cfengine AuthenticationDialogue vulnerability

Cfengine is running on this remote host. cfengine cfservd is reported prone to a remote heap-based buffer overrun vulnerability. The vulnerability presents itself in the cfengine cfservd AuthenticationDialogue function. The issue exists due to a lack of sufficient boundary checks performed on...

cfengine CFServD transaction packet buffer overrun vulnerability

Cfengine is running on this remote host. This version is prone to a stack-based buffer overrun vulnerability. An attacker, exploiting this flaw, would need network access to the server as well as the ability to send a crafted transaction packet to the cfservd process. A successful exploitation of...

IMC SMTP EHLO Buffer Overrun

A security vulnerability results because of an unchecked buffer in the IMC code that generates the response to the EHLO protocol command. If the buffer were overrun with data it would result in either the failure of the IMC or could allow the attacker to run code in the security context of the IM...

Unchecked Buffer in XP Shell Could Enable System Compromise (329390)

It is possible for a malicious user to mount a buffer overrun attack using windows XP shell. A successful attack could have the effect of either causing the Windows Shell to fail, or causing an attacker's code to run on the user's computer in the security context of the user. Maximum Severity...

cfengine CFServD transaction packet buffer overrun vulnerability

Cfengine is running on this remote host. This version is prone to a stack-based buffer overrun vulnerability. An attacker, exploiting this flaw, would need network access to the server as well as the ability to send a crafted transaction packet to the cfservd process. A successful exploitation of...

bogofilter -- heap corruption through excessively long words

Matthias Andree reports: Bogofilter's/bogolexer's input handling in version 0.96.2 was not keeping track of its output buffers properly and could overrun a heap buffer if the input contained words whose length exceeded 16,384 bytes, the size of flex's input buffer. A "word" here refers to a...

pwnzilla.txt

/ SSSSSSS, SSSSSSS' PwnZilla 5 - One sploit fits all. FireFox optimized iSY iS; .sS Exploit for IDN host name heap buffer overrun in .SSSSSSS .sS Mozilla browsers FireFox, Mozilla and Netscape iS; .sS Copyright C 2003-2005 by Berend-Jan Wever. .SS sSSSSSSP Official release:...

Mozilla Browsers 0xAD (HOST:) Remote Heap Buffer Overrun Exploit (v2)

No description provided by source. HTMLSCRIPT / SSSSSSS, SSSSSSS' PwnZilla 5 - One sploit fits all. FireFox optimized iSY iS; .sS Exploit for IDN host name heap buffer overrun in .SSSSSSS .sS Mozilla browsers FireFox, Mozilla and Netscape iS; .sS Copyright C 2003-2005 by Berend-Jan Wever. .SS...

Mozilla Browsers - 0xAD (HOST:) Remote Heap Buffer Overrun (2)

Mozilla Browsers - 0xAD HOST: Remote Heap Buffer Overrun 2 / SSSSSSS, SSSSSSS' PwnZilla 5 - One sploit fits all. FireFox optimized iSY iS; .sS Exploit for IDN host name heap buffer overrun in .SSSSSSS .sS Mozilla browsers FireFox, Mozilla and Netscape iS; .sS Copyright C 2003-2005 by Berend-Jan...

Mozilla Browsers - 0xAD (HOST:) Remote Heap Buffer Overrun (2)

/ SSSSSSS, SSSSSSS' PwnZilla 5 - One sploit fits all. FireFox optimized iSY iS; .sS Exploit for IDN host name heap buffer overrun in .SSSSSSS .sS Mozilla browsers FireFox, Mozilla and Netscape iS; .sS Copyright C 2003-2005 by Berend-Jan Wever. .SS sSSSSSSP Official release:...

Fedora Core 3 : postgresql-7.4.7-3.FC3.1 (2005-157)

Mon Feb 21 2005 Tom Lane 7.4.7-3.FC3.1 - Work around selinux EOF problem during initdb bug 149237. - Repair improper error message in init script when PGVERSION doesn't match. - Arrange for auto update of version embedded in init script. - Fix improper call of strerrorr, which leads to junk error...

[NEWS] Apache ssl_callback_SSLVerify_CRL DoS

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

fetchmail security announcement fetchmail-SA-2005-01

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 fetchmail-SA-2005-01: security announcement Topic: remote code injection vulnerability in fetchmail Author: Matthias Andree Version: 1.02 Announced: 2005-07-21 Type: buffer overrun/stack corruption/code injection Impact: account or system compromise...

FreeBSD : smbd -- buffer-overrun vulnerability (f3d3f621-38d8-11d9-8fff-000c6e8f12ef)

Caused by improper bounds checking of certain trans2 requests, there is a possible buffer overrun in smbd. The attacker needs to be able to create files with very specific Unicode filenames on the share to take advantage of this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

Slackware 10.0 / 10.1 / 8.1 / 9.0 / 9.1 / current : infozip (SSA:2005-121-01)

New infozip zip/unzip packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, and -current to fix security issues. - From the www.info-zip.org site: Zip 2.3 and presumably all previous versions have a buffer- overrun vulnerability relating to deep directory paths that could potentially le...

zlib: Buffer overflow

Background zlib is a widely used free and patent unencumbered data compression library. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a buffer overflow in zlib. A bounds checking operation failed to take invalid data into account, allowing a specifically malformed...

Microsoft Windows GDI JPEG Processing Buffer Overrun (MS04-028; CVE-2004-0200)

...

SUSE-SA:2005:009: cyrus-imapd

The remote host is missing the patch for the advisory SUSE-SA:2005:009 cyrus-imapd. This update fixes one-byte buffer overruns in the cyrus-imapd IMAP server package. Several overruns were fixed in the IMAP annote extension as well as in cached header handling which can be run by an authenticated...

Bontago Game Server 1.1 - Remote Nickname Buffer Overrun

Bontago Game Server 1.1 - Remote Nickname Buffer Overrun source: https://www.securityfocus.com/bid/12603/info The Bontago game server is reported to be affected by a remote buffer overrun vulnerability. The issue is reported to exist due to a lack of sufficient boundary checks performed on...

Bontago Game Server 1.1 - Remote Nickname Buffer Overrun

source: https://www.securityfocus.com/bid/12603/info The Bontago game server is reported to be affected by a remote buffer overrun vulnerability. The issue is reported to exist due to a lack of sufficient boundary checks performed on client-supplied 'nickname' values. It is conjectured that a...