[OpenPKG-SA-2004.019] OpenPKG Security Advisory (kolab)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2004.019 05-May-2004 Package: kolab Vulnerability: information leakage, privilege...

buffer cache invalidation implementation issues

Programming errors in the implementation of the msync2 system call involving the MSINVALIDATE operation lead to cache consistency problems between the virtual memory system and on-disk contents. In some situations, a user with read access to a file may be able to prevent changes to that file from...

Linux Kernel 2.5.x2.6.x - CPUFreq Proc Handler Integer Handling Memory Read

Linux Kernel 2.5.x2.6.x - CPUFreq Proc Handler Integer Handling Memory Read / source: https://www.securityfocus.com/bid/10201/info A local integer handling vulnerability has been announced in the Linux kernel. It is reported that this vulnerability may be exploited by an unprivileged local user t...

FreeBSD-SA-04:07.cvs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:07.cvs Security Advisory The FreeBSD Project Topic: CVS path validation errors Category: contrib Module: contribcvs Announced: 2004-04-15 Revised: 2004-04-16...

CVS path validation errors

Two programming errors were discovered in which path names handled by CVS were not properly validated. In one case, the CVS client accepts absolute path names from the server when determining which files to update. In another case, the CVS server accepts relative path names from the client when...

[waraxe-2004-SA#015 - Multiple vulnerabilities in NukeCalendar v1.1.a]

================================================================================ waraxe-2004-SA015 ================================================================================ Multiple vulnerabilities in NukeCalendar v1.1.a...

Character not allowed in user name

A user has sign up with the user name "m&m". The i tried to modify this user. Because the username is passed as url parameter FooServlet?name=m&m : GET or POST method the servlet container cut the name and try to retreive the username named "m" !!! The only way is to use a database client, change...

Age of Sail II <= 1.04.151 Remote Buffer Overflow Exploit

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h include zlib.h ifdef WIN32 include winsock.h include string.h include errno.h void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case...

Alpha Black Zero <= 1.04 Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ========================================================= Alpha Black Zero include include ifdef WIN32 include include include void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case 10009: err...

Alpha Black Zero &lt;= 1.04 Remote Denial of Service Exploit

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h ifdef WIN32 include winsock.h include string.h include errno.h void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case 10009: error = "Ba...

Chatman 1.5.1 RC1 - Broadcast Crash

/ by Luigi Auriemma / include include include ifdef WIN32 include include include void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case 10009: error = "Bad file number"; break; case 10013: error = "Permission denied"; break; case 10014: error...

Chatman 1.5.1 RC1 - Broadcast Crash

Chatman 1.5.1 RC1 - Broadcast Crash / by Luigi Auriemma / include include include ifdef WIN32 include include include void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case 10009: error = "Bad file number"; break; case 10013: error = "Permissi...

Multiple RED-M RedAlert bugs

Multiple bugs with user authentication...

Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injections

Mambo Open Source 4.0.14 - PollBooth.php Multiple SQL Injections source: https://www.securityfocus.com/bid/9197/info Mambo Open Source is prone to SQL injection attacks. This is due to an input validation error in 'pollBooth.php'. In particular, various user-supplied variables are used in an SQL...

CVE-2003-0695

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using 1 bufferinit in buffer.c, 2 bufferfree in buffer.c, or 3 a separate function in channels.c, a different vulnerability than CVE-2003-0693...

CVE-2003-0695

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using 1 bufferinit in buffer.c, 2 bufferfree in buffer.c, or 3 a separate function in channels.c, a different vulnerability than CVE-2003-0693...

DSA-393 openssl - denial of service

Bulletin has no description...

DSA-388 kdebase - several vulnerabilities

Bulletin has no description...

CVE-2003-0695

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using 1 bufferinit in buffer.c, 2 bufferfree in buffer.c, or 3 a separate function in channels.c, a different vulnerability than CVE-2003-0693...

CVE-2003-0695

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using 1 bufferinit in buffer.c, 2 bufferfree in buffer.c, or 3 a separate function in channels.c, a different vulnerability than CVE-2003-0693...