9259 matches found
mod_perl PerlRun denial of service
PerlRun.pm in Apache modperl before 1.30, and RegistryCooker.pm in modperl 2.x, does not properly escape PATHINFO before use in a regular expression, which allows remote attackers to cause a denial of service resource consumption via a crafted URI...
Mambo Component Articles (artid) Blind SQL Injection Exploit
Exploit for unknown platform in category web applications ============================================================ Mambo Component Articles artid Blind SQL Injection Exploit ============================================================ !/usr/bin/perl use LWP::UserAgent; use Getopt::Long;...
Important: Red Hat Security Advisory: perl security update
Updated perl packages that fix a security issue are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration...
Perl: Execution of arbitrary code
Background Perl is a stable, cross platform programming language. Description Tavis Ormandy and Will Drewry of the Google Security Team have reported a double free vulnerability when processing a crafted regular expression containing UTF-8 characters. Impact A remote attacker could possibly explo...
Red Hat目录服务器LDAP查询缓冲区溢出漏洞
BUGTRAQ ID: 29126 CVECAN ID: CVE-2008-1677 Red Hat目录服务器是用于集中管理应用设置、组数据、策略等内容的基于LDAP的服务器。 Red Hat目录服务器使用固定大小的缓冲区储存LDAP搜索中所使用的正则表达式,在将用户提供的LDAP请求中的搜索模式翻译成正则表达式时可能会触发缓冲区溢出,导致slapd守护程序崩溃或执行任意代码。任何可以执行LDAP搜索的用户都可以触发这个溢出,如果ACL允许匿名访问(默认配置)的话也包括匿名用户。 RedHat Directory Server 8.0 RedHat Directory Server 7....
Buffer overflow
Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote attackers to cause a denial of service slapd crash and possibly execute arbitrary code via a crafted LDAP query that triggers the overflow during translation to a regular expression...
CVE-2008-1677
Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote attackers to cause a denial of service slapd crash and possibly execute arbitrary code via a crafted LDAP query that triggers the overflow during translation to a regular expression...
CVE-2008-1677
Buffer overflow in the regular expression handler in Red Hat Directory Server 8.0 and 7.1 before SP6 allows remote attackers to cause a denial of service slapd crash and possibly execute arbitrary code via a crafted LDAP query that triggers the overflow during translation to a regular expression...
perl buffer overflow
Heap memory overflow on regular expression handling...
Double free
Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service memory corruption and crash via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems...
CVE-2008-1927
Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service memory corruption and crash via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems...
CVE-2008-1927
Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service memory corruption and crash via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems...
CVE-2008-1927
Double free vulnerability in Perl 5.8.8 allows context-dependent attackers to cause a denial of service memory corruption and crash via a crafted regular expression containing UTF8 characters. NOTE: this issue might only be present on certain operating systems...
CVE-2008-1026
Integer overflow in the PCRE regular expression compiler JavaScriptCore/pcre/pcrecompile.cpp in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition counts, which triggers a heap-based buffer overflo...
Integer overflow
Integer overflow in the PCRE regular expression compiler JavaScriptCore/pcre/pcrecompile.cpp in Apple WebKit, as used in Safari before 3.1.1, allows remote attackers to execute arbitrary code via a regular expression with large, nested repetition counts, which triggers a heap-based buffer overflo...
Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus
a. Updated pcre Service Console package addresses several security issuesThe pcre package contains the Perl-Compatible Regular Expression library. pcre is used by various Service Console utilities. Several security issues were discovered in the way PCRE handles regular expressions. If an...
VMSA-2008-0007:MEDIUM Updated Service Console packages pcre, net-snmp, and OpenPegasus
VMSA-2008-0007.2 Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0007.2 VMware Security AdvisorySynopsis: Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus VMware Security...
Apple Safari 3.1之前版本多个安全漏洞
BUGTRAQ ID: 28290 CVECAN ID: CVE-2008-1011,CVE-2008-1010,CVE-2008-1009,CVE-2008-1008,CVE-2008-1007,CVE-2008-1006,CVE-2008-1005,CVE-2008-1004,CVE-2008-1003,CVE-2008-1002,CVE-2008-1001,CVE-2008-0050 Safari是苹果家族操作系统默认所捆绑的WEB浏览器。 Safari的3.1版修复了多个安全漏洞,具体如下: CVE-2008-0050 恶意的HTTPS代理服务器可能在502 Bad...
GLSA-200803-24 : PCRE: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200803-24 PCRE: Buffer overflow PCRE contains a buffer overflow vulnerability when processing a character class containing a very large number of characters with codepoints greater than 255. Impact : A remote attacker could exploi...
PCRE: Buffer overflow
Background PCRE is a Perl-compatible regular expression library. GLib includes a copy of PCRE. Description PCRE contains a buffer overflow vulnerability when processing a character class containing a very large number of characters with codepoints greater than 255. Impact A remote attacker could...