1447 matches found
Ubuntu 5.10 / 6.06 LTS / 6.10 : php5 vulnerabilities (USN-424-1)
Multiple buffer overflows have been discovered in various PHP modules. If a PHP application processes untrusted data with functions of the session or zip module, or various string functions, a remote attacker could exploit this to execute arbitrary code with the privileges of the web server...
openssl: SSL_get_shared_ciphers() off-by-one
Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...
Buffer overflow
Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...
CVE-2007-5135
Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...
CVE-2007-5135
Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...
CVE-2007-5135
Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...
CVE-2007-5135
Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...
CVE-2007-5135
The CVE-2007-5135 vulnerability is an off-by-one buffer overflow in OpenSSL SSL_get_shared_ciphers() affecting OpenSSL 0.9.7 up to 0.9.7l and 0.9.8 up to 0.9.8f. A crafted cipher-list could allow a remote attacker to trigger a one-byte underflow and potentially execute arbitrary code. Public advi...
CVE-2007-5135
Off-by-one error in the SSLgetsharedciphers function in OpenSSL 0.9.7 up to 0.9.7l, and 0.9.8 up to 0.9.8f, might allow remote attackers to execute arbitrary code via a crafted packet that triggers a one-byte buffer underflow. NOTE: this issue was introduced as a result of a fix for CVE-2006-3738...
CVE-2002-2227
Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service memory corruption via a crafted SSLv2 challenge value...
CVE-2002-2227
CVE-2002-2227 affects ssldump up to version 0.9b2, where a buffer underflow in SSLv2 challenge handling allows a remote attacker to trigger memory corruption and cause a denial of service . Exploitation is remote and depends on sending a crafted SSLv2 challenge value. Impact is described as memor...
CVE-2007-4580
Buffer underflow in redlight.sys (BufferZone 2.1–2.5) can be triggered by sending a small buffer size value to the FsSetVolumeInformation IOCTL handler with a large FsSetDirectoryInformation subcode, leading to a denial of service and potentially arbitrary code execution on local access. Affected...
CVE-2007-4580
Buffer underflow in redlight.sys in BufferZone 2.1 and 2.5 allows local users to cause a denial of service crash and possibly execute arbitrary code by sending a small buffer size value to the FsSetVolumeInformation IOCTL handler code with a FsSetDirectoryInformation subcode containing a large...
PT-2007-5741 · Trustwave · Bufferzone
Name of the Vulnerable Software and Affected Versions: BufferZone versions 2.1 through 2.5 Description: The issue is related to a buffer underflow in the redlight.sys component. It can be triggered by sending a small buffer size value to the FsSetVolumeInformation IOCTL handler code with a...
PHP 5.2.0 header() Space Trimming Buffer Underflow Exploit (MacOSX)
No description provided by source. ?php //////////////////////////////////////////////////////////////////////// // // // | || | | | | | | | || || // // | |/ || '|/ |/ -| ' / -/ |||| /| || / //...
MOPB-25-2007:PHP header() Space Trimming Buffer Underflow Vulnerability
Summary Since PHP 5.2.0 there is a new memory manager that allows exploiting of even one byte underflow vulnerabilities like the one described by this advisory. When an all whitespace string is passed to the header function this can result in a buffer underflow that allows code execution on atlea...
CVE-2007-1584
Buffer underflow in the header function in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by passing an all-whitespace string to this function, which causes it to write '\0' characters in whitespace that precedes the string...
CVE-2007-1584
Buffer underflow in the header function in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by passing an all-whitespace string to this function, which causes it to write '\0' characters in whitespace that precedes the string...
CVE-2007-1584
Buffer underflow in the header function in PHP 5.2.0 allows context-dependent attackers to execute arbitrary code by passing an all-whitespace string to this function, which causes it to write '\0' characters in whitespace that precedes the string...
CVE-2007-1584
CVE-2007-1584 describes a buffer underflow in PHP 5.2.0's header function that allows a context‑dependent attacker to execute arbitrary code by supplying an all‑whitespace string. The vulnerability is triggered when whitespace precedes the string and '�' characters are written due to the underflo...