Slackware 9.1 / current : Kernel security update (SSA:2004-049-01)

New kernels are available for Slackware 9.1 and -current to fix a bounds-checking problem in the kernel's mremap call which could be used by a local attacker to gain root privileges. Please note that this is not the same issue as CAN-2003-0985 which was fixed in early January. The kernels in...

Slackware 8.1 : Slackware 8.1 kernel security update (SSA:2004-008-01)

New kernels are available for Slackware 8.1 containing a backported fix from a bounds-checking problem in the kernel's mremap call which could be used by a local attacker to gain root privileges. This fix was previously issued for Slackware 9.0, 9.1, and -current SSA:2004-006-01. Sites running...

zlib: Buffer overflow

Background zlib is a widely used free and patent unencumbered data compression library. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a buffer overflow in zlib. A bounds checking operation failed to take invalid data into account, allowing a specifically malformed...

GLSA-200507-05 : zlib: Buffer overflow

The remote host is affected by the vulnerability described in GLSA-200507-05 zlib: Buffer overflow Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a buffer overflow in zlib. A bounds checking operation failed to take invalid data into account, allowing a specifically malformed...

WebCalendar -- unauthorized access vulnerability

SecurityFocus reports that WebCalendar is affected by an unauthorized access vulnerability. The vulnerability is caused by improper checking of the authentication mechanism before access is being permitted to the "assistantedit.php" file...

p5-Mail-SpamAssassin -- denial of service vulnerability

Apache SpamAssassin Security Team reports: Apache SpamAssassin 3.0.4 was recently released, and fixes a denial of service vulnerability in versions 3.0.1, 3.0.2, and 3.0.3. The vulnerability allows certain misformatted long message headers to cause spam checking to take a very long time. While th...

ubbprintthread.txt

UBB Thread /ubbthreads/printthread.php SQL Injection Yes\No vulnerability Full Disclosure Bug discovered By: Axl Exploit By: HLL hllhll at gmail.com 1. Introduction There Is a flaw in printthread.php due to insufficient bound checking of the 'main' query parameter wich allows a malicues SQL to be...

C'Nedra 0.4 Network Plugin - 'Read_TCP_String' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/13781/info C'Nedra Network Plug-in is prone to a remotely exploitable buffer overflow vulnerability. The issue exists in the 'gamemessagefunctions.cpp' source file and is due to inadequate bounds checking of user-supplied data. This vulnerability could be...

CNedra 0.4 Network Plugin - Read_TCP_String Remote Buffer Overflow

CNedra 0.4 Network Plugin - ReadTCPString Remote Buffer Overflow source: https://www.securityfocus.com/bid/13781/info C'Nedra Network Plug-in is prone to a remotely exploitable buffer overflow vulnerability. The issue exists in the 'gamemessagefunctions.cpp' source file and is due to inadequate...

USN-120-1: Apache 2 vulnerability

Luca Ercoli discovered that the "htdigest" program did not perform any bounds checking when it copied the "user" and "realm" arguments into local buffers. If this program is used in remotely callable CGI scripts, this could be exploited by a remote attacker to execute arbitrary code with the...

CVE-2005-0815

Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem...

CVE-2005-0065

The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged aka "TCP sequence number checking", which makes it easier for attackers to forge ICMP error messages for specifi...

security flaw

The native implementations of InstallTrigger and other functions in Firefox before 1.0.3 and Mozilla Suite before 1.7.7 do not properly verify the types of objects being accessed, which causes the Javascript interpreter to continue execution at the wrong memory address, which may allow attackers ...

CVE-2001-1474

SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache...

CVE-2001-1474

CVE-2001-1474 concerns SSH prior to version 2.0, where host key checking is disabled when connecting to localhost. This creates a vulnerability condition that can be exploited by poisoning the client’s DNS cache to silently redirect connections to localhost. The description in the connected docum...

security flaw

Multiple "range checking flaws" in the ISO9660 filesystem handler in Linux 2.6.11 and earlier may allow attackers to cause a denial of service or corrupt memory via a crafted filesystem...

Important: Red Hat Security Advisory: kernel security update

Updated kernel packages that fix several security issues are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 9 August 2005 The advisory text has been updated to show that this update fixed...

Microsoft Word Unspecified Document File Buffer Overflow Vulnerability

Description Microsoft Word is affected by a buffer overflow vulnerability. This issue is due to a failure in the application to do proper bounds checking on user-supplied data. Microsoft has not specified exactly where the error may occur. This could result in execution of arbitrary code in the...

iso9660handler.txt

Good morning, There appears to be a fair number of kernel-level range checking flaws in ISO9660 filesystem handler and Rock Ridge / Juliet extensions in Linux up to and including 2.6.11. These bugs range from DoS conditions to potentially exploitable memory corruption - all this whenever a...

CVE-2005-0815

CVE-2005-0815 affects the Linux kernel iso9660 filesystem handler in versions up to 2.6.11 (and earlier). The issue is described as multiple range-checking flaws in the ISO-9660 file system code, which could be triggered by mounting a crafted/corrupted ISO image on CD-ROM. Impact stated in connec...