CVE-2012-2134

The handleconnectionerror function in ldaphelper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service infinite loop and named server hang via a non-alphabet character in the base DN in an LDAP search DNS query...

Design/Logic Flaw

The handleconnectionerror function in ldaphelper.c in bind-dyndb-ldap before 1.1.0rc1 does not properly handle LDAP query errors, which allows remote attackers to cause a denial of service infinite loop and named server hang via a non-alphabet character in the base DN in an LDAP search DNS query...

CVE-2012-2134

Removed by vendor...

Google Chrome Multiple Vulnerabilities-02 (Feb 2014) - Linux

Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...

[Lynis 1.4.2] Security and System Auditing Tool to Harden Linux Systems

Lynis is an auditing tool for Unix/Linux. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also scan for general system information,...

Google Chrome < 33.0.1750.117 Multiple Vulnerabilities

The version of Google Chrome installed on the remote host is a version prior to 33.0.1750.117. It is, therefore, affected by the following vulnerabilities : - An error exists related to relative path in Windows sandbox named pipe policy. CVE-2013-6652 - Use-after-free errors exist related to...

Google Chrome < 33.0.1750.117 Multiple Vulnerabilities (Mac OS X)

The version of Google Chrome installed on the remote Mac OS X host is a version prior to 33.0.1750.117. It is, therefore, affected by the following vulnerabilities : - Use-after-free errors exist related to handling web components and layout. CVE-2013-6653, CVE-2013-6655, CVE-2013-6658 - A castin...

CVE-2013-7328

CVE-2013-7328 affects PHP 5.5.x before 5.5.9 due to multiple integer signedness errors in the gdImageCrop function (ext/gd/gd.c). A remote attacker can trigger a denial of service (application crash) or information disclosure by calling imagecrop with a negative x or y dimension. The issue is tie...

CVE-2013-7328

Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service application crash or obtain sensitive information via an imagecrop function call with a negative value for the 1 x or 2 y dimension, a...

[BSA-092] Security Update for pidgin

intrigeri uploaded new packages for pidgin which fixed the following security problems: CVE-2013-6477 Jaime Breva Ribes discovered that a remote XMPP user can trigger a crash by sending a message with a timestamp in the distant future. CVE-2013-6478 Pidgin could be crashed through overly wide...

PHP 5.5.x < 5.5.9 GD Extension Multiple Vulnerabilities

Binary data 8125.prm...

Debian Security Advisory DSA 2858-1 (iceweasel - several vulnerabilities)

Multiple security issues have been found in Iceweasel, Debian's version of the Mozilla Firefox web browser: Multiple memory safety errors, use-after-frees, too-verbose error messages and missing permission checks may lead to the execution of arbitrary code, the bypass of security checks or...

DSA-2858-1 iceweasel - several

Bulletin has no description...

CVE-2013-6477

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...

CVE-2013-6477

Pidgin/libpurple prior to version 2.10.8 is vulnerable to a denial of service via a crafted timestamp in an XMPP message, caused by multiple integer signedness errors in the codepath handling XMPP timestamps. The issue is explicitly identified as CVE-2013-6477. Connected advisories show that the ...

CVE-2013-6477

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...

CVE-2013-6477

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...

pidgin: DoS when handling timestamps in the XMPP plugin

Multiple integer signedness errors in libpurple in Pidgin before 2.10.8 allow remote attackers to cause a denial of service application crash via a crafted timestamp value in an XMPP message...

Poor Patching, Passwords Plague Government Computers

A damning report on the security of government computers paints an unflattering picture of lax or non-existent patching efforts, poor password policies, configuration errors and a general lack of confidence that exposes critical services and systems to attack. The report, “The Federal Government’...

[Lynis 1.4.0] Security and System Auditing Tool to Harden Linux Systems

Lynis is an auditing tool for Unix/Linux. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also scan for general system information,...