Debian DSA-891-1 : gpsdrive - format string

Kevin Finisterre discovered a format string vulnerability in gpsdrive, a car navigation system, that can lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisor...

Debian DSA-932-1 : kdegraphics - buffer overflows

'infamous41md' and Chris Evans discovered several heap based buffer overflows in xpdf, the Portable Document Format PDF suite, that can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code. The same code is present in kpdf which is part of the...

Debian DSA-961-1 : pdfkit.framework - buffer overflows

'infamous41md' and Chris Evans discovered several heap based buffer overflows in xpdf which are also present in pdfkit.framework, the GNUstep framework for rendering PDF content, and which can lead to a denial of service by crashing the application or possibly to the execution of arbitrary code...

Debian DSA-1083-1 : motor - buffer overflow

Mehdi Oudad and Kevin Fernandez discovered a buffer overflow in the ktools library which is used in motor, an integrated development environment for C, C++ and Java, which may lead local attackers to execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text...

[SECURITY] [DSA 1160-1] New Mozilla packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1160-1 [email protected] http://www.debian.org/security/ Martin Schulze August 29th, 2006 http://www.debian.org/security/faq -...

CVE-2005-4693

Gaim-Encryption 2.38-1 on Debian Linux is affected by a vulnerability that allows remote attackers to cause a denial of service (crash) via a crafted message from an ICQ buddy, potentially involving the GE_received_key function in keys.c. The description across sources consistently identifies the...

CVE-2005-4693

Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to cause a denial of service crash via a crafted message from an ICQ buddy, possibly involving the GEreceivedkey function in keys.c...

CVE-2005-4693

Gaim-Encryption 2.38-1 on Debian Linux allows remote attackers to cause a denial of service crash via a crafted message from an ICQ buddy, possibly involving the GEreceivedkey function in keys.c...

[Full-disclosure] CYBSEC - Security Advisory: httprint Multiple Vulnerabilities

The following advisory is also available in PDF format for download at: http://www.cybsec.com/vuln/CYBSECSecurityAdvisoryhttprintMultipleVulnerabilities.pdf CYBSEC S.A. www.cybsec.com Advisory Name: httprint Multiple Vulnerabilities ========== Vulnerability Class: Denial of Service, Arbitrary...

[SECURITY] [DSA 853-1] New ethereal packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 853-1 [email protected] http://www.debian.org/security/ Martin Schulze October 9th, 2005 http://www.debian.org/security/faq -...

Debian DSA-819-1 : python2.1 - integer overflow

An integer overflow with a subsequent buffer overflow has been detected in PCRE, the Perl Compatible Regular Expressions library, which allows an attacker to execute arbitrary code, and is also present in Python. Exploiting this vulnerability requires an attacker to specify the used regular...

Snort 2.4.0 - SACK TCP Option Error Handling Denial of Service

Snort 2.4.0 - SACK TCP Option Error Handling Denial of Service /------------------------------------------ ||------+ Snort thsum es 0 cero, por lo tanto, el primer Router por donde pase este paquete lo descartara por no tener una checksum valida. RFC 1072 - TCP Extensions for Long-Delay Paths 3.2...

Snort 2.4.0 - SACK TCP Option Error Handling Denial of Service

/------------------------------------------ ||------+ Snort thsum es 0 cero, por lo tanto, el primer Router por donde pase este paquete lo descartara por no tener una checksum valida. RFC 1072 - TCP Extensions for Long-Delay Paths 3.2- TCP SACK Option: ... Kind: 5 Length: Variable...

Debian Linux apt-cacher code execution

No description provided...

CVE-2001-1561

CVE-2001-1561 describes a buffer overflow in Xvt 2.1 on Debian Linux 2.2 that allows local users to execute arbitrary code via long (1) -name and (2) -T arguments. The issue stems from argument handling in xvt, enabling code execution with elevated privileges because xvt is installed setuid root....

CVE-2001-1561

Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long 1 -name and 2 -T arguments...

CVE-2001-1561

Removed by vendor...

Debian Linux apt-setup weak permissions

apt.conf file is created world readable...

Debian DSA-743-1 : ht - buffer overflows, integer overflows

Several problems have been discovered in ht, a viewer, editor and analyser for various executables, that may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-1545 Tavis Ormandy of the Gentoo Linux Security Tea...

XML-RPC for PHP Remote Code Injection Vulnerability

Description XML-RPC for PHP is affected by a remote code-injection vulnerability. An attacker may exploit this issue to execute arbitrary commands or code in the context of the webserver. This may facilitate various attacks, including unauthorized remote access. XML-RPC for PHP 1.1 and prior...