BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. A flaw was found in the way...
[SECURITY] [DSA 1172-1] New bind9 packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1172-1 [email protected] http://www.debian.org/security/ Martin Schulze September 9th, 2006 http://www.debian.org/security/faq -...
security flaw
The cryptgensalt functions for BSDI-style extended DES-based and FreeBSD-sytle MD5-based password hashes in cryptblowfish 0.4.7 and earlier do not evenly and randomly distribute salts, which makes it easier for attackers to guess passwords from a stolen password file due to the increased number o...
DEBIAN-CVE-2006-1539
Multiple buffer overflows in the checkscores function in scores.c in tetris-bsd in bsd-games before 2.17-r1 in Gentoo Linux might allow local users with games group membership to gain privileges by modifying tetris-bsd.scores to contain crafted executable content, which is executed when another...
GLSA-200510-02 : Berkeley MPEG Tools: Multiple insecure temporary files
The remote host is affected by the vulnerability described in GLSA-200510-02 Berkeley MPEG Tools: Multiple insecure temporary files Mike Frysinger of the Gentoo Security Team discovered that mpegencode and the conversion utilities were creating temporary files with predictable or fixed filenames...
Berkeley MPEG Tools: Multiple insecure temporary files
Background The Berkeley MPEG Tools are a collection of utilities for manipulating MPEG video technology, including an encoder mpegencode and various conversion utilities. Description Mike Frysinger of the Gentoo Security Team discovered that mpegencode and the conversion utilities were creating...
[Full-disclosure] [ GLSA 200510-02 ] Berkeley MPEG Tools: Multiple insecure temporary files
Gentoo Linux Security Advisory GLSA 200510-02 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...