EUVD-2009-2410

Malware in sbrugna...

EUVD-2004-0081

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2009-2625

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and ...

SUSE CVE-2004-0081

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service infinite loop, as demonstrated using the Codenomicon TLS Test Tool...

SUSE CVE-2010-0211

The slapmodrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smrnormalize function, which allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a modrdn call with an RDN string containing...

Denial of service in Apache Xerces2

XMLScanner.java in Apache Xerces2 Java, as used in Sun Java Runtime Environment JRE in JDK and JRE 6 before Update 15 and JDK and JRE 5.0 before Update 20, and in other products, allows remote attackers to cause a denial of service infinite loop and application hang via malformed XML input, as...

Security fix for the ALT Linux 8 package samba-DC version 4.6.14-alt1

March 12, 2018 Evgeny Sinelnikov 4.6.14-alt1 - Update to spring security release - Security fixes: + CVE-2018-1050 Codenomicon crashes in spoolss server code + CVE-2018-1057 Unprivileged user can change any user and admin password...

Remote DoS in Samba (AD) LDAP server.

Description All versions of Samba from 4.0.0 to 4.1.21 inclusive are vulnerable to an anonymous memory exhaustion attack in the samba daemon LDAP server. A malicious client can send packets that cause the LDAP server provided by the AD DC in the samba daemon process to consume unlimited memory an...

CVE-2014-4911

The ssldecryptbuf function in library/ssltls.c in PolarSSL before 1.2.11 and 1.3.x before 1.3.8 allows remote attackers to cause a denial of service crash via vectors related to the GCM ciphersuites, as demonstrated using the Codenomicon Defensics toolkit...

Important: Red Hat Security Advisory: gnutls security update

Updated gnutls packages that fix two security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

DSA-2483-1 strongswan - authentication bypass

Bulletin has no description...

Debian Security Advisory DSA 2483-1 (strongswan)

The remote host is missing an update to strongswan announced via advisory DSA 2483-1. OpenVAS Vulnerability Test $Id: deb24831.nasl 6612 2017-07-07 12:08:03Z cfischer $ Description: Auto-generated from advisory DSA 2483-1 strongswan Authors: Thomas Reinke Copyright: Copyright c 2012 E-Soft Inc...

Vulnerability in OpenSSL - Invalid TLS/DTLS record attack

An integer underflow flaw, leading to a buffer over-read, was found in the way OpenSSL handled TLS 1.1, TLS 1.2, and DTLS Datagram Transport Layer Security application data record lengths when using a block cipher in CBC cipher-block chaining mode. A malicious TLS 1.1, TLS 1.2, or DTLS client or...

[ANNOUNCE] Apache Traffic Server releases for security incident CVE-2012-0256

Everyone, Below is our announcement for the security issue reported to us from Codenomicon, via CERT-FI. All previous versions of Apache Traffic Server are vulnerable, and we urge users to upgrade to either v3.0.4 or v3.1.3 immediately. Both releases are available from our download site at...

Universal Fuzzer by Codenomicon !

Codenomicon is a Finland based Information Security company. Recently it has released a universal fuzzer, a fuzz testing solution that combines heuristics and multiple fuzzers with a graphical user interface, automated test executions and reporting features. Fuzzing has been popular between hacke...

Ubuntu Update for OpenLDAP vulnerabilities USN-965-1

Ubuntu Update for Linux kernel vulnerabilities USN-965-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9651.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for OpenLDAP vulnerabilities USN-965-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

Ubuntu 6.06 LTS / 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : openldap, openldap2.2, openldap2.3 vulnerabilities (USN-965-1)

Using the Codenomicon LDAPv3 test suite, Ilkka Mattila and Tuomas Salomaki discovered that the slapmodrdn2mods function in modrdn.c in OpenLDAP does not check the return value from a call to the smrnormalize function. A remote attacker could use specially crafted modrdn requests to crash the slap...

USN-965-1: OpenLDAP vulnerabilities

Using the Codenomicon LDAPv3 test suite, Ilkka Mattila and Tuomas Salomäki discovered that the slapmodrdn2mods function in modrdn.c in OpenLDAP does not check the return value from a call to the smrnormalize function. A remote attacker could use specially crafted modrdn requests to crash the slap...

CVE-2010-0212

OpenLDAP 2.4.22 allows remote attackers to cause a denial of service crash via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smrnormalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schemainit.c, as...

CVE-2010-0212

OpenLDAP 2.4.22 allows remote attackers to cause a denial of service crash via a modrdn call with a zero-length RDN destination string, which is not properly handled by the smrnormalize function and triggers a NULL pointer dereference in the IA5StringNormalize function in schemainit.c, as...