djbdns超长响应报文远程缓存中毒漏洞

BUGTRAQ ID: 33937 djbdns是一个由Qmail的作者所设计的轻量级DNS server。 djbdns的response.c文件负责处理名称压缩。该文件12行对nameptr数组有each 16384的标注，但responseaddname没有强制这个限制。如果用户向报文中编码的名称中第一个后缀大于或等于16384字节的话，responseaddname就会错误的编码到名称的偏移，生成畸形的响应报文。这种响应报文会给查询用户误导性信息，有助于攻击者执行中间人等网络欺骗攻击。 D. J. Bernstein djbdns 1.05 厂商补丁： D. J. Bernste...

RedHat Update for libtiff RHSA-2008:0863-01

Check for the Version of libtiff OpenVAS Vulnerability Test RedHat Update for libtiff RHSA-2008:0863-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Update for libtiff RHSA-2008:0847-01

Check for the Version of libtiff OpenVAS Vulnerability Test RedHat Update for libtiff RHSA-2008:0847-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

RedHat Update for speex RHSA-2008:0235-01

Check for the Version of speex OpenVAS Vulnerability Test RedHat Update for speex RHSA-2008:0235-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

RedHat Update for libtiff RHSA-2008:0848-01

Check for the Version of libtiff OpenVAS Vulnerability Test RedHat Update for libtiff RHSA-2008:0848-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

[Backports-security-announce] Security Update for wesnoth

Gerfried Fuchs uploaded new packages for wesnoth which fixed the following security problems: CVE-2009-0367 The implementation of the sandbox for the python AIs was possible to circumvent, allowing it to execute arbitrary python code on the clients machine. Please note that the official servers...

[Backports-security-announce] Security Update for wesnoth

Gerfried Fuchs uploaded new packages for wesnoth which fixed the following security problems: CVE-2009-0367 The implementation of the sandbox for the python AIs was possible to circumvent, allowing it to execute arbitrary python code on the clients machine. Please note that the official servers...

Fedora Update for dar FEDORA-2007-0904

Check for the Version of dar OpenVAS Vulnerability Test Fedora Update for dar FEDORA-2007-0904 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

CentOS Update for speex CESA-2008:0235 centos4 x86_64

Check for the Version of speex OpenVAS Vulnerability Test CentOS Update for speex CESA-2008:0235 centos4 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

CentOS Update for libtiff CESA-2008:0863-01 centos2 i386

Check for the Version of libtiff OpenVAS Vulnerability Test CentOS Update for libtiff CESA-2008:0863-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

Fedora Update for tar FEDORA-2007-1890

Check for the Version of tar OpenVAS Vulnerability Test Fedora Update for tar FEDORA-2007-1890 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of t...

CentOS Update for libtiff CESA-2008:0863 centos3 x86_64

Check for the Version of libtiff OpenVAS Vulnerability Test CentOS Update for libtiff CESA-2008:0863 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS Update for libtiff CESA-2008:0863 centos3 i386

Check for the Version of libtiff OpenVAS Vulnerability Test CentOS Update for libtiff CESA-2008:0863 centos3 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS Update for speex CESA-2008:0235 centos4 i386

Check for the Version of speex OpenVAS Vulnerability Test CentOS Update for speex CESA-2008:0235 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

CentOS Update for libtiff CESA-2008:0863-01 centos2 i386

Check for the Version of libtiff OpenVAS Vulnerability Test CentOS Update for libtiff CESA-2008:0863-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify i...

Fedora Update for libpng FEDORA-2007-2666

Check for the Version of libpng OpenVAS Vulnerability Test Fedora Update for libpng FEDORA-2007-2666 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the term...

CentOS Update for libtiff CESA-2008:0863 centos3 x86_64

Check for the Version of libtiff OpenVAS Vulnerability Test CentOS Update for libtiff CESA-2008:0863 centos3 x8664 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

[SECURITY] Fedora 10 Update: libpng-1.2.35-1.fc10

The libpng package contains a library of functions for creating and manipulating PNG Portable Network Graphics image format files. PNG is a bit-mapped graphics format similar to the GIF format. PNG was created to replace the GIF format, since GIF uses a patented data compression algorithm. Libpng...

[SECURITY] Fedora 10 Update: optipng-0.6.2.1-1.fc10

OptiPNG is a PNG optimizer that recompresses image files to a smaller size, without losing any information. This program also converts external formats BMP, GIF, PNM and TIFF to optimized PNG, and performs PNG integrity checks and corrections...

Fedora Update for speex FEDORA-2008-3103

Check for the Version of speex OpenVAS Vulnerability Test Fedora Update for speex FEDORA-2008-3103 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms ...