4206 matches found
DSA-2998-1 openssl - security update
Bulletin has no description...
Vulnerability in OpenSSL - SRP buffer overrun
A SRP buffer overrun was found. A malicious client or server can send invalid SRP parameters and overrun an internal buffer. Only applications which are explicitly set up for SRP use are affected. Found by Sean Devlin and Watson Ladd Cryptography Services, NCC Group...
qemu: virtio-scsi: buffer overrun on invalid state load
The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...
qemu: virtio: buffer overrun on incoming migration
Array index error in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image...
qemu: virtio-scsi: buffer overrun on invalid state load
The virtioscsiloadrequest function in hw/scsi/scsi-bus.c in QEMU before 1.7.2 might allow remote attackers to execute arbitrary code via a crafted savevm image, which triggers an out-of-bounds array access...
qemu: virtio: buffer overrun on incoming migration
Array index error in the virtioload function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary code via a crafted savevm image...
qemu: hw/pci/pcie_aer.c: buffer overrun on invalid state load
Buffer overflow in hw/pci/pcieaer.c in QEMU before 1.7.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large lognum value in a savevm image...
qemu-kvm security and bug fix update
1.5.3-60.el70.5 - kvm-Allow-mismatched-virtio-config-len.patch bz1095782 - Resolves: bz1095782 CVE-2014-0182 qemu-kvm: qemu: virtio: out-of-bounds buffer write on state load with invalid configlen rhel-7.0.z 1.5.3-60.el70.4 - kvm-zero-initialize-KVMSETGSIROUTING-input.patch bz1110693 -...
WinRAR 2.90/3.0/3.10 Archive File Extension Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6664/info A vulnerability has been discovered in WinRAR. The problem occurs when the affected application opens an archive containing a file with an overly long file extension. It has been reported that it is possible for...
Jordan Windows Telnet Server 1.0/1.2 Username Stack Based Buffer Overrun Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/9316/info Jordan Windows Telnet Server has been reported prone to a remote buffer overrun vulnerability. The issue has been reported to present itself when a username of excessive length is supplied to the Telnet server...
Zblast 1.2 - Local Username Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7836/info A vulnerability has been reported for zblast, an svgalib-based game. The problem occurs when copying data from a user-supplied environment variable into a static memory buffer. By storing excessive data within t...
Athttpd 0.4 b Remote GET Request Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8709/info Athttpd is said to be prone to a remote buffer overrun that could allow an attacker to execute arbitrary code. The problem occurs due to insufficient bounds checking when handling GET requests. As a result, an...
WebFS 1.x Long Pathname Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8726/info It has been discovered that WebFS is prone to a buffer overrun vulnerability when handling path names of excessive length. As a result, an attacker may be capable of triggering the condition and overwriting...
RedHat 4.x/5.x/6.x,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.x man Buffer Overrun (1)
No description provided by source. / source: http://www.securityfocus.com/bid/1011/info RedHat 4.0/4.1/4.2/5.0/5.1/5.2/6.0/6.2,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.2/4.4 man Buffer Overrun Vulnerability A buffer overflow exists in the implementation of the 'man' program shipped with...
RedHat Linux 4.2,SGI IRIX <= 6.3,Solaris <= 2.6 mailx Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/393/info A buffer overrun exists in the /bin/mailx program. This program was originally developed as part of BSD, and is available on many Unix systems. By supplying a long, well crafted buffer as the username argument, a...
Firebird 1.0 - Remote Pre-Authentication Database Name Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10446/info Firebird is reported prone to a remote buffer-overrun vulnerability. The issue occurs because the application fails to perform sufficient boundary checks when the database server is handling database names. A...
Cisco VPN 5000 Client Buffer Overrun Vulnerabilities (1)
No description provided by source. source: http://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed...
Boozt Standard 0.9.8 index.cgi Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6281/info A vulnerability has been discovered in Boozt. By passing a malicious parameter of excessive length to the index.cgi script, it is possible to overrun a buffer. This could be exploited by a remote attacker to...
Epic 1.0.1/1.0.x CTCP Nickname Server Message Buffer Overrun Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8999/info A remotely exploitable buffer overrun has been reported in Epic. This issue may reportedly be exploited by a malicious server that supplies an overly long nickname in a CTCP messages, potentially allowing for...
Cisco VPN 5000 Client Buffer Overrun Vulnerabilities (2)
No description provided by source. source: http://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed...