Ubuntu 6.06 LTS / 7.04 / 7.10 / 8.04 LTS : samba vulnerabilities (USN-617-1)

Samba developers discovered that nmbd could be made to overrun a buffer during the processing of GETDC logon server requests. When samba is configured as a Primary or Backup Domain Controller, a remote attacker could send malicious logon requests and possibly cause a denial of service...

[SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure when parsing SMB responses == can result in a buffer overrun == == CVE ID: CVE-2008-1105 == == Versions: Samba 3.0.0 - 3.0.29 inclusive == == Summary:...

Security Best Practice: Get Yourself Familiar with the Header Rejection Tool

Web servers and applications parse not only the URL, but also the rest of the HTTP header data. Wrong parsing can lead to buffer overrun attacks and other vulnerabilities. Some exploits use the HTTP headers to cause damage. The exploit can be carried in standard headers the Host header for exampl...

Trillian AIM.DLL Long HTML Font Parameter Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Trillian. User interaction is required to exploit this vulnerability in that the target must open a malicious image file. The specific flaws exists during the parsing of messages with overly long...

Debian DSA-1567-1 : blender - buffer overrun

Stefan Cornelius discovered a vulnerability in the Radiance High Dynamic Range HDR image parser in Blender, a 3D modelling application. The weakness could enable a stack-based buffer overflow and the execution of arbitrary code if a maliciously-crafted HDR file is opened, or if a directory...

kernel security and bug fix update

kernel-2.4.21-57.0.0.0.1.EL - add directio support for qla drivers herb ora 6346849 - support PT Quad card ora 5751043 - ora 5088963: io to nfs partition hangs - add entropy for bnx2 nic ora 5931647 - avoid large allocation-fragmentation in MTU zab - fix clear highpage wli kernel-2.4.21-57.EL -...

[SECURITY] [DSA 1567-1] New blender packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1567-1 [email protected] http://www.debian.org/security/ Devin Carraway May 05, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1567-1] New blender packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1567-1 [email protected] http://www.debian.org/security/ Devin Carraway May 05, 2008 http://www.debian.org/security/faq -...

subedit-poc.txt

/===Subedit Player build 4066 subtitle BoF vulnerability=========| | | SubEdit Player is a very popular player and subtitles | editor in Poland. It does not perform any boundery checks | on supplied subtitles. This causes buffer overrun and | throwing access violation exception on group of...

Debian Security Advisory DSA 1539-1 (mapserver)

The remote host is missing an update to mapserver announced via advisory DSA 1539-1. OpenVAS Vulnerability Test $Id: deb15391.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1539-1 mapserver Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian: Security Advisory (DSA-1539-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-1538-1 : alsaplayer - buffer overrun

Erik Sjolund discovered a buffer overflow vulnerability in the Ogg Vorbis input plugin of the alsaplayer audio playback application. Successful exploitation of this vulnerability through the opening of a maliciously crafted Vorbis file could lead to the execution of arbitrary code. %NASLMINLEVEL...

Debian DSA-1539-1 : mapserver - several vulnerabilities

Chris Schmidt and Daniel Morissette discovered two vulnerabilities in mapserver, a development environment for spatial and mapping applications. The Common Vulnerabilities and Exposures project identifies the following two problems : - CVE-2007-4542 Lack of input sanitizing and output escaping in...

[SECURITY] [DSA 1539-1] New mapserver packages fix multiple vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1539-1 [email protected] http://www.debian.org/security/ Devin Carraway April 04, 2008 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1538-1] New alsaplayer packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1538-1 [email protected] http://www.debian.org/security/ Devin Carraway April 04, 2008 http://www.debian.org/security/faq -...

DSA-1539-1 mapserver - multiple vulnerabilities

Bulletin has no description...

Debian Security Advisory DSA 349-1 (nfs-utils)

The remote host is missing an update to nfs-utils announced via advisory DSA 349-1. OpenVAS Vulnerability Test $Id: deb3491.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 349-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 266-1 (krb5)

The remote host is missing an update to krb5 announced via advisory DSA 266-1. OpenVAS Vulnerability Test $Id: deb2661.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 266-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 209-1 (wget)

The remote host is missing an update to wget announced via advisory DSA 209-1. OpenVAS Vulnerability Test $Id: deb2091.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 209-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Debian Security Advisory DSA 213-1 (libpng, libpng3)

The remote host is missing an update to libpng, libpng3 announced via advisory DSA 213-1. OpenVAS Vulnerability Test $Id: deb2131.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 213-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...