1915 matches found
CVE-2004-0911
telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service free of an invalid pointer, a different vulnerability than CVE-2001-0554...
[SECURITY] [DSA 568-1] New cyrus-sasl-mit packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 568-1 [email protected] http://www.debian.org/security/ Martin Schulze October 16th, 2004 http://www.debian.org/security/faq -...
Debian DSA-066-1 : cfingerd - remote exploit
Steven van Acker reported on bugtraq that the version of cfingerd a configurable finger daemon as distributed in Debian GNU/Linux 2.2 suffers from two problems : - The code that reads configuration files files in which $ commands are expanded copied its input to a buffer without checking for a...
Debian DSA-081-1 : w3m - Buffer Overflow
In SNS Advisory No. 32 a buffer overflow vulnerability has been reported in the routine which parses MIME headers that are returned from web servers. A malicious web server administrator could exploit this and let the client web browser execute arbitrary code. w3m handles MIME headers included in...
Debian DSA-057-1 : gftp - printf format attack
The gftp package as distributed with Debian GNU/Linux 2.2 has a problem in its logging code: it logged data received from the network but it did not protect itself from printf format attacks. An attacker can use this by making an FTP server return special responses that exploit this. %NASLMINLEVE...
Debian DSA-044-1 : mailx
The mail program a simple tool to read and send email as distributed with Debian GNU/Linux 2.2 has a buffer overflow in the input parsing code. Since mail is installed setgid mail by default this allowed local users to use it to gain access to mail group. Since the mail code was never written to ...
Debian DSA-262-1 : samba - remote exploit
Sebastian Krahmer of the SuSE security audit team found two problems in samba, a popular SMB/CIFS implementation. The problems are : - a buffer overflow in the SMB/CIFS packet fragment re-assembly code used by smbd. Since smbd runs as root an attacker can use this to gain root access to a machine...
CVE-2004-0911
telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service free of an invalid pointer, a different vulnerability than CVE-2001-0554...
CVE-2004-0911
telnetd for netkit 0.17 and earlier, and possibly other versions, on Debian GNU/Linux allows remote attackers to cause a denial of service free of an invalid pointer, a different vulnerability than CVE-2001-0554...
CVE-2004-0911
CVE-2004-0911 pertains to the netkit-telnet/ telnetd remote denial of service via an invalid free (CAN-2004-0911). Multiple feeds document a bug in the telnetd server used with netkit-telnet (notably in Debian/woody and related releases) where remote attackers could crash the telnetd process or p...
Debian bsdmainutils 6.0.14 - Calendar Information Disclosure
Debian bsdmainutils 6.0.14 - Calendar Information Disclosure // source: https://www.securityfocus.com/bid/11077/info The calendar utility contained in the bsdmainutils package on Debian GNU/Linux systems is reported susceptible to an information disclosure vulnerability. This is due to a lack of...
Debian bsdmainutils 6.0.14 - Calendar Information Disclosure
// source: https://www.securityfocus.com/bid/11077/info The calendar utility contained in the bsdmainutils package on Debian GNU/Linux systems is reported susceptible to an information disclosure vulnerability. This is due to a lack of proper file authorization checks by the application. The...
[SECURITY] [DSA 533-1] New courier packages fix cross-site scripting vulnerability
-------------------------------------------------------------------------- Debian Security Advisory DSA 533-1 [email protected] http://www.debian.org/security/ Matt Zimmerman July 22nd, 2004 http://www.debian.org/security/faq -...
allegrodos.txt
The description made it easy to create this one. Needed this to confirm if some 2.10-branded products were in fact patched and warranted replacing. Considering there was four years of warning and there are still tons of boxes with this problem, please, people, get your systems pen-tested...
[SECURITY] [DSA 504-1] New heimdal packages fix potential buffer overflow
-------------------------------------------------------------------------- Debian Security Advisory DSA 504-1 [email protected] http://www.debian.org/security/ Martin Schulze May 18th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 501-1] New exim packages fix buffer overflows
-------------------------------------------------------------------------- Debian Security Advisory DSA 501-1 [email protected] http://www.debian.org/security/ Martin Schulze May 7th, 2004 http://www.debian.org/security/faq -...
[SECURITY] [DSA 497-1] New mc packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 497-1 [email protected] http://www.debian.org/security/ Martin Schulze April 29th, 2004 http://www.debian.org/security/faq -...
DSA-475 linux-kernel-2.4.18-hppa - several vulnerabilities
Bulletin has no description...
[SECURITY] [DSA 470-1] New Linux 2.4.17 packages fix several local root exploits (hppa)
-------------------------------------------------------------------------- Debian Security Advisory DSA 470-1 [email protected] http://www.debian.org/security/ Martin Schulze April 1st, 2004 http://www.debian.org/security/faq -...
DSA-470 linux-kernel-2.4.17-hppa - several vulnerabilities
Bulletin has no description...