Immunix OS 6.2/7.0,Redhat 5.2/6.2/7.0,S.u.S.E 6.x/7.0/7.1 Man -S Heap Overflow

No description provided by source. source: http://www.securityfocus.com/bid/2711/info A heap overflow vulnerability exists in the 'man' system manual pager program. The vulnerability exists due to a length check error when the -S option is given. As a result, it may be possible for a local user t...

Immunix OS 6.2 LC glibc format string

No description provided by source. / source: http://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...

rsync客户端增量文件列表远程内存破坏漏洞

Bugtraq ID: 47064 rsync是一款文件同步管理软件。 当增量递归启用，--delete启用，关闭--owner时，generator进程接收端存在一个内存破坏漏洞。在这些条件下，一些Generatordeep删除函数会临时增加fileextracnt，此全局变量用于管理filestructs内存中的格式，并在完成后恢复原始值。增量的目录只影响用于执行删除的临时文件列表，但它也能影响调用这些函数过程中接收到的增量文件列表块，不过可能以错误的格式创建。当恢复原始fileextracnt时，存储在每个可应用OPTEXTRA字段中的值会出现在rsync.h中列出的下一个值中。...

OpenSSL 'EVP_VerifyFinal'函数签名验证漏洞

BUGTRAQ ID: 33150 CVE ID：CVE-2008-5077 CNCVE ID：CNCVE-20085077 OpenSSL是一款开放源码的SSL实现，用来实现网络通信的高强度加密。 部分OpenSSL函数验证DSA和ECDSA密钥时不正确验证"EVPVerifyFinal"函数返回值，发送特殊构建的签名证书链给客户端，可绕过签名检查。 通过恶意服务器或中间人攻击，可使证书链中的畸形SSL/TLS签名绕过客户端软件检查，导致盲目信任并泄漏敏感信息。 成功利用此漏洞需要服务器使用包含DSA或者ECDSA密钥的证书。 Ubuntu Ubuntu Linux 8.10 spar...

fetchmail update -- Immunix OS 6.2, 7.0-beta, 7.0

----------------------------------------------------------------------- Immunix OS Security Advisory Packages updated: fetchmail Affected products: Immunix OS 6.2, 7.0-beta, and 7.0 Bugs fixed: immunix/1618 Date: Wed Jun 13 2001 Advisory ID: IMNX-2001-70-025-01 Author: Seth Arnold [email protected]...

Immunix OS Security update for lots of temp file problems

----------------------------------------------------------------------- Immunix OS Security Advisory Summary Date: January 10, 2000 Advisory ID: IMNX-2000-70-028-01 Author: Greg Kroah-Hartman [email protected] ----------------------------------------------------------------------- In an internal aud...

Immunix OS 6.2 - LC glibc format string

/ source: https://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide internationalization support according to the...

Immunix OS 6.2 - LC glibc format string

Immunix OS 6.2 - LC glibc format string / source: https://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems provide...

Multiple vulnerabilities in stack smashing protection technologies.

Advisory ID Internal CORE-20020409 Advisory Information: Advisory ID: CORE-20020409 Bugtraq ID:4586, 4589 CVE Name: Non-assigned yet Title: Multiple vulnerabilities in stack smashing protection technologies. Class: Design limitation, Implementation flaw Remotely Exploitable: Yes Locally...