HP-UX PHSS_22407 : s700_800 11.00 OV NNM6.1 pmd exception/core dump

s700800 11.00 OV NNM6.1 pmd exception/core dump : The remote HP-UX host is affected by multiple vulnerabilities : - Java SNMP MIB Browser Object ID parsing problem. - ovalarmsrv buffer overrun potential. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in...

Setuid perl PerlIO_Debug() overflow

Exploit for linux platform in category local exploits =================================== Setuid perl PerlIODebug overflow =================================== / Copyright Kevin Finisterre Setuid perl PerlIODebug overflow Tested on Debian 3.1 perl-suid 5.8.4-5 11:07:20 corezion: who is tha man wit...

Setuid perl PerlIO_Debug() overflow

No description provided by source. / Copyright Kevin Finisterre Setuid perl PerlIODebug overflow Tested on Debian 3.1 perl-suid 5.8.4-5 11:07:20 corezion: who is tha man with tha masta plan? 11:07:36 corezion: a nigga with a buffer overrun 11:07:39 corezion: heh of course that is to the tune of...

Setuid perl - PerlIO_Debug() Local Overflow

Setuid perl - PerlIODebug Local Overflow / Copyright Kevin Finisterre Setuid perl PerlIODebug overflow Tested on Debian 3.1 perl-suid 5.8.4-5 11:07:20 corezion: who is tha man with tha masta plan? 11:07:36 corezion: a nigga with a buffer overrun 11:07:39 corezion: heh of course that is to the tun...

bind -- buffer overrun vulnerability

An ISC advisory reports a buffer overrun vulnerability within bind. The vulnerability could result in a Denial of Service. A workaround is available by disabling recursion and glue fetching...

Security fix for the ALT Linux 8 package cyrus-imapd version 2.2.9-alt1

Nov. 23, 2004 Alexei Takaseev 2.2.9-alt1 - 2.2.9 - This release implements several bugfixes, notably one where lmtpproxyd could reuse a freed connection, another involving a pre-authentication buffer overrun in "imap magic plus" support CAN-2004-1011 and lack of bounds checking in PARTIAL and...

Mandrake Linux Security Advisory : samba (MDKSA-2004:136)

Steffan Esser discovered that invalid bounds checking in reply to certain trans2 requests could result in a buffer overrun in smbd. This can only be exploited by a malicious user able to create files with very specific Unicode filenames on a samba share. The updated packages have been patched to...

[SAMBA] CAN-2004-0882: Possiebl Buffer Overrun in smbd

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Possible Buffer Overrun in smbd CVE : CAN-2004-0882 Affected Versions: Samba 3.0.x = 3.0.7 Summary: A possible buffer overrun in smbd could lead to code execution by a remote user Patch Availability - - ------------------ A patch for Samba...

smbd -- buffer-overrun vulnerability

Caused by improper bounds checking of certain trans2 requests, there is a possible buffer overrun in smbd. The attacker needs to be able to create files with very specific Unicode filenames on the share to take advantage of this issue...

Possible Buffer Overrun in smbd

Summary: A possible buffer overrun in smbd could lead to code execution by a remote user Patch Availability A patch for Samba 3.0.7 samba-3.0.7-CAN-2004-0882.patch is available from http://www.samba.org/samba/ftp/patches/security/. The patch has been signed with the "Samba Distribution Verificati...

Debian DSA-562-1 : mysql - several vulnerabilities

Several problems have been discovered in MySQL, a commonly used SQL database on Unix servers. The following problems have been identified by the Common Vulnerabilities and Exposures Project : - CAN-2004-0835 Oleksandr Byelkin noticed that ALTER TABLE ... RENAME checks CREATE/INSERT rights of the...

Mandrake Linux Security Advisory : MySQL (MDKSA-2004:119)

A number of problems have been discovered in the MySQL database server : Jeroen van Wolffelaar discovered an insecure temporary file vulnerability in the mysqlhotcopy script when using the scp method CVE-2004-0457. Oleksandr Byelkin discovered that the 'ALTER TABLE ... RENAME' would check the...

Important: Red Hat Security Advisory: mysql-server security update

An updated mysql-server package that fixes various security issues is now available in the Red Hat Enterprise Linux 3 Extras channel of Red Hat Network. MySQL is a multi-user, multi-threaded SQL database server. A number of security issues that affect the mysql-server package have been reported...

GLSA-200410-22 : MySQL: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200410-22 MySQL: Multiple vulnerabilities The following vulnerabilities were found and fixed in MySQL: Oleksandr Byelkin found that ALTER TABLE ... RENAME checks CREATE/INSERT rights of the old table instead of the new one...

MySQL: Multiple vulnerabilities

Background MySQL is a popular open-source, multi-threaded, multi-user SQL database server. Description The following vulnerabilities were found and fixed in MySQL: Oleksandr Byelkin found that ALTER TABLE ... RENAME checks CREATE/INSERT rights of the old table instead of the new one CAN-2004-0835...

RHEL 2.1 : mysql (RHSA-2004:597)

Updated mysql packages that fix various security issues, as well as a number of bugs, are now available for Red Hat Enterprise Linux 2.1. MySQL is a multi-user, multi-threaded SQL database server. A number security issues that affect the mysql server have been reported : Oleksandr Byelkin...

Important: Red Hat Security Advisory: mysql security update

Updated mysql packages that fix various security issues, as well as a number of bugs, are now available for Red Hat Enterprise Linux 2.1. MySQL is a multi-user, multi-threaded SQL database server. A number security issues that affect the mysql server have been reported: Oleksandr Byelkin discover...

MS04-031: Vulnerability in NetDDE Could Allow Code Execution (841533)

The remote version of Windows is affected by a vulnerability in Network Dynamic Data Exchange NetDDE. To exploit this flaw, NetDDE would have to be running and an attacker with a specific knowledge of the vulnerability would need to send a malformed NetDDE message to the remote host to overrun a...

Debian DSA-266-1 : krb5 - several vulnerabilities

Several vulnerabilities have been discovered in krb5, an implementation of MIT Kerberos. - A cryptographic weakness in version 4 of the Kerberos protocol allows an attacker to use a chosen-plaintext attack to impersonate any principal in a realm. Additional cryptographic weaknesses in the krb4...

Debian DSA-209-1 : wget - directory traversal

Two problems have been found in the wget package as distributed in Debian GNU/Linux : - Stefano Zacchiroli found a buffer overrun in the urlfilename function, which would make wget segfault on very long URLs - Steven M. Christey discovered that wget did not verify the FTP server response to a NLS...