Samba < 3.0.35 / 3.2.13 / 3.3.6 Multiple Vulnerabilities

According to its version number, the version of Samba running on the remote host has a security bypass vulnerability. Access restrictions can be bypassed due to a read of uninitialized data in smbd. This could allow a user to modify an access control list ACL, even when they should be denied...

RedHat Security Advisory RHSA-2009:1100

The remote host is missing updates announced in advisory RHSA-2009:1100. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump...

RedHat Security Advisory RHSA-2009:1100

The remote host is missing updates announced in advisory RHSA-2009:1100. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump...

CentOS 3 / 5 : wireshark (CESA-2009:1100)

Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Wireshark was...

wireshark security update

CentOS Errata and Security Advisory CESA-2009:1100 Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program fo...

RHEL 4 / 5 : wireshark (RHSA-2009:1100)

The remote Redhat Enterprise Linux 4 / 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2009:1100 advisory. Wireshark is a program for monitoring network traffic. Wireshark was previously known as Ethereal. A format string flaw was found in...

Moderate: Red Hat Security Advisory: wireshark security update

Updated wireshark packages that fix several security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Wireshark is a program for monitoring network traffic. Wireshark was...

wireshark: format string in PROFINET dissector

Format string vulnerability in the PROFINET/DCP PN-DCP dissector in Wireshark 1.0.6 and earlier allows remote attackers to execute arbitrary code via a PN-DCP packet with format string specifiers in the station name. NOTE: some of these details are obtained from third party information...

MySQL 5.0.75 - sql_parse.cc Multiple Format String Vulnerabilities

MySQL 5.0.75 - sqlparse.cc Multiple Format String Vulnerabilities // source: https://www.securityfocus.com/bid/35609/info MySQL is prone to multiple format-string vulnerabilities. Attackers can leverage these issues to execute arbitrary code within the context of the vulnerable application. Faile...

MySQL 5.0.75 - &#039;sql_parse.cc&#039; Multiple Format String Vulnerabilities

// source: https://www.securityfocus.com/bid/35609/info MySQL is prone to multiple format-string vulnerabilities. Attackers can leverage these issues to execute arbitrary code within the context of the vulnerable application. Failed attacks will likely cause denial-of-service conditions. MySQL...

SonicWALL SSL-VPN登录页面远程格式串漏洞

BUGTRAQ ID: 35145 SonicWALL SSL-VPN可以为企业网络提供简单易用的VPN解决方案。 SonicWALL SSL-VPN的登录页面中存在格式串错误。如果远程攻击者向登录页面的cgi-bin/welcome/VirtualOffice组件提交了带有err参数格式串标识符的特制字符串，就可能在生成的出错消息中注入并执行任意代码。 SonicWALL SSL-VPN 2000/4000 3.5.0.4 SonicWALL SSL-VPN 200 3.0.0.8 厂商补丁： SonicWALL ---------...

SonicWALL SSL-VPN Appliance Format String Vulnerability

aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 29-May-2009 Software: SonicWALL - SSL-VPN Remote Access http://www.sonicwall.com/ Description: "SonicWALL SSL VPN appliances provide small and mid-size organizations an easy-to-use, secure and...

SonicWALL Format String Vulnerability

aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 29-May-2009 Software: SonicWALL - SSL-VPN Remote Access http://www.sonicwall.com/ Description: "SonicWALL SSL VPN appliances provide small and mid-size organizations an easy-to-use, secure and...

SonicWALL SSL-VPN - cgi-binwelcomeVirtualOffice Remote Format String

SonicWALL SSL-VPN - cgi-binwelcomeVirtualOffice Remote Format String source: https://www.securityfocus.com/bid/35145/info Multiple SonicWALL SSL-VPN devices are prone to a remote format-string vulnerability because they fail to properly sanitize user-supplied input before passing it as the format...

SonicWALL SSL-VPN - &#039;cgi-bin/welcome/VirtualOffice&#039; Remote Format String

source: https://www.securityfocus.com/bid/35145/info Multiple SonicWALL SSL-VPN devices are prone to a remote format-string vulnerability because they fail to properly sanitize user-supplied input before passing it as the format specifier to a formatted-printing function. Attackers may exploit th...

SonicOS Format String

SEC Consult Security Advisory ========================================================================== title: SonicOS Format String Vulnerability program: SonicWALL Global VPN Client vulnerable version: PRO 4100 SonicOS 4.0.0.2-51e Standard and Enhanced possibly other versions homepage:...

SEC Consult SA-20090525-4 :: SonicOS Format String Vulnerability

SEC Consult Security Advisory 20090525-4 ========================================================================== title: SonicOS Format String Vulnerability program: SonicWALL Global VPN Client vulnerable version: PRO 4100 SonicOS 4.0.0.2-51e Standard and Enhanced possibly other versions...

SonicWALL Global VPN Client < 4.0.0.830 Format String Vulnerabilities

The version of the SonicWALL Global VPN Client software installed on the remote Windows host fails to sanitize the 'name' attribute of the 'Connection' tag and the content of the 'Hostname' tag in the configuration file of format strings. If an attacker can trick a user on the affected host into...

SonicWALL Global VPN Client 4.0 - Log File Remote Format String

SonicWALL Global VPN Client 4.0 - Log File Remote Format String source: https://www.securityfocus.com/bid/35093/info SonicWALL Global VPN Client is prone to a remote format-string vulnerability because it fails to properly sanitize user-supplied input before passing it as the format specifier to ...

FreeBSD : imap-uw -- University of Washington IMAP c-client Remote Format String Vulnerability (5ed2f96b-33b7-4863-8c6b-540d22344424)

SecurityFocus reports : University of Washington IMAP c-client is prone to a remote format-string vulnerability because the software fails to adequately sanitize user-supplied input before passing it as the format-specifier to a formatted-printing function. %NASLMINLEVEL 70300 C Tenable Network...