CVE-2007-1665

CVE-2007-1665 concerns ekg (Eksperymentalny Klient Gadu-Gadu) prior to the Debian Etch package 1:1.7~rc2-1etch1, where a memory leak in the token OCR functionality can be exploited remotely to cause a denial of service. The issue is documented across multiple feeds (including Debian security advi...

CVE-2007-1665

Memory leak in the token OCR functionality in ekg before 1:1.7rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service...

CVE-2007-1664

ekg before 1:1.7rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service NULL pointer dereference via a vector related to the token OCR functionality...

CVE-2007-1663

Memory leak in the image message functionality in ekg before 1:1.7rc2-1etch1 on Debian GNU/Linux Etch allows remote attackers to cause a denial of service...

CVE-2007-1664

Removed by vendor...

CVE-2007-1665

Removed by vendor...

MIT Kerberos kadmind principal renaming stack buffer overflow

Overview The MIT Kerberos administration daemon kadmind contains a stack buffer overflow that may allow a remote, authenticated attacker to execute arbitrary code or cause a denial of service. Description A vulnerability exists in the way the principal renaming operation used by the Kerberos...

[SECURITY] [DSA 1321-1] New evolution-data-server packages fix arbitrary code execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1321-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff June 23rd, 2007 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1317-1] New tinymux packages fix buffer overflow

------------------------------------------------------------------------ Debian Security Advisory DSA 1317-1 [email protected] http://www.debian.org/security/ Steve Kemp June 23, 2007 - ------------------------------------------------------------------------ Package : tinymux Vulnerability :...

[Full-disclosure] [SECURITY] [DSA 1298-1] New otrs2 packages fix cross-site scripting

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 1298-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 28th, 2007 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1297-1] New gforge-plugin-scmcvs packages fix arbitrary shell command execution

-------------------------------------------------------------------------- Debian Security Advisory DSA 1297-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff May 24th, 2007 http://www.debian.org/security/faq -...

[SECURITY] [DSA 1293-1] New quagga packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 1293-1 [email protected] http://www.debian.org/security/ Martin Schulze May 17th, 2007 http://www.debian.org/security/faq -...

Debian DSA-1291-1 : samba - several vulnerabilities

Several issues have been identified in Samba, the SMB/CIFS file- and print-server implementation for GNU/Linux. - CVE-2007-2444 When translating SIDs to/from names using Samba local list of user and group accounts, a logic error in the smbd daemon's internal security stack may result in a...

libpng denial of service vulnerability

Overview The libpng library contains a denial-of-service vulnerability. Description The libpng library can be used to allow other applications to render PNG images.The libpng library contains a denial-of-service vulnerability. From the Libpng-1.2.16-ADVISORY: This vulnerability could be used to...

Samba NDR MS-RPC heap buffer overflow

Overview Samba fails to properly handle malformed MS-RPC packets. Exploitation of this vulnerability could allow a remote attacker to execute arbitrary code. Description Samba is a widely used open-source implementation of Server Message Block SMB/Common Internet File System CIFS. Network Data...

CVE-2006-7098

The Debian GNU/Linux 033-FNOSETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl...

CVE-2006-7098

The CVE-2006-7098 entry concerns the Debian patch for Apache HTTP Server 1.3.34-4 (033_-F_NO_SETSID) that fails to fully disassociate httpd from a controlling tty when started interactively. This allows a local attacker to elevate privileges to the tty via a CGI program invoking the TIOCSTI ioctl...

[SECURITY] [DSA 1261-1] New PostgreSQL packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 1261-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff February 15th, 2007 http://www.debian.org/security/faq -...

GLSA-200701-17 : libgtop: Privilege escalation

The remote host is affected by the vulnerability described in GLSA-200701-17 libgtop: Privilege escalation Liu Qishuai discovered that glibtopgetprocmaps in sysdeps/linux/procmap.c does not properly allocate memory for storing a filename, allowing certain filenames to cause the buffer to overflow...

GNU/Linux mbse-bbs <= 0.70.0 Local Buffer Overflow Exploit

No description provided by source. / GNU/Linux mbse-bbs 0.70.0 & below stack overflow exploit ======================================================== Multiple overflow conditions occur within mbse-bbs versions 0.70.0 & below...