ABC2MIDI 2004-12-04 - Multiple Stack Buffer Overflow Vulnerabilities

source: https://www.securityfocus.com/bid/12019/info It is reported that abc2midi is susceptible to two stack buffer overflow vulnerabilities. These issues are due to a failure of the application to properly bounds check user-supplied image data prior to copying it into fixed-size memory buffers...

jabberd -- remote buffer overflow vulnerability

Caused by improper bounds-checking of username and password in the C2S module, it is possible for an attacker to cause a remote buffer overflow. The server directly handles the userinput with SQL backend functions - malicious input may lead to buffer overflow...

Raven Software Soldier Of Fortune 2 - Remote Buffer Overflow

Raven Software Soldier Of Fortune 2 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/11735/info It is reported that Soldier of Fortune 2 is susceptible to a buffer overflow vulnerability. This issue is due to a failure of the application to perform sufficient bounds checking on...

Security fix for the ALT Linux 8 package cyrus-imapd version 2.2.9-alt1

Nov. 23, 2004 Alexei Takaseev 2.2.9-alt1 - 2.2.9 - This release implements several bugfixes, notably one where lmtpproxyd could reuse a freed connection, another involving a pre-authentication buffer overrun in "imap magic plus" support CAN-2004-1011 and lack of bounds checking in PARTIAL and...

smbd -- buffer-overrun vulnerability

Caused by improper bounds checking of certain trans2 requests, there is a possible buffer overrun in smbd. The attacker needs to be able to create files with very specific Unicode filenames on the share to take advantage of this issue...

Samba: Multiple vulnerabilities

Background Samba is a freely available SMB/CIFS implementation which allows seamless interoperability of file and print services to other SMB/CIFS clients. Description Samba fails to do proper bounds checking when handling TRANSACT2QFILEPATHINFO replies. Additionally an input validation flaw exis...

XFree86 4.3 - Font Information File Buffer Overflow

XFree86 4.3 - Font Information File Buffer Overflow // source: https://www.securityfocus.com/bid/9636/info It has been reported that the XFree86 X Windows system is prone to a local buffer overflow vulnerability. The issue arises from improper bounds checking when parsing the 'font.alias' file...

Software602 602 LAN Suite - Multiple Remote Denial of Service Vulnerabilities

source: https://www.securityfocus.com/bid/11615/info 602 LAN SUITE is reported prone to multiple remote denial of service vulnerabilities. The following specific issues are reported: It is reported that an attacker may consume CPU and memory resources on a target 602 LAN SUITE server. Reports...

ID Software Quake II Server 3.2 - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/11551/info Multiple remote vulnerabilities have been reported to affect Quake II. These issues are due to boundary condition checking failures, access validation failures and failures to handle exceptional conditions. An attacker may leverage these issues...

GLSA-200410-22 : MySQL: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200410-22 MySQL: Multiple vulnerabilities The following vulnerabilities were found and fixed in MySQL: Oleksandr Byelkin found that ALTER TABLE ... RENAME checks CREATE/INSERT rights of the old table instead of the new one...

MySQL: Multiple vulnerabilities

Background MySQL is a popular open-source, multi-threaded, multi-user SQL database server. Description The following vulnerabilities were found and fixed in MySQL: Oleksandr Byelkin found that ALTER TABLE ... RENAME checks CREATE/INSERT rights of the old table instead of the new one CAN-2004-0835...

FreeBSD Security Advisory FreeBSD-SA-04:15.syscons

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:15.syscons Security Advisory The FreeBSD Project Topic: Boundary checking errors in syscons Category: core Module: sysdevsyscons Announced: 2004-10-04 Credits:...

Boundary checking errors in syscons

The syscons CONSSCRSHOT ioctl2 does insufficient validation of its input arguments. In particular, negative coordinates or large coordinates may cause unexpected behavior. It may be possible to cause the CONSSCRSHOT ioctl to return portions of kernel memory. Such memory might contain sensitive...

Debian DSA-439-1 : linux-kernel-2.4.16-arm - several vulnerabilities

Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the ARM kernel for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An integer...

Debian DSA-450-1 : linux-kernel-2.4.19-mips - several vulnerabilities

Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the mips kernel 2.4.19 for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An...

Debian DSA-475-1 : linux-kernel-2.4.18-hppa - several vulnerabilities

Several local root exploits have been discovered recently in the Linux kernel. This security advisory updates the PA-RISC kernel 2.4.18 for Debian GNU/Linux. The Common Vulnerabilities and Exposures project identifies the following problems that are fixed with this update : - CAN-2003-0961 : An...

GLSA-200409-24 : Foomatic: Arbitrary command execution in foomatic-rip filter

The remote host is affected by the vulnerability described in GLSA-200409-24 Foomatic: Arbitrary command execution in foomatic-rip filter There is a vulnerability in the foomatic-filters package. This vulnerability is due to insufficient checking of command-line parameters and environment variabl...

SnipSnap: HTTP response splitting

Background SnipSnap is a user friendly content management system with features such as wiki and weblog. Description SnipSnap contains various HTTP response splitting vulnerabilities that could potentially compromise the sites data. Some of these attacks include web cache poisoning, cross-user...

GLSA-200409-13 : LHa: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200409-13 LHa: Multiple vulnerabilities The command line argument as well as the archive parsing code of LHa lack sufficient bounds checking. Furthermore, a shell meta character command execution vulnerability exists in LHa, since...

CVE-2004-0001

Unknown vulnerability in the eflags checking in the 32-bit ptrace emulation for the Linux kernel on AMD64 systems allows local users to gain privileges...