Important: Red Hat Security Advisory: openssl security update for Stronghold

A new Stronghold 3 release is available which contains an updated fix for the OpenSSL ASN1 vulnerability. OpenSSL is a commercial-grade, full-featured, open source toolkit which implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength...

CodeBlue 5.1 - SMTP Response Buffer Overflow

// source: https://www.securityfocus.com/bid/5300/info CodeBlue is an Apache httpd log scanning utility that attempts to contact the administrators of hosts infected with worms. A buffer overflow vulnerability has been reported in CodeBlue. The condition occurs when processing responses from SMTP...

Moderate: Red Hat Security Advisory: : Updated mod_ssl packages available

Updated modssl packages are now available for Red Hat Linux 7, 7.1, 7.2, and 7.3. These updates incorporate a fix for an incorrect bounds check in versions of modssl up to and including version 2.8.9. The modssl module provides strong cryptography for the Apache Web server via the Secure Sockets...

Security Bulletin MS02-030: Unchecked Buffer in SQLXML Could Lead to Code Execution (Q321911)

---------------------------------------------------------------------- Title: Unchecked Buffer in SQLXML Could Lead to Code Execution Q321911 Date: 12 June 2002 Software: Microsoft SQLXML Impact: Two vulnerabilities, the most serious of which could run code of attacker's choice. Max Risk:...

Advisory CA-2002-16 Multiple Vulnerabilities in Yahoo! Messenger

-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2002-16 Multiple Vulnerabilities in Yahoo! Messenger Original release date: June 05, 2002 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Yahoo! Messenger version 5,0,0,1064 and...

Microsoft Internet Explorer 5/6 / Mozilla 0.8/0.9.x / Opera 5/6 - JavaScript Interpreter Denial of Service

source: https://www.securityfocus.com/bid/4322/info It is possible to create a loop in JavaScript which is capable of crashing various web browsers. This is due to a flaw in the JavaScript interpreter. Browsers that have been tested include Microsoft Internet Explorer, Mozilla and Opera. It has...

Security Bulletin MS01-060

---------------------------------------------------------------------- Title: SQL Server Text Formatting Functions Contain unchecked Buffers Date: 20 December 2001 Software: Microsoft SQL Server 7.0 and Microsoft SQL Server 2000 Impact: Run code of attacker's choice on server, denial of service...

Проблемы с BinHex и MacBinary в IE для MacOS (code execution)

При загрузке джвоичного сполняемого файла он может быть запущен на выполнение...

CVE-2001-1125

Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, which allows remote attackers to execute arbitrary code via DNS spoofing of the update.symantec.com site...

[SECURITY] [DSA-062-1] rxvt buffer overflow

Package : rxvt Problem type : buffer overflow Debian-specific: no Samuel Dralet reported on bugtraq that version 2.6.2 of rxvt a VT102 terminal emulator for X have a buffer overflow in the ttprintf function. A local user could abuse this making rxvt print a special string using that function, for...

WFTPD 3.0 - RETR CWD Remote Buffer Overflow

WFTPD 3.0 - RETR CWD Remote Buffer Overflow // source: https://www.securityfocus.com/bid/2644/info Invalid long strings submitted using either 'RETR' or 'CWD' commands to a host running WFTPD server, will result in the service terminating due to a buffer overflow. It may be possible for an attack...

tco.txt

Synnergy Laboratories Advisory SLA-2000-14 NAME BSD/Linux telnet client overflow AFFECTED Linux Debian Redhat Mandrake Slackware possibly others BSD FreeBSD possible others SYNOPSIS Synnergy Labs has found a bug in the telnet client that causes a stack overflow by filling the DISPLAY environment...

IrfanView32 3.0.7 - Image File Buffer Overflow

IrfanView32 3.0.7 - Image File Buffer Overflow // source: https://www.securityfocus.com/bid/781/info IrfanView32, a freeware image viewer, has a problem in the handling of Adobe Photoshop generated jpegs. If a .jpg file is opened for viewing that contains the Adobe Photoshop marker in the header...

mSQL-DoS.txt

Date: Mon, 11 Jan 1999 01:53:30 -0200 From: Sekure SDI SSC To: [email protected] Subject: Sekure SDI Advisory: mSQL Remote Bug fwd s e k u r e SDI http://www.sekure.org ----------------------------- Brazilian Information Security Team - mSQL Buffer Overflow Advisory mSQL is a SQL server for Un...

Microsoft Internet Explorer 5.0.1 - Invalid Byte Cross-Frame Access

Microsoft Internet Explorer 5.0.1 - Invalid Byte Cross-Frame Access source: https://www.securityfocus.com/bid/197/info On January 28, 1999, Georgi Guninski originally reported a vulnerability in Internet Explorer 4.x. Internet Explorer 4.x's implentation of Cross-frame security could be bypassed ...

Security Update for Microsoft Visio 2016 (KB5002634) 32-Bit Edition

A security vulnerability exists in Microsoft Visio 2016 32-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Security Update for Microsoft Office 2010 (KB3118310) 64-Bit Edition

A security vulnerability exists in Microsoft Office 2010 64-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Security Update for Microsoft Office 2010 (KB4011618) 32-Bit Edition

A security vulnerability exists in Microsoft Office 2010 32-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Security Update for Microsoft Office 2010 (KB4011618) 32-Bit Edition

A security vulnerability exists in Microsoft Office 2010 32-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...

Security Update for Microsoft Office 2010 (KB4011618) 32-Bit Edition

A security vulnerability exists in Microsoft Office 2010 32-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...