172 matches found
FreeBSD -- rpcbind(8) remote denial of service [REVISED]
Problem Description: In rpcbind8, netbuf structures are copied directly, which would result in two netbuf structures that reference to one shared address buffer. When one of the two netbuf structures is freed, access to the other netbuf structure would result in an undefined result that may crash...
PT-2019-5753 · Linux +5 · Linux Kernel +5
Name of the Vulnerable Software and Affected Versions: Linux Kernel versions 3.10.x through 4.18.x Description: The issue is related to the SCTP socket buffer used by a userspace application not being accounted for by the cgroups subsystem. This can be exploited to cause a denial of service attac...
CVE-2006-5174
CVE-2006-5174 concerns the Linux kernel 2.6 copy_from_user() implementation on s390/s390x where a local user could read kernel memory due to improper clearing of a kernel buffer. Affected platform: Linux kernel 2.6 before 2.6.19-rc1 on s390. The issue is an information leak (partial confidentiali...
War Times - Remote Game Server Denial of Service
source: https://www.securityfocus.com/bid/13652/info War Times is susceptible to a remote denial of service vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied network data prior to copying it into a fixed-size memory buffer. This vulnerability...
Convex 3D 0.8 - Buffer Overflow
Convex 3D 0.8 - Buffer Overflow source: https://www.securityfocus.com/bid/11995/info It is reported that Convex 3D is susceptible to a stack-based buffer overflow vulnerability. This issue is due to a failure of the application to properly check the bounds of user-supplied image data prior to...
Gamespy Software Development Kit - CD-Key Validation Buffer Overflow
source: https://www.securityfocus.com/bid/11881/info It has been reported that the GameSpy SDK is prone to a buffer overflow vulnerability in its CD-key validation functionality. This issue is due to a failure of the SDK to properly check the length of user-supplied network data prior to copying ...
CVE-2003-0143
The popmsg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name...
Microsoft Security Bulletin MS03-006: Flaw in Windows Me Help and Support Center Could Enable Code Execution (812709)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------- Title: Flaw in Windows Me Help and Support Center Could Enable Code Execution 812709 Date: 26 February, 2003 Software: Microsoft Windows Me Impact: Run Code of Attacker's Choice Max Risk: Critica...
Flood ACK packets cause AIX DoS
--------------------------------------------------------------------------- Title: Flood ACK packets cause AIX DoS. Released: 9th Oct 2002 --------------------------------------------------------------------------- Vulnerable: =========== - AIX version 4.3.3 with any ML - AIX 5 Overview: ========...
Security Bulletin MS01-023
---------------------------------------------------------------------- Title: Unchecked Buffer in ISAPI Extension Could Enable Compromise of IIS 5.0 Server Date: 01 May 2001 Software: Windows 2000 Server Windows 2000 Advanced Server Windows 2000 Datacenter Server Impact: Run code of attacker's...
Network Associates Webshield SMTP 4.5 - Invalid Outgoing Recipient Field Denial of Service
Network Associates Webshield SMTP 4.5 - Invalid Outgoing Recipient Field Denial of Service source: https://www.securityfocus.com/bid/1999/info Network Associates WebShield SMTP is an email virus scanner designed for internet gateways. In the event that WebShield SMTP receives an outgoing email...
qpopper.fgets.txt
Topic: unsafe fgets using in qpopper Software affected: qpopper 3.0 fc2, qpopper 2.53 and probably others Description: malicious user can remotely post message with spoofed or incorrect headers including "Received:" one and in some cases bypass virus checking. This can be used for sending trojans...