Linux Kernel 2.5.x2.6.x - CPUFreq Proc Handler Integer Handling Memory Read

Linux Kernel 2.5.x2.6.x - CPUFreq Proc Handler Integer Handling Memory Read / source: https://www.securityfocus.com/bid/10201/info A local integer handling vulnerability has been announced in the Linux kernel. It is reported that this vulnerability may be exploited by an unprivileged local user t...

FreeBSD-SA-04:07.cvs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:07.cvs Security Advisory The FreeBSD Project Topic: CVS path validation errors Category: contrib Module: contribcvs Announced: 2004-04-15 Revised: 2004-04-16...

CVS path validation errors

Two programming errors were discovered in which path names handled by CVS were not properly validated. In one case, the CVS client accepts absolute path names from the server when determining which files to update. In another case, the CVS server accepts relative path names from the client when...

[waraxe-2004-SA#015 - Multiple vulnerabilities in NukeCalendar v1.1.a]

================================================================================ waraxe-2004-SA015 ================================================================================ Multiple vulnerabilities in NukeCalendar v1.1.a...

Character not allowed in user name

A user has sign up with the user name "m&m". The i tried to modify this user. Because the username is passed as url parameter FooServlet?name=m&m : GET or POST method the servlet container cut the name and try to retreive the username named "m" !!! The only way is to use a database client, change...

Age of Sail II <= 1.04.151 Remote Buffer Overflow Exploit

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h include zlib.h ifdef WIN32 include winsock.h include string.h include errno.h void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case...

Alpha Black Zero <= 1.04 Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ========================================================= Alpha Black Zero include include ifdef WIN32 include include include void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case 10009: err...

Alpha Black Zero &lt;= 1.04 Remote Denial of Service Exploit

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h ifdef WIN32 include winsock.h include string.h include errno.h void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case 10009: error = "Ba...

Chatman 1.5.1 RC1 - Broadcast Crash

/ by Luigi Auriemma / include include include ifdef WIN32 include include include void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case 10009: error = "Bad file number"; break; case 10013: error = "Permission denied"; break; case 10014: error...

Chatman 1.5.1 RC1 - Broadcast Crash

Chatman 1.5.1 RC1 - Broadcast Crash / by Luigi Auriemma / include include include ifdef WIN32 include include include void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case 10009: error = "Bad file number"; break; case 10013: error = "Permissi...

Multiple RED-M RedAlert bugs

Multiple bugs with user authentication...

Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injections

Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injections source: https://www.securityfocus.com/bid/9197/info Mambo Open Source is prone to SQL injection attacks. This is due to an input validation error in 'pollBooth.php'. In particular, various user-supplied variables are used in an SQL...

CVE-2003-0695

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using 1 bufferinit in buffer.c, 2 bufferfree in buffer.c, or 3 a separate function in channels.c, a different vulnerability than CVE-2003-0693...

CVE-2003-0695

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using 1 bufferinit in buffer.c, 2 bufferfree in buffer.c, or 3 a separate function in channels.c, a different vulnerability than CVE-2003-0693...

DSA-393 openssl - denial of service

Bulletin has no description...

DSA-388 kdebase - several vulnerabilities

Bulletin has no description...

CVE-2003-0695

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using 1 bufferinit in buffer.c, 2 bufferfree in buffer.c, or 3 a separate function in channels.c, a different vulnerability than CVE-2003-0693...

CVE-2003-0695

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using 1 bufferinit in buffer.c, 2 bufferfree in buffer.c, or 3 a separate function in channels.c, a different vulnerability than CVE-2003-0693...

OpenSSH updated again

Upgraded OpenSSH 3.7.1p1 packages are available for Slackware 8.1, 9.0 and -current. These fix additional buffer management errors that were not corrected in the recent 3.7p1 release. The possibility exists that these errors could allow a remote exploit, so we recommend all sites running OpenSSH...

OpenSSH contains buffer management errors

Overview Versions of the OpenSSH server prior to 3.7.1 contain buffer management errors. While the full impact of these vulnerabilities are unclear, they may lead to memory corruption and a denial-of-service situation. Description Versions of OpenSSH prior to 3.7.1 contain errors in the general...