CVE-2009-2281

MapServer is vulnerable to a heap-based buffer overflow in readPostBody of cgiutil.c. The issue affects MapServer 4.x up to 4.10.4 and 5.x up to 5.4.1 (before 5.4.2), due to an integer overflow that can be triggered by a crafted Content-Length header or a large HTTP request. This results in arbit...

openSUSE 10 Security Update : libapr-util1 (libapr-util1-6288)

This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in applications using APR WebDAV for example CVE-2009-1955. Additionally a one byte buffer overflow in function aprbrigadevprintf CVE-2009-1956 and buffer underflow...

SuSE 11 Security Update : libtiff3 (SAT Patch Number 1069)

This update of libtiff fixes a buffer underflow in LZWDecodeCompat. CVE-2009-2285 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...

SuSE 10 Security Update : libapr-util1 (ZYPP Patch Number 6289)

This update of libapr-util1 fixes a memory consumption bug in the XML parser that can cause a remote denial-of-service vulnerability in applications using APR WebDAV for example CVE-2009-1955. Additionally a one byte buffer overflow in function aprbrigadevprintf CVE-2009-1956 and buffer underflow...

SuSE9 Security Update : libtiff (YOU Patch Number 12448)

This update of libtiff fixes a buffer underflow in LZWDecodeCompat. CVE-2009-2285 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41311; scriptversion"1.8";...

SuSE 10 Security Update : libtiff (ZYPP Patch Number 6337)

This update of libtiff fixes a buffer underflow in LZWDecodeCompat. CVE-2009-2285 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41552; scriptversion"1.11";...

SuSE9 Security Update : libtiff (YOU Patch Number 12229)

A buffer underflow CVE-2008-2327 has been fixed in libtiff. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41236; scriptversion"1.8";...

Gentoo Security Advisory GLSA 200909-18 (nginx)

The remote host is missing updates announced in advisory GLSA 200909-18. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...

Gentoo Security Advisory GLSA 200909-18 (nginx)

The remote host is missing updates announced in advisory GLSA 200909-18. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

GLSA-200909-18 : nginx: Remote execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200909-18 nginx: Remote execution of arbitrary code Chris Ries reported a heap-based buffer underflow in the ngxhttpparsecomplexuri function in http/ngxhttpparse.c when parsing the request URI. Impact : A remote attacker might sen...

nginx: Remote execution of arbitrary code

Background nginx is a robust, small and high performance HTTP and reverse proxy server. Description Chris Ries reported a heap-based buffer underflow in the ngxhttpparsecomplexuri function in http/ngxhttpparse.c when parsing the request URI. Impact A remote attacker might send a specially crafted...

CVE-2009-2629

Buffer underflow in src/http/ngxhttpparse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests...

CVE-2009-2629

Buffer underflow in src/http/ngxhttpparse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests...

CVE-2009-2629

Buffer underflow in src/http/ngxhttpparse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests...

DEBIAN-CVE-2009-2629

Buffer underflow in src/http/ngxhttpparse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests...

CVE-2009-2629

Buffer underflow in src/http/ngxhttpparse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests...

CVE-2009-2629

Buffer underflow in src/http/ngxhttpparse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests...

CVE-2009-2629

CVE-2009-2629 affects the nginx HTTP server, originating from a buffer underflow in ngx_http_parse.c used when processing request URIs. Public sources in the provided documents specify that versions 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 are vulner...

Buffer underflow vulnerability

Buffer underflow vulnerability Severity: major CVE-2009-2629 Not vulnerable: 0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+ Vulnerable: 0.1.0-0.8.14...

Debian: Security Advisory (DSA-1884-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...