139 matches found
CVE-2018-14670
Incorrect configuration in deb package could lead to the unauthorized use of the database. the UK's National Cyber Security Centre NCSC...
Mageia: Security Advisory (MGASA-2015-0482)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-0860
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which trigger...
Stack overflow
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which trigger...
CVE-2015-0860
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which trigger...
Debian DSA-3407-1 : dpkg - security update
Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component of dpkg, the Debian package management system. This flaw could potentially lead to arbitrary code execution if a user or an automated system were tricked into processing a specially crafted Debian binary package .deb i...
USN-2820-1: dpkg vulnerability
Hanno Boeck discovered that the dpkg-deb tool incorrectly handled certain old style Debian binary packages. If a user or an automated system were tricked into unpacking a specially crafted binary package, a remote attacker could possibly use this issue to execute arbitrary code...
USN-2820-1 dpkg vulnerability
Hanno Boeck discovered that the dpkg-deb tool incorrectly handled certain old style Debian binary packages. If a user or an automated system were tricked into unpacking a specially crafted binary package, a remote attacker could possibly use this issue to execute arbitrary code...
CVE-2015-0860
Off-by-one error in the extracthalf function in dpkg-deb/extract.c in the dpkg-deb component in Debian dpkg 1.16.x before 1.16.17 and 1.17.x before 1.17.26 allows remote attackers to execute arbitrary code via the archive magic version number in an "old-style" Debian binary package, which trigger...
dpkg -- stack-based buffer overflow
Salvatore Bonaccorso reports: Hanno Boeck discovered a stack-based buffer overflow in the dpkg-deb component of dpkg, the Debian package management system. This flaw could potentially lead to arbitrary code execution if a user or an automated system were tricked into processing a specially crafte...
Debian: Security Advisory (DSA-3269-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Berlios GPSD Format String Vulnerability
No description provided by source. $Id: gpsdformatstring.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of...
openSUSE Security Update : deb / update-alternatives (openSUSE-SU-2012:1437-1)
Fix tmp issues in annotate-output bnc778291, CVE-2012-3500 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-757. The text description of this plugin is C SUSE LLC...
PHP Point Of Sale 10.x - 11.x - 12.x Remote Code Execution
Exploit for php platform in category web applications ​ . \ /| | \ \ \ \ | | | | / \ / \ /\ / \ / / / / / \ /\ / \ / / / | | | Y \ / \ | | \ /\ \ \ | | /\ /\ / || || /\ \ /|| / /// \ /|| \ // / / / / / / http://thecrowscrew.org ​ Exploit title : PHP Point Of Sale 10.x -...
Critical PowerDNS Recursor Security Vulnerabilities: please upgrade ASAP to 3.1.7.2
Dear PowerDNS Users, Two major vulnerabilities have recently been discovered in the PowerDNS Recursor all versions up to and including 3.1.7.1. Over the past two weeks, these vulnerabilities have been addressed, resulting in PowerDNS Recursor 3.1.7.2. Given the nature and magnitude of these...
CVE-2009-3304
GForge 4.5.14, 4.7 rc2, and 4.8.2 allows local users to overwrite arbitrary files via a symlink attack on authorizedkeys files in users' home directories, related to deb-specific/sshdumpupdate.pl and cronjobs/cvs-cron/sshcreate.php...
Ubuntu Update for firefox-3.0, xulrunner-1.9 vulnerabilities USN-626-1
Ubuntu Update for Linux kernel vulnerabilities USN-626-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN6261.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox-3.0, xulrunner-1.9 vulnerabilities USN-626-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks Gmb...
Berlios GPSD 2.7 - Remote Format String (Metasploit)
package Msf::Exploit::gpsdformatstring; use base "Msf::Exploit"; use strict; use Pex::Text; use IO::Socket; my $advanced = ; my $info = 'Name' = 'Berlios GPSD Format String Vulnerability', 'Version' = '$ 1.0 $', 'Authors' = 'Enseirb ', , 'Arch' = 'x86' , 'OS' = 'linux' , 'Priv' = 1, 'UserOpts' =...
Berlios GPSD 1.91-1 < 2.7-2 - Format String
require 'msf/core' class Metasploit3 'Berlios GPSD Format String Vulnerability', 'Description' = %q This module exploits a format string vulnerability in the Berlios GPSD server. This vulnerability was discovered by Kevin Finisterre. , 'Author' = 'Yann Senotier ' , 'License' = MSFLICENSE, 'Versio...