DSA-1697-1 iceape - several vulnerabilities

Bulletin has no description...

Linux/x86 - shift-bit execve() Encoder Shellcode (114 bytes)

Linux/x86 - shift-bit execve Encoder Shellcode 114 bytes. Shellcode exploit for Linuxx86 platform ;author: Shihao [email protected] ;decoding will be divided into two parts ;First, shift right to get the original shellcode with prefix "0xAA" ;Second, delete all the "0xAA" prefix and reformat...

RHEL 3 : cups (RHSA-2008:1028)

Updated cups packages that fix a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIXr Printing System CUPS provides a portable printing layer for UNIX operating system...

cups security update

CentOS Errata and Security Advisory CESA-2008:1028 Updated cups packages that fix a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIX® Printing System CUPS provides ...

GLSA-200812-04 : lighttpd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200812-04 lighttpd: Multiple vulnerabilities Multiple vulnerabilities have been reported in lighttpd: Qhy reported a memory leak in the httprequestparse function in request.c CVE-2008-4298. Gaetan Bisson reported that URIs are not...

OpenLDAP ber_get_next BER Decoding Denial of Service

A denial of service vulnerability exists in OpenLDAP. OpenLDAP is an open-source implementation of the Lightweight Directory Access Protocol LDAP service. LDAP messages are defined using Abstract Syntax Notation One ASN.1. OpenLDAP fails to properly handle crafted ASN.1 packets, allowing remote...

kernel: nfsd: fix buffer overrun decoding NFSv4 acl

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl...

Code injection

lighttpd before 1.4.20 compares URIs to patterns in the 1 url.redirect and 2 url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data...

CVE-2008-4359

CVE-2008-4359 affects lighttpd before 1.4.20. The vulnerability arises because URIs are compared against url.redirect/url.rewrite patterns prior to URL decoding, potentially bypassing access restrictions and allowing leakage of information or data modification. IBM’s IMM advisory confirms this CV...

lighttpd < 1.4.20 Multiple Vulnerabilities

According to its banner, the version of lighttpd running on the remote host is prior to 1.4.20. It is, therefore, affected by multiple vulnerabilities : - A denial of service vulnerability exists in the connectionstatemachine function that is triggered when disconnecting before a download has...

Gentoo Security Advisory GLSA 200411-08 (GD)

The remote host is missing updates announced in advisory GLSA 200411-08. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200603-03 (MPlayer)

The remote host is missing updates announced in advisory GLSA 200603-03. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Analysis of the storm database vulnerability principle and the law-vulnerability and early warning-the black bar safety net

I see the storm library vulnerability principle and the law SQL injectionpopular for a long time, we're looking for vulnerability injection purpose is nothing but want to get the database stuff, such as username, password, etc., further the MSSQL database you can also take this to get permission...

Buffer overflow

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl...

CVE-2008-3915

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl...

[SECURITY] Fedora 8 Update: xine-lib-1.1.15-1.fc8

This package contains the Xine library. Xine is a free multimedia player. It can play back various media. It also decodes multimedia files from local disk drives, and displays multimedia streamed over the Internet. It interprets many of the most common multimedia formats available - and some of t...

libtiff memory corruption

Memory corruption on LZW decoding...

FreeBSD Ports: squid

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: phpbb

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: ripmime

The remote host is missing an update to the system as announced in the referenced advisory. VID 85e19dff-e606-11d8-9b0a-000347a4fa7d OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...