SUSE-SA:2005:050: kernel

The remote host is missing the patch for the advisory SUSE-SA:2005:050 kernel. The Linux kernel was updated to fix the following security issues: - CVE-2005-2457: A problem in decompression of files on 'zisofs' filesystem was fixed. - CVE-2005-2458: A potential buffer overflow in the zlib...

USN-83-2: LessTif 1 vulnerabilities

USN-83-1 fixed some vulnerabilities in the "lesstif2" library. The older "lesstif1" library was also affected, however, a fix was not yet available at that time. This USN fixes the flaws for lesstif1. Please note that there are no supported applications that use this library, so this only affects...

CVE-2004-2265

UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact...

CVE-2004-2265

UUDeview 0.5.20 and earlier handles temporary files insecurely during decoding, with unknown attack vectors and impact...

CVE-2004-2265

UUDeview 0.5.20 and earlier insecurely handles temporary files during decoding in the UUDeview code path (uulib/uunconc.c), enabling local users to overwrite arbitrary files via a symlink/temporary filename issue, as used in nzbget before 0.3.0 and potentially other products. The vulnerability st...

FreeBSD : xpm -- image decoding vulnerabilities (ef253f8b-0727-11d9-b45d-000c41e2cdad)

Chris Evans discovered several vulnerabilities in the libXpm image decoder : - A stack-based buffer overflow in xpmParseColors - An integer overflow in xpmParseColors - A stack-based buffer overflow in ParsePixels and ParseAndPutPixels The X11R6.8.1 release announcement reads : This version is...

FreeBSD : tcpdump -- infinite loops in protocol decoding (9fae0f1f-df82-11d9-b875-0001020eed82)

Problem Description Several tcpdump protocol decoders contain programming errors which can cause them to go into infinite loops. Impact An attacker can inject specially crafted packets into the network which, when processed by tcpdump, could lead to a denial-of-service. After the attack, tcpdump...

FreeBSD : gdk-pixbuf -- image decoding vulnerabilities (3d1e9267-073f-11d9-b45d-000c41e2cdad)

Chris Evans discovered several flaws in the gdk-pixbuf XPM image decoder : - Heap-based overflow in pixbufcreatefromxpm - Stack-based overflow in xpmextractcolor - Integer overflows in io-ico.c Some of these flaws are believed to be exploitable. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

FreeBSD-SA-05:10.tcpdump

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:10.tcpdump Security Advisory The FreeBSD Project Topic: Infinite loops in tcpdump protocol decoding Category: contrib Module: tcpdump Announced: 2005-06-09...

tcpdump -- infinite loops in protocol decoding

Problem Description Several tcpdump protocol decoders contain programming errors which can cause them to go into infinite loops. Impact An attacker can inject specially crafted packets into the network which, when processed by tcpdump, could lead to a denial-of-service. After the attack, tcpdump...

IPSwitch IMAP Server LOGON Remote Stack Overflow

No description provided by source. / IpSwitch IMAP Server LOGON stack overflow. Software Hole discovered by iDEFENSE POC written by nolimit and BuzzDee First, some information for the few of you that know how this stuff works. The reason you see no SP2 or 2003 offsets is because of Windows SEH...

gxine: Format string vulnerability

Background gxine is a GTK+ and xine-lib based media player. Description Exworm discovered that gxine insecurely implements formatted printing in the hostname decoding function. Impact A remote attacker could entice a user to open a carefully crafted file with gxine, possibly leading to the...

GLSA-200505-06 : TCPDump: Decoding routines Denial of Service vulnerability

The remote host is affected by the vulnerability described in GLSA-200505-06 TCPDump: Decoding routines Denial of Service vulnerability TCPDump improperly handles and decodes ISIS CAN-2005-1278, BGP CAN-2005-1267, CAN-2005-1279, LDP CAN-2005-1279 and RSVP CAN-2005-1280 packets. TCPDump might loop...

TCPDump: Decoding routines Denial of Service vulnerability

Background TCPDump is a tool for network monitoring and data acquisition. Description TCPDump improperly handles and decodes ISIS CAN-2005-1278, BGP CAN-2005-1267, CAN-2005-1279, LDP CAN-2005-1279 and RSVP CAN-2005-1280 packets. TCPDump might loop endlessly after receiving malformed packets. Impa...

Low: Red Hat Security Advisory: sharutils security update

An updated sharutils package is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. The sharutils package contains a set of tools for encoding and decoding packages of files in binary or text format. A stack based overflow bug was found i...

ImageMagick 6.x - '.PNM' Image Decoding Remote Buffer Overflow

source: https://www.securityfocus.com/bid/13351/info A remotely exploitable client-side buffer-overflow vulnerability affects ImageMagick. This issue occurs because the application fails to properly validate the length of user-supplied strings before copying them into static process buffers. An...

USN-92-1: LessTif vulnerabilities

Several vulnerabilities have been found in the XPM image decoding functions of the LessTif library. If an attacker tricked a user into loading a malicious XPM image with an application that uses LessTif, he could exploit this to execute arbitrary code in the context of the user opening the image...

PT-2005-1545 · Curl +1 · Curl +1

Name of the Vulnerable Software and Affected Versions: cURL versions 7.12.1 and possibly other versions Description: The issue arises from multiple stack-based buffer overflows in libcURL and cURL, allowing remote malicious web servers to execute arbitrary code. This occurs when base64 encoded...

CVE-2005-0453

The bufferurldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the source code for CGI and FastCGI scripts via a URL with a %00 null character after the file extension...

GLSA-200501-19 : imlib2: Buffer overflows in image decoding

The remote host is affected by the vulnerability described in GLSA-200501-19 imlib2: Buffer overflows in image decoding Pavel Kankovsky discovered that several buffer overflows found in the libXpm library see GLSA 200409-34 also apply to imlib see GLSA 200412-03 and imlib2. He also fixed a number...