4205 matches found
NetBSD Security Advisory 2002-012: buffer overrun in setlocale
-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2002-012 ================================= Topic: buffer overrun in setlocale Severity: local root exploit if X11 xterm is installed. Version: NetBSD-current: source prior to August 8, 2002 NetBSD-1.6 beta:source prior to August 8, 2002...
NetBSD Security Advisory 2002-018: Multiple security isses with kfd daemon
-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2002-018 ================================= Topic: Multiple security isses with kfd daemon Version: NetBSD-current: source prior to September 10, 2002 NetBSD 1.6: affected NetBSD-1.5.3: affected NetBSD-1.5.2: affected NetBSD-1.5.1: affect...
Multiple NetBSD Security Advisories Released/Updated
-----BEGIN PGP SIGNED MESSAGE----- With the release of NetBSD 1.6, the NetBSD project is publishing a batch of Security Advisories some of which are updates, as follows: 2002-006 buffer overrun in libc/libresolv DNS resolver x 2002-007 Repeated TIOCSCTTY ioctl can corrupt session hold counts x...
Cisco VPN 5000 Client - Buffer Overrun (2)
// source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed setuid root by default. Malicious...
Cisco VPN 5000 Client - Buffer Overrun (1)
// source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed setuid root by default. Malicious...
Microsoft Terminal Server Client Buffer Overrun (A082802-1)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Microsoft Terminal Server Client Buffer Overrun Release Date: 08/28/2002 Application: Microsoft Terminal Server ActiveX Client v5.02221.1 Platform: Windows 95/98/NT 4.0/2000/XP Severity:...
Security Bulletin MS02-047: Cumulative Patch for Internet Explorer (Q323759)
---------------------------------------------------------------------- Title: Cumulative Patch for Internet Explorer Q323759 Date: 22 August 2002 Software: Internet Explorer Impact: Six new vulnerabilities, the most serious of which could enable an attacker to execute commands on a user's system...
Security Bulletin MS02-046: Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution (Q327521)
---------------------------------------------------------------------- Title: Buffer Overrun in TSAC ActiveX Control Could Allow Code Execution Q327521 Date: 22 August 2002 Software: Microsoft Terminal Services Advanced Client TSAC ActiveX control, which can be installed on any Windows system...
More DBCC overruns SQL SEVER 2000
To compliment http://online.securityfocus.com/archive/1/284382/2002-07-20/2002-07-26/0 there also exists another two bufferoverruns. Although not documented on MS they are fixed in http://download.microsoft.com/download/SQLSVR2000/Patch/8.00.0667/W98NT4 2KMeXP/EN-US/8.00.0667enu.exe 1 DBCC...
Multiple Buffer Overflow vulnerabilities in SteelArrow (#NISR19082002B)
NGSSoftware Insight Security Research Advisory Name: Multiple Remote Buffer Overruns TOMAHAWKS' STEELARROW Systems Affected: WinNT, Win2K Not tested on other platforms Severity: High Risk Category: Remote System Buffer Overrun Vendor URL: http://www.tomahawk.com Author: Mark Litchfield...
Security Bulletin MS02-041: Unchecked Buffer in Content Management Server Could Enable Server Compromise (Q326075)
---------------------------------------------------------------------- Title: Unchecked Buffer in Content Management Server Could Enable Server Compromise Q326075 Date: 07 August 2002 Software: Microsoft Content Management Server Impact: Three vulnerabilities, the most serious of which could...
Microsoft SQL Server 2000,7 OpenRowSet Buffer Overflow vulnerability (#NISR02072002)
NGSSoftware Insight Security Research Advisory Name: OpenRowSet Buffer Overflows Systems: Microsoft SQL Server 2000 and 7, all Service Packs Severity: High Risk Category: Remote Buffer Overrun Vulnerability Vendor URL: http://www.microsoft.com/ Author: David Litchfield [email protected]...
Winhelp32 Remote Buffer Overrun
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NGSSoftware Insight Security Research Advisory Name: Winhlp32.exe Remote BufferOverrun Systems Affected: Win2K Platform Severity: Critical Category: Remote Buffer Overrun Vendor URL: http://www.mircosoft.com Author: Mark Litchfield [email protected]...
Microsoft SQL Server 2000 Unauthenticated System Compromise (#NISR25072002)
NGSSoftware Insight Security Research Advisory Name: Unauthenticated Remote Compromise in MS SQL Server 2000 Systems: Microsoft SQL Server 2000, all Service Packs Severity: Critical/Very High Risk. Category: Remote Buffer Overrun Vulnerability Vendor URL: http://www.microsoft.com/ Author: David...
Security Bulletin MS02-038: Cumulative Patch for SQL Server 2000 Service Pack 2 (Q316333)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Cumulative Patch for SQL Server 2000 Service Pack 2 Q316333 Date: 24 July 2002 Software: Microsoft SQL Server 2000, Microsoft Desktop Engine MSDE 2000 Impact: Two vulnerabilities, bo...
Security Bulletin MS02-037: Server Response To SMTP Client EHLO Command Results In Buffer Overrun (Q326322)
---------------------------------------------------------------------- Title: Server Response To SMTP Client EHLO Command Results In Buffer Overrun Q326322 Date: 24 July 2002 Software: Microsoft Exchange 5.5 Impact: Ability to run arbitrary code Max Risk: Medium Bulletin: MS02-037 Microsoft...
Security Bulletin MS02-034: Cumulative Patch for SQL Server (Q316333)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Cumulative Patch for SQL Server Q316333 Date: 10 July 2002 Software: SQL Server 2000 Impact: Elevation of privilege Max Risk: Moderate Bulletin: MS02-034 Microsoft encourages custome...
Remotely Exploitable Buffer Overruns in Microsoft's Commerce Server 2000/2 (#NISRNISR03062002)
NGSSoftware Insight Security Research Advisory Name: Microsoft Commerce Server 2000 & Commerce Server 2002 Systems Affected: WinNT, Win2K, XP Severity: High Risk Category: Buffer Overrun & Command Execution Vendor URL: http://www.microsoft.com/ Authors: Mark Litchfield [email protected] & Davi...
NetBSD Security Advisory 2002-006: buffer overrun in libc DNS resolver
-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2002-006 ================================= Topic: buffer overrun in libc DNS resolver Version: NetBSD-current: source prior to June 26, 2002 NetBSD-1.6 beta:source prior to June 26, 2002 NetBSD-1.5.2: affected NetBSD-1.5.1: affected...
Apache 1.x2.0.x - Chunked-Encoding Memory Corruption (1)
Apache 1.x2.0.x - Chunked-Encoding Memory Corruption 1 // source: https://www.securityfocus.com/bid/5033/info When processing requests coded with the 'Chunked Encoding' mechanism, Apache fails to properly calculate required buffer sizes. This is believed to be due to improper signed interpretatio...