[vuln.sg] yEnc32 Decoder Long Filename Buffer Overflow Vulnerability

yEnc32 Decoder Long Filename Buffer Overflow Vulnerability by Tan Chew Keong Release Date: 2007-05-12 Ruffled Feathers en jp Summary A vulnerability has been found in yEnc32. When exploited, the vulnerability allows execution of arbitrary code when the user decodes a specially crafted yEnc encode...

Debian DSA-1284-1 : qemu - several vulnerabilities

Several vulnerabilities have been discovered in the QEMU processor emulator, which may lead to the execution of arbitrary code or denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1320 Tavis Ormandy discovered that a memory manageme...

USN-446-1: NAS vulnerabilities

Luigi Auriemma discovered multiple flaws in the Network Audio System server. Remote attackers could send specially crafted network requests that could lead to a denial of service or execution of arbitrary code. Note that default Ubuntu installs do not include the NAS server...

Secunia Research: InterActual Player / CinePlayer IASystemInfo.dll ActiveX Control Buffer Overflow

====================================================================== Secunia Research 21/03/2007 - InterActual Player / CinePlayer - - IASystemInfo.dll ActiveX Control Buffer Overflow - ====================================================================== Table of Contents Affected...

Debian DSA-1233-1 : kernel-source-2.6.8 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-3741 Stephane Eranian discovered a local DoS...

Debian DSA-1222-2 : proftpd - several vulnerabilities

Due to technical problems yesterday's proftpd update lacked a build for the amd64 architecture, which is now available. For reference please find below the original advisory text : Several remote vulnerabilities have been discovered in the proftpd FTP daemon, which may lead to the execution of...

Debian DSA-1224-1 : mozilla - several vulnerabilities

Several security related problems have been discovered in Mozilla and derived products. The Common Vulnerabilities and Exposures project identifies the following vulnerabilities : - CVE-2006-4310 Tomas Kempinsky discovered that malformed FTP server responses could lead to denial of service. -...

Debian DSA-1221-1 : libgsf - buffer overflow

'infamous41md' discovered a heap buffer overflow vulnerability in libgsf, a GNOME library for reading and writing structured file formats, which could lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...

HP-UX PHSS_35462 : s700_800 11.04 Virtualvault 4.6 OWS update

s700800 11.04 Virtualvault 4.6 OWS update : The remote HP-UX host is affected by multiple vulnerabilities : - Two potential security vulnerabilities have been reported in HP-UX VirtualVault Apache HTTP server versions prior to Apache 1.3.37 that may allow a Denial of Service DoS attack and...

[SECURITY] [DSA 1202-1] New screen packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1202-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff October 31st, 2006 http://www.debian.org/security/faq -...

Opera < 9.02 Multiple Vulnerabilities

The version of Opera installed on the remote host reportedly contains a heap-based buffer overflow vulnerability that can be triggered by a long link. Successful exploitation of this issue may result in a crash of the application or even allow for execution of arbitrary code subject to the user's...

Debian DSA-1017-1 : kernel-source-2.6.8 - several vulnerabilities

Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2004-1017 Multiple overflows exist in the ioedgepor...

Debian DSA-1024-1 : clamav - several vulnerabilities

Several remote vulnerabilities have been discovered in the ClamAV anti-virus toolkit, which may lead to denial of service and potentially to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-1614 Damian Put discovered ...

[SECURITY] [DSA 1159-1] New Mozilla Thunderbird packages fix several problems

-------------------------------------------------------------------------- Debian Security Advisory DSA 1159-1 [email protected] http://www.debian.org/security/ Martin Schulze August 28th, 2006 http://www.debian.org/security/faq -...

GLSA-200608-01 : Apache: Off-by-one flaw in mod_rewrite

The remote host is affected by the vulnerability described in GLSA-200608-01 Apache: Off-by-one flaw in modrewrite An off-by-one flaw has been found in Apache's modrewrite module by Mark Dowd of McAfee Avert Labs. This flaw is exploitable depending on the types of rewrite rules being used. Impact...

CVE-2006-2852

PHP remote file inclusion vulnerability in dotWidget CMS 1.0.6 and earlier, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the filepath parameter in 1 index.php, 2 feedback.php, and 3 printfriendly.php...

gnupg -- user id integer overflow vulnerability

If GnuPG processes a userid with a very long packet length, GnuPG can crash due to insufficient bounds check. This can result in a denial-of-service condition or potentially execution of arbitrary code with the privileges of the user running GnuPG...

linux-realplayer -- buffer overrun

Secunia Advisories Reports: A boundary error when processing SWF files can be exploited to cause a buffer overflow. This may allow execution of arbitrary code on the user's system...

[SECURITY] [DSA 948-1] New kdelibs packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 948-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff January 20th, 2005 http://www.debian.org/security/faq -...

uw-imap: Remote buffer overflow

Background uw-imap is the University of Washington's IMAP and POP server daemons. Description Improper bounds checking of user supplied data while parsing IMAP mailbox names can lead to overflowing the stack buffer. Impact Successful exploitation requires an authenticated IMAP user to request a...