127 matches found
wireshark: crash on sample file genbroad.snoop
epan/dissectors/packet-dec-dnart.c in the DECnet NSP/RT dissector in Wireshark 1.10.12 through 1.10.14 mishandles a certain strdup return value, which allows remote attackers to cause a denial of service application crash via a crafted packet...
Ubuntu Update for linux-source-2.6.15/2.6.17/2.6.20 vulnerabilities USN-464-1
Ubuntu Update for Linux kernel vulnerabilities USN-464-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN4641.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for linux-source-2.6.15/2.6.17/2.6.20 vulnerabilities USN-464-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone...
HP DECnet-Plus OpenVMS 'OSIT$NAMES'绕过安全限制漏洞
BUGTRAQ ID: 32711 HP DECnet-Plus一种在数据系统之间提供通信功能的软硬件产品。 HP DECnet-Plus OpenVMS实现上存在漏洞,远程攻击者可能利用此绕过某些安全限制非授权修改'OSIT$NAMES'表。 HP DECnet-Plus for OpenVMS VAX 7.3 HP DECnet-Plus for OpenVMS ALPHA 7.3-2 HP -- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://itrc.hp.com...
CVE-2008-5417
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the 1 SYS$CRELNM and 2 SYS$DELLNM system services...
Design/Logic Flaw
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the 1 SYS$CRELNM and 2 SYS$DELLNM system services...
CVE-2008-5417
HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform uses world-writable permissions for the OSIT$NAMES logical name table, which allows local users to bypass intended access restrictions and modify this table via the 1 SYS$CRELNM and 2 SYS$DELLNM system services...
CVE-2008-5417
CVE-2008-5417 affects HP DECnet-Plus 8.3 before ECO03 for OpenVMS on the Alpha platform. The vulnerability arises because the OSIT$NAMES logical name table has world-writable permissions, allowing local users to bypass access restrictions and modify the table via the SYS$CRELNM and SYS$DELLNM sys...
DSA-1503-2 kernel-source-2.4.27 - several vulnerabilities
Bulletin has no description...
DSA-1504-1 kernel-image-2.6.8 - several issues
Bulletin has no description...
fib_semantics.c out of bounds access vulnerability
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTAMAX to be used as an array size instead of RTNMAX, which leads to an "out of bound access" by the 1 dnfibprops dnfib.c, DECNet and 2 fibprops fibsemantics.c, IPv4 functions...
Ubuntu 6.06 LTS / 6.10 / 7.04 : linux-source-2.6.15/2.6.17/2.6.20 vulnerabilities (USN-464-1)
Philipp Richter discovered that the AppleTalk protocol handler did not sufficiently verify the length of packets. By sending a crafted AppleTalk packet, a remote attacker could exploit this to crash the kernel. CVE-2007-1357 Gabriel Campana discovered that the doipv6setsockopt function did not...
DSA-1356-1 linux-2.6 - several vulnerabilities
Bulletin has no description...
Array overflow in Linux kernel
DecNET dnfibprops and TCP/IP fibprops functions array index overflow...
CVE-2007-2172
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTAMAX to be used as an array size instead of RTNMAX, which leads to an "out of bound access" by the 1 dnfibprops dnfib.c, DECNet and 2 fibprops fibsemantics.c, IPv4 functions...
CVE-2007-2172
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTAMAX to be used as an array size instead of RTNMAX, which leads to an "out of bound access" by the 1 dnfibprops dnfib.c, DECNet and 2 fibprops fibsemantics.c, IPv4 functions...
CVE-2007-2172
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes RTAMAX to be used as an array size instead of RTNMAX, which leads to an "out of bound access" by the 1 dnfibprops dnfib.c, DECNet and 2 fibprops fibsemantics.c, IPv4 functions...
Code injection
Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain "unintended privileged access to data and system resources" via unspecified vectors, related to 1...
CVE-2007-0139
Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain "unintended privileged access to data and system resources" via unspecified vectors, related to 1...
CVE-2007-0139
The CVE-2007-0139 entry concerns DECnet-Plus 7.3-2 (OpenVMS ALPHA) and DECnet/OSI 7.3 (OpenVMS VAX). A vulnerability permits attackers to obtain unintended privileged access to data and system resources via unspecified vectors affecting components such as CTF$UI.EXE, CTF$MESSAGES.EXE, CTF$HELP.HL...
CVE-2007-0139
Unspecified vulnerability in the DECnet-Plus 7.3-2 feature in DECnet/OSI 7.3-2 for OpenVMS ALPHA, and the DECnet-Plus 7.3 feature in DECnet/OSI 7.3 for OpenVMS VAX, allows attackers to obtain "unintended privileged access to data and system resources" via unspecified vectors, related to 1...