squid -- multiple vulnerabilities

Squid security advisory 2016:3 reports: Due to a buffer overrun Squid pinger binary is vulnerable to denial of service or information leak attack when processing ICMPv6 packets. This bug also permits the server response to manipulate other ICMP and ICMPv6 queries processing to cause information...

What is SMTP STS? How It improves Email Security for StartTLS?

Despite so many messaging apps, Email is still one of the widely used and popular ways to communicate in this digital age. But are your Emails secure? We are using email services for decades, but the underlying 1980s transport protocol used to send emails, Simple Mail Transfer Protocol SMTP, is...

Comodo AntiVirus - Heap Overflow in LZX Decompression

Comodo AntiVirus - Heap Overflow in LZX Decompression Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=737 LzxDecoder::init initializes the vector LzxDecoder-window to a fixed size of 2^method bytes, which is then used during LzxDecoder::Extract. It's possible for LZX compressed...

Apple Mac OSX - Kernel Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort

Exploit for macOS platform in category dos / poc / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=728 External Method 36 of IOUSBInterfaceUserClient is AbortStreamPipe. It takes two scalar inputs and uses the second one as an array index to read a pointer to a C++ object withou...

Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort

Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort / Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=728 External Method 36 of IOUSBInterfaceUserClient is AbortStreamPipe. It takes two scalar inputs and uses the second one as an array ind...

Apple Mac OSX Kernel - Code Execution Due to Lack of Bounds Checking in AppleUSBPipe::Abort

/ Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=728 External Method 36 of IOUSBInterfaceUserClient is AbortStreamPipe. It takes two scalar inputs and uses the second one as an array index to read a pointer to a C++ object without checking the bounds then calls a virtual method...

Moodle Design Bugs

Moodle is a free, open-source e-learning software platform, also known as a course management system, learning management system, or virtual learning environment, developed by Dr. Martin Dougiamas of Australia. A security vulnerability exists in Moodle version 2.8.x prior to 2.8.11, which stems...

Microsoft Outlook Express NNTP handler Buffer Overflow (CVE-2005-1213)

A buffer overflow vulnerability has been reported in Microsoft Outlook Express. The vulnerability is due to an insufficient boundary checking when the vulnerable product processes Network News Transfer Protocol NNTP server responses. An attacker can exploit this vulnerability to inject and execut...

Adobe Flash Player Integer Overflow (APSB16-08: CVE-2016-1010)

An integer overflow vulnerability has been reported in Adobe Flash Player. The vulnerability is due to insufficient boundary checking in Adobe Flash Player. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file...

Updated squid packages fix security vulnerabilities

Updated squid packages fix security vulnerability: Due to incorrect bounds checking Squid is vulnerable to a denial of service attack when processing HTTP responses CVE-2016-2569, CVE-2016-2570, CVE-2016-2571...

Vulnerabilities in OpenSSL affect AIX

IBM SECURITY ADVISORY First Issued: Wed Mar 2 08:43:07 CST 2016 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/openssladvisory17.asc https://aix.software.ibm.com/aix/efixes/security/openssladvisory17.asc...

FreeBSD : squid -- remote DoS in HTTP response processing (660ebbf5-daeb-11e5-b2bd-002590263bf5)

Squid security advisory 2016:2 reports : Due to incorrect bounds checking Squid is vulnerable to a denial of service attack when processing HTTP responses. These problems allow remote servers delivering certain unusual HTTP response syntax to trigger a denial of service for all clients accessing...

IBM Tivoli Storage Manager FastBack Server Opcode 4115 Buffer Overflow (CVE-2015-4931)

A buffer overflow vulnerability exists in IBM Tivoli Storage Manager FastBack Server. The vulnerability is due to insufficient boundary checking on parameters in opcode 4115 requests. A remote unauthenticated attacker could exploit this vulnerability by sending crafted requests to port 11460/TCP...

openSUSE Security Update : glibc (openSUSE-2016-233)

This update for glibc fixes the following issues : - errorcheck-mutex-no-elision.patch: Don't do lock elision on an error checking mutex boo956716, BZ 17514 - reinitialize-dlloadwritelock.patch: Reinitialize dlloadwritelock on fork boo958315, BZ 19282 - send-dg-buffer-overflow.patch: Fix...

SUSE: Security Advisory for glibc (SUSE-SU-2016:0473-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2016:0481-1 Security update for dhcp

This update for dhcp fixes the following issues: - CVE-2015-8605: A remote attacker could have used badly formed packets with an invalid IPv4 UDP length field to cause a DHCP server, client, or relay program to terminate abnormally bsc961305 The following bugs were fixed: - bsc936923: Improper...

CVE-2016-2049

examples/consumer/common.php in JanRain PHP OpenID library aka php-openid improperly checks the openid.realm parameter against the SERVERNAME element in the SERVER superglobal array, which might allow remote attackers to hijack the authentication of arbitrary users via vectors involving a crafted...

AIX OpenSSH Vulnerability

IBM SECURITY ADVISORY First Issued: Fri Jan 29 16:13:16 CST 2016 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/opensshadvisory7.asc https://aix.software.ibm.com/aix/efixes/security/opensshadvisory7.asc...

Updated srtp packages fix security vulnerability

Srtp before 1.5.3 is vulnerable to a potential DoS attack due to lack of bounds checking on RTP header CSRC count and extension header length CVE-2015-6360...

MGASA-2016-0037 Updated srtp packages fix security vulnerability

Srtp before 1.5.3 is vulnerable to a potential DoS attack due to lack of bounds checking on RTP header CSRC count and extension header length CVE-2015-6360...