DBD::Pg 'pg_getline()'和'getline()'堆缓冲区溢出漏洞

BUGTRAQ ID: 34755 CVE ID：CVE-2009-0663 DBD::Pg是一款用于PostgreSQL数据库访问的DBI驱动模块。 DBD::Pg存在基于堆的缓冲区溢出，远程攻击者可以利用漏洞执行任意代码。 使用pggetline和getline函数可从数据库中读取行信息的应用程序可通过触发堆溢出而执行任意代码。 Debian Linux 4.0 sparc Debian Linux 4.0 s/390 Debian Linux 4.0 powerpc Debian Linux 4.0 mipsel Debian Linux 4.0 mips Debian Linux...

[SECURITY] [DSA 1773-1] New cups packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1773-1 [email protected] http://www.debian.org/security/ Steffen Joeris April 17, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1768-1] New openafs packages potential code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1768-1 [email protected] http://www.debian.org/security/ Florian Weimer April 10, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1767-1] New multipath-tools packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-1767-1 [email protected] http://www.debian.org/security/ Nico Golde April 9th, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1767-1] New multipath-tools packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA-1767-1 [email protected] http://www.debian.org/security/ Nico Golde April 9th, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1766-1] New krb5 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA-1766-1 [email protected] http://www.debian.org/security/ Nico Golde April 9th, 2009 http://www.debian.org/security/faq -...

Mandriva Update for kernel MDVSA-2008:224 (kernel)

Check for the Version of kernel OpenVAS Vulnerability Test Mandriva Update for kernel MDVSA-2008:224 kernel Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

[SECURITY] [DSA 1757-1] New auth2db packages fix SQL injection

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1757-1 [email protected] http://www.debian.org/security/ Steffen Joeris March 30, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1758-1] New nss-ldapd packages fix information disclosure

------------------------------------------------------------------------ Debian Security Advisory DSA-1758-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 30, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1748-1] New libsoup packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1748-1 [email protected] http://www.debian.org/security/ Steffen Joeris March 20, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1747-1] New glib2.0 packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1747-1 [email protected] http://www.debian.org/security/ Steffen Joeris March 20, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1745-1] New lcms packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1745-1 [email protected] http://www.debian.org/security/ Steffen Joeris March 20, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1743-1] New libtk-img packages fix arbitrary code execution

------------------------------------------------------------------------ Debian Security Advisory DSA-1743-1 [email protected] http://www.debian.org/security/ Steffen Joeris March 17, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1740-1] New yaws packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1740-1 [email protected] http://www.debian.org/security/ Steffen Joeris March 14, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1742-1] New libsnd packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA-1742-1 [email protected] http://www.debian.org/security/ Nico Golde March 16th, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1741-1] New psi packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1741-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff March 14, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1740-1] New yaws packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1740-1 [email protected] http://www.debian.org/security/ Steffen Joeris March 14, 2009 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1739-1] New mldonkey packages fix information disclosure

------------------------------------------------------------------------ Debian Security Advisory DSA-1739-1 [email protected] http://www.debian.org/security/ Florian Weimer March 13, 2009 http://www.debian.org/security/faq -...

JDKChat 1.5 Integer Overflow

!/usr/bin/perl Title: JDKChat v1.5 Remote Integer Overflow PoC Summary: JDKChat is a simple C++ chat server for GNU/Linux systems. Users can connect to it through a simple tcp client like telnet. WebSite : http://www.jdkoftinoff.com/ ---------------------------- Demo...

JDKChat 1.5 - Remote Integer Overflow (PoC)

!/usr/bin/perl Title: JDKChat v1.5 Remote Integer Overflow PoC Summary: JDKChat is a simple C++ chat server for GNU/Linux systems. Users can connect to it through a simple tcp client like telnet. WebSite : http://www.jdkoftinoff.com/ ---------------------------- Demo...