290 matches found
SUSE-SA:2005:039: zlib
The remote host is missing the patch for the advisory SUSE-SA:2005:039 zlib. A denial of service condition was fixed in the zlib library. Any program using zlib to decompress data can be crashed by a specially handcrafted invalid data stream. This includes web browsers or email programs able to...
Mandrake Linux Security Advisory : zlib (MDKSA-2005:112)
Tavis Ormandy of the Gentoo Security Project discovered a vulnerability in zlib where a certain data stream would cause zlib to corrupt a data structure, resulting in the linked application to dump core. The updated packages have been patched to correct this problem. %NASLMINLEVEL 70300 C Tenable...
zlib: Buffer overflow
Background zlib is a widely used free and patent unencumbered data compression library. Description Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a buffer overflow in zlib. A bounds checking operation failed to take invalid data into account, allowing a specifically malformed...
GLSA-200507-05 : zlib: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200507-05 zlib: Buffer overflow Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a buffer overflow in zlib. A bounds checking operation failed to take invalid data into account, allowing a specifically malformed...
SSH < 1.2.25 CBC/CFB Data Stream Injection
Binary data 1978.prm...
PT-2002-2279 · Ethereal · Ethereal
Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.7 and earlier Description: The issue allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via malformed packets to the 1 LMP, 2 PPP, or 3 TDS dissectors. This could be related to...
Pserv 2.0 - HTTP Request Parsing Buffer Overflow
source: https://www.securityfocus.com/bid/6287/info A buffer overflow vulnerability has been reported in Pserv. The buffer overflow condition is due to the way Pserv handles data streams from remote connections. An attacker can exploit this vulnerability by issuing a HTTP request with an overly...
CVE-2002-0728
Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service crash via a PNG data stream that has more IDAT data than indicated by the IHDR chunk...
CVE-2001-0718
Vulnerability in 1 Microsoft Excel 2002 and earlier and 2 Microsoft PowerPoint 2002 and earlier allows attackers to bypass macro restrictions and execute arbitrary commands by modifying the data stream in the document...
SSH CBC/CFB Data Stream Injection
The remote host is running a version of SSH that is older than or as old as version 1.2.23. The remote version of this software is vulnerable to a known plaintext attack, which could allow an attacker to insert encrypted packets in the client - server stream that will be deciphered by the server,...