[Backports-security-announce] Security Update for xml-security-c

Russ Allbery uploaded new packages for xml-security-c which fixed the following security problems: CVE-2009-0217 CERT VU466161 It was discovered that the W3C XML Signature recommendation contains a protocol-level vulnerability related to HMAC output truncation. This update implements the proposed...

linux rally SHELL a-vulnerability warning-the black bar safety net

!/ usr/bin/perl-w use strict; use Socket; use I:Handle; if$ARGV+1 != 2 print "$ARGV $0 RemoteIP RemotePort \n"; exit 1; my $remoteip = $ARGV0; my $remoteport = $ARGV1; my $proto = getprotobyname"tcp"; my $packaddr = sockaddrin$remoteport, cannot be stored correctly$remoteip; my $shell =...

DSA-1849-1 xml-security-c - signature forgery

Bulletin has no description...

New Linux Flaw Enables Null Pointer Exploits

A researcher has published exploit code for a new vulnerability he discovered in the Linux kernel. The vulnerability is an especially interesting one in that the researcher who discovered it, Brad Spengler, has demonstrated that he can use the weakness to defeat many of the add-on security...

Code injection

Unspecified vulnerability in the SCTP implementation in Sun Solaris 10, and OpenSolaris before snv120, allows remote attackers to cause a denial of service panic via unspecified packets...

Buffer overflow

Buffer overflow in the syscall implementation in IBM AIX 5.3 allows local users to gain privileges via unspecified vectors...

Heap overflow

Array index error in the 1 dtoa implementation in dtoa.c aka pdtoa.c and the 2 gdtoa aka new dtoa implementation in gdtoa/misc.c in libc, as used in multiple operating systems and products including in FreeBSD 6.4 and 7.2, NetBSD 5.0, OpenBSD 4.5, Mozilla Firefox 3.0.x before 3.0.15 and 3.5.x...

CVE-2009-0689

CVE-2009-0689 is an array-index error in libc’s dtoa/gdtoa floating-point conversion code (dtoa.c/pdtoa.c and gdtoa/misc.c) that can be triggered by a large precision value passed to printf, causing a denial of service (crash) and potentially arbitrary code execution. Affected platforms include F...

CVE-2009-1935

Integer overflow in the pipebuildwritebuffer function sys/kern/syspipe.c in the direct write optimization feature in the pipe implementation in FreeBSD 7.1 through 7.2 and 6.3 through 6.4 allows local users to bypass virtual-to-physical address lookups and read sensitive information in memory pag...

CVE-2009-1935

Integer overflow in the pipebuildwritebuffer function sys/kern/syspipe.c in the direct write optimization feature in the pipe implementation in FreeBSD 7.1 through 7.2 and 6.3 through 6.4 allows local users to bypass virtual-to-physical address lookups and read sensitive information in memory pag...

FreeBSD information leak

Integer overflow on pipe implementation allows reading data from another process' memory...

Design/Logic Flaw

The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document...

CVE-2009-1700

The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document...

CVE-2009-1685

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML by overwriting the document.implementation property of 1 an embedded document or ...

Cross site scripting

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML by overwriting the document.implementation property of 1 an embedded document or ...

CVE-2009-1685

Cross-site scripting XSS vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML by overwriting the document.implementation property of 1 an embedded document or ...

CVE-2009-1375

CVE-2009-1375 concerns the PurpleCircBuffer expansion in Pidgin (formerly Gaim) up to 2.5.6. When the buffer is full, data can be corrupted, potentially causing a crash or misleading UI. Connected advisories indicate pidgin updates (e.g., to version 2.6.x) fix this and related issues (XMPP/Sameti...

Microsoft IIS WebDAV Remote Authentication Bypass Vulnerability

Microsoft IIS Webserver with WebDAV Module is prone to remote authentication bypass vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Microsoft confirms flaw in WebDAV in IIS

Microsoft has confirmed the reported vulnerability in the WebDAV implementation in IIS 5.0, 5.1 and 6.0, saying that the flaw could be used to bypass the authentication mechanism on the Web server. However, the company said that there are a number of mitigating factors involved and that company...

Design/Logic Flaw

Multiple memory leaks in Ipsec-tools before 0.7.2 allow remote attackers to cause a denial of service memory consumption via vectors involving 1 signature verification during user authentication with X.509 certificates, related to the eaycheckx509sign function in src/racoon/cryptoopenssl.c; and 2...