Fedora Core 4 : tetex-3.0-9.FC4 (2005-028)

Several flaws were discovered in the way teTeX processes PDF files. An attacker could construct a carefully crafted PDF file that could cause poppler to crash or possibly execute arbitrary code when opened. The Common Vulnerabilities and Exposures project assigned the names CVE-2005-3625,...

Fedora Core 4 : binutils-2.15.94.0.2.2-2.1 (2005-498)

Wed Jun 29 2005 Jakub Jelinek 2.15.94.0.2.2-2.1 - further bfd, readelf and binutils robustification CVE-2005-1704, 158680 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and...

Fedora Core 4 : ethereal-0.10.14-1.FC4.1 (2006-006)

Thu Dec 29 2005 Radek Vokal 0.10.14-1.FC4.1 - upgrade to 0.10.14 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

HP-UX Security Patch : PHKL_32204

VM core4 related changes %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if !definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid26407; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/01/11";...

Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit

No description provided by source. !/usr/bin/python Snort DCE/RPC Preprocessor Buffer Overflow DoS Author: Trirat Puttaraksa http://sf-freedom.blogspot.com For educational purpose only This exploit just crash Snort 2.6.1 on Fedora Core 4. However, Code Execution may be possible, but I have no tim...

Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit

Exploit for multiple platform in category dos / poc =================================================================== Snort 2.6.1 DCE/RPC Preprocessor Remote Buffer Overflow DoS Exploit =================================================================== !/usr/bin/python Snort DCE/RPC Preprocess...

Snort 2.6.1 - DCERPC Preprocessor Remote Buffer Overflow (Denial of Service) (PoC)

Snort 2.6.1 - DCERPC Preprocessor Remote Buffer Overflow Denial of Service PoC !/usr/bin/python Snort DCE/RPC Preprocessor Buffer Overflow DoS Author: Trirat Puttaraksa http://sf-freedom.blogspot.com For educational purpose only This exploit just crash Snort 2.6.1 on Fedora Core 4. However, Code...

Fedora Core 4 : openoffice.org-2.0.1.1-7.1 (2006-764)

CVE-2006-2198 macro security - CVE-2006-2199 java applets - CVE-2006-3117 corrupt file format more details at http://www.openoffice.org/security/bulletin-20060629.h tml Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

Fedora Core 4 : ruby-1.8.4-3.fc4 (2006-842)

Thu Jul 20 2006 Akira TAGOH - 1.8.4-3 - security fixes CVE-2006-3694 - ruby-1.8.4-fix-insecure-dir-operation.patch : - ruby-1.8.4-fix-insecure-regexp-modification.patch: fixed the insecure operations in the certain safe-level restrictions. 199538 - ruby-1.8.4-fix-alias-safe-level.patch: fixed to...

Fedora Core 4 : cyrus-sasl-2.1.20-6 (2006-515)

This update incorporates a fix for a bug which would allow a client which attempted DIGEST-MD5 authentication with a server to cause the DIGEST-MD5 plugin on the server to crash. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security...

Fedora Core 4 : mutt-1.4.2.1-5.fc4 (2006-761)

Thu Jun 29 2006 Miroslav Lichvar 5:1.4.2.1-5.fc4 - fix a buffer overflow when processing IMAP namespace 197152, CVE-2006-3242 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean...

Fedora Core 4 : kdebase-3.5.3-0.2.fc4 (2006-725)

Thu Jun 15 2006 Than Ngo 6:3.5.3-0.2.fc4 - apply patch to to fix 194659, CVE-2006-2449 KDM symlink attack vulnerability thanks to KDE security team Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...

Fedora Core 4 : squirrelmail-1.4.6-7.fc4 (2006-668)

CVE-2006-2842 Squirrelmail File Inclusion Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVE...

Fedora Core 4 : openmotif-2.2.3-10.FC4.2 (2006-854)

Wed Mar 29 2006 Thomas Woerner 2.2.3-10.FC4.2 - fixed CVE-2005-3964: libUil buffer overflows 174815 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as...

Fedora Core 4 : kernel-2.6.17-1.2141_FC4 (2006-769)

An update to the latest upstream stable release 2.6.17.3, which fixes a security issue with SCTP. Further details: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.3 http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.2 Note that Tenable Network Security has extracted the...

Fedora Core 4 : busybox-1.00-5.fc4 (2006-511)

The BusyBox passwd command does not use a proper salt when generating passwords. This would create an instance where a brute-force attack could take very little time. This problem is fixed in busybox-1.00-5.fc4. Note that Tenable Network Security has extracted the preceding description block...

Fedora Core 4 : kernel-2.6.16-1.2111_FC4 (2006-573)

This update rebases to the latest upstream -stable release 2.6.16.17, where a number of security problems have been fixed, notably : SCTP: Validate the parameter length in HB-ACK chunk CVE-2006-1857 SCTP: Respect the real chunk length when walking parameters CVE-2006-1858 fs/locks.c: Fix leaseini...

Fedora Core 4 : kernel-2.6.16-1.2107_FC4 (2006-500)

An update to the latest upstream -stable snapshot 2.6.16.13 Among quite a few bug-fixes, are two security related fixes : Don't allow a backslash in a path component CVE-2006-1863 NETFILTER: SCTP conntrack: fix infinite loop CVE-2006-1527 Detailed changelogs of the last few point releases can be...

Fedora Core 4 : kernel-2.6.17-1.2142_FC4 (2006-801)

Rebase to latest upstream 2.6.17.4 -stable release, which fixes a security issue which could result in local priveledge escalation. More details at: http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.17.4 In addition, an optimisation was performed to use significantly less memory for sever...

Fedora Core 4 : httpd-2.0.54-10.4 (2006-862)

This update fixes a security issue in the modrewrite module. Mark Dowd of McAfee Avert Labs reported an off-by-one security problem in the LDAP scheme handling of the modrewrite module. Where RewriteEngine was enabled, and for certain RewriteRules, this could lead to a pointer being written out o...