8515 matches found
[Backports-security-announce] Security Update for lintian
Raphael Geissert uploaded new packages for lintian which fixed the following security problems: CVE-2009-4013: missing control files sanitation Control field names and values were not sanitised before using them in certain operations that could lead to directory traversals. Patch systems control...
[SECURITY] [DSA-1979-1] New lintian packages fix multiple vulnerabilities
------------------------------------------------------------------------ Debian Security Advisory DSA-1979-1 [email protected] http://www.debian.org/security/ Raphael Geissert January 27, 2009 http://www.debian.org/security/faq -...
DSA-1979-1 lintian - multiple vulnerabilities
Bulletin has no description...
CVE-2010-0388
Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaratio...
CVE-2010-0388
Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service daemon crash and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaratio...
CVE-2010-0388
CVE-2010-0388 affects Sun Java System Web Server 7.0 Update 6 WebDAV/WEB service (webservd). The issue is a format string vulnerability in the XML declaration encoding attribute in PROPFIND requests within WebDAV, allowing remote attackers to trigger a daemon crash (DoS) and potentially other imp...
Sun Java System Web Server 6.17.0 - WebDAV Format String
Sun Java System Web Server 6.17.0 - WebDAV Format String source: https://www.securityfocus.com/bid/37910/info Sun Java System Web Server is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input. The issue affects the WebDAV functionality. Currently very...
Sun Java System Web Server 6.1/7.0 - WebDAV Format String
source: https://www.securityfocus.com/bid/37910/info Sun Java System Web Server is prone to a format-string vulnerability because it fails to properly sanitize user-supplied input. The issue affects the WebDAV functionality. Currently very few technical details are available. We will update this...
Gentoo Security Advisory GLSA 201001-06 (aria2)
The remote host is missing updates announced in advisory GLSA 201001-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 201001-06 (aria2)
The remote host is missing updates announced in advisory GLSA 201001-06. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR GPL-3.0-only...
WS_FTP Pro HTTP Server Response Format String
The remote Windows host contains a version of Ipswitch's WSFTP Professional that is earlier than 12.2. Such versions are prone to a format-string vulnerability because they fail to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. If...
Metamail Format String And Buffer Overflow (CVE-2004-0104)
Metamail is a system for handling multimedia mail, using the mailcapfile. Metamail reads the mailcap file, which tells Metamail what helper program to call in order to handle a particular type of non-text mail. There exist multiple vulnerabilities in MetaMail that may provide for arbitrary code...
aria2: Multiple vulnerabilities
Background aria2 is a download utility with resuming and segmented downloading with HTTP/HTTPS/FTP/BitTorrent support. Description Tatsuhiro Tsujikawa reported a buffer overflow in DHTRoutingTableDeserializer.cc CVE-2009-3575 and a format string vulnerability in the AbstractCommand::onAbort...
CentOS 5 : kernel (CESA-2008:0957)
Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 12th November 2008 The original packages distributed wi...
CentOS 5 : vim (CESA-2008:0580)
Updated vim packages that fix security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Vim Visual editor IMproved is an updated and improved version of the vi editor. Several input...
HTTPDX tolog() Function Format String Vulnerability
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HTTPDX tolog...
HTTPDX tolog() Function Format String Vulnerability
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'HTTPDX tolog...
Wu-ftpd SITE EXEC/INDEX Format String Vulnerability
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'wu-ftpd SITE...
apache mod-tcl 1.0 格式化字符串漏洞
No description provided by source...
Cyrus IMAPD pop3d popsubfolders USER Buffer Overflow
This exploit takes advantage of a stack based overflow. Once the stack corruption has occurred it is possible to overwrite a pointer which is later used for a memcpy. This gives us a write anything anywhere condition similar to a format string vulnerability. NOTE: The popsubfolders option is a...