Vulnerability in contrib module (CVE-2010-4015)

An authenticated database user can cause a buffer overrun by calling functions from the intarray optional module with certain parameters...

maradns -- denial of service when resolving a long DNS hostname

MaraDNS developer Sam Trenholme reports: ... a mistake in allocating an array of integers, allocating it in bytes instead of sizeofint units. This resulted in a buffer being too small, allowing it to be overwritten. The impact of this programming error is that MaraDNS can be crashed by sending...

SuSE 11.1 Security Update : libopenssl (SAT Patch Number 3539)

The following issue has been fixed : - Multithreaded OpenSSL servers using the TLS server extension were vulnerable to a buffer overrun attack. CVE-2010-3864 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

Microsoft Graphics Filters CGM Image Converter Buffer Overrun (MS10-105; CVE-2010-3945; CVE-2012-2524)

Computer Graphics Metafile CGM is a free and open international standard file format for 2D vector graphics, raster graphics, and text. A remote code execution vulnerability has been discovered in the way that Microsoft Office allocates buffer size when handling CGM image files. The vulnerability...

SuSE 11 Security Update : libopenssl (SAT Patch Number 3509)

The following issue has been fixed : - Multithreaded OpenSSL servers using the TLS server extension were vulnerable to a buffer overrun attack. CVE-2010-3864 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...

SuSE 11 Security Update : (SAT Patch Number 2544)

This update of the Samba server package fixes the following security issues : - A buffer overrun was possible in chainreply code in 3.3.x and below, which could be used to crash the samba server or potentially execute code. CVE-2010-2063 - Take extra care that a mount point of mount.cifs does not...

DSA-2125-1 openssl - buffer overflow

Bulletin has no description...

FreeBSD : openssl -- TLS extension parsing race condition (3042c33a-f237-11df-9d02-0018fe623f2b)

OpenSSL Team reports : Rob Hulswit has found a flaw in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack. Any OpenSSL based TLS server is vulnerable if it is multi-threaded and uses OpenSSL's internal caching mechanism. Servers tha...

Vulnerability in OpenSSL CVE-2010-3864

A flaw in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack. Any OpenSSL based TLS server is vulnerable if it is multi-threaded and uses OpenSSL’s internal caching mechanism. Servers that are multi-process and/or disable internal...

SuSE 10 Security Update : Samba (ZYPP Patch Number 7072)

This update of the Samba server package fixes the following security issues : - A buffer overrun was possible in chainreply code in 3.3.x and below, which could be used to crash the samba server or potentially execute code. CVE-2010-2063 - Take extra care that a mount point of mount.cifs does not...

openssl -- TLS extension parsing race condition

OpenSSL Team reports: Rob Hulswit has found a flaw in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack. Any OpenSSL based TLS server is vulnerable if it is multi-threaded and uses OpenSSL's internal caching mechanism. Servers that...

Samba Update Patches Serious Security Hole

Existing versions of Samba contain a serious security hole. Experts say: upgrade now. The Samba Team has published a software update to patch a stack overflow vulnerability that could allow attackers to push malicious code to vulnerable systems. The update, Version 3.5.5 was released on Tuesday a...

Buffer Overrun Vulnerability

Description All current released versions of Samba are vulnerable to a buffer overrun vulnerability. The sidparse function and related domsidparse function in the source4 code do not correctly check their input lengths when reading a binary representation of a Windows SID Security ID. This allows...

[Backports-security-announce] Security Update for git

Sebastian Harl uploaded new packages for git, a popular distributed revision control system, which fixed the following security problem: CVE-2010-2542, Debian BTS 590026 A buffer overrun was found in the way Git sanitized path of a git directory. If a local attacker would create a specially-craft...

[Backports-security-announce] Security Update for git

Sebastian Harl uploaded new packages for git, a popular distributed revision control system, which fixed the following security problem: CVE-2010-2542, Debian BTS 590026 A buffer overrun was found in the way Git sanitized path of a git directory. If a local attacker would create a specially-craft...

Microsoft Visual Basic Document Properties Buffer Overrun (MS06-047; CVE-2006-3649)

Microsoft Visual Basic for Applications VBA is an implementation of Microsoft's Visual Basic which is built into all Microsoft Office applications, as well as some other Microsoft applications, such as Microsoft Visio and Microsoft Works Suite. Visual Basic VB is an event driven programming and...

SuSE Update for samba SUSE-SA:2010:025

Check for the Version of samba OpenVAS Vulnerability Test SuSE Update for samba SUSE-SA:2010:025 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

openSUSE Security Update : cifs-mount (openSUSE-SU-2010:0346-1)

"This update of the Samba server package fixes security issues and bugs. Following security issues were fixed: CVE-2010-2063: A buffer overrun was possible in chainreply code in 3.3.x and below, which could be used to crash the samba server or potentially execute code. CVE-2010-0787: Take extra...

SuSE9 Security Update : Samba (YOU Patch Number 12622)

This update of the Samba server package fixes the following security issue : - A buffer overrun was possible in chainreply code in 3.3.x and below, which could be used to crash the samba server or potentially execute code. CVE-2010-2063 Also, the following bug has been fixed : - An uninitialized...

openSUSE Security Update : cifs-mount (openSUSE-SU-2010:0346-1)

"This update of the Samba server package fixes security issues and bugs. Following security issues were fixed: CVE-2010-2063: A buffer overrun was possible in chainreply code in 3.3.x and below, which could be used to crash the samba server or potentially execute code. CVE-2010-0787: Take extra...