Nokia N70/N73 Bluetooth Stack Denial Of Service

Nokia N70/N73 Bluetooth Stack OBEX Implementation Denial of Service ------------------------------------------------------------------ I. Summary Nokia N70 and N73 are two popular models from Nokia's N-series lineup of smart phones. A flaw has been found in the OBEX implementation in these two...

Code injection

The strong name SN implementation in Microsoft .NET Framework 2.0.50727 relies on the digital signature Public Key Token embedded in the pathname of a DLL file instead of the digital signature of this file itself, which makes it easier for attackers to bypass Global Assembly Cache GAC and Code...

CVE-2008-5100

CVE-2008-5100 concerns the strong name (SN) implementation in Microsoft .NET Framework 2.0.50727 . The description in multiple connected sources states that SN validation relies on the Public Key Token embedded in the DLL’s pathname rather than the file’s own digital signature. This design flaw c...

CVE-2008-5100

The strong name SN implementation in Microsoft .NET Framework 2.0.50727 relies on the digital signature Public Key Token embedded in the pathname of a DLL file instead of the digital signature of this file itself, which makes it easier for attackers to bypass Global Assembly Cache GAC and Code...

openSUSE 10 Security Update : kernel (kernel-5751)

This kernel update fixes various bugs and also several security issues : CVE-2008-4576: Fixed a crash in SCTP INIT-ACK, on mismatch between SCTP AUTH availability. This might be exploited remotely for a denial of service crash attack. CVE-2008-3833: The genericfilesplicewrite function in...

CVE-2008-5010

in.dhcpd in the DHCP implementation in Sun Solaris 8 through 10, and OpenSolaris before snv103, allows remote attackers to cause a denial of service assertion failure and daemon exit via unknown DHCP requests related to the "number of offers," aka Bug ID 6713805...

kernel security update

CentOS Errata and Security Advisory CESA-2008:0957 Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 12th...

RHEL 5 : kernel (RHSA-2008:0957)

Updated kernel packages that resolve several security issues and fix various bugs are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Updated 12th November 2008 The original packages distributed wi...

CVE-2008-4618

The Stream Control Transmission Protocol sctp implementation in the Linux kernel before 2.6.27 does not properly handle a protocol violation in which a parameter has an invalid length, which allows attackers to cause a denial of service panic via unspecified vectors, related to...

CVE-2008-4618

The CVE-2008-4618 issue affects the Linux kernel SCTP implementation prior to 2.6.27, where a protocol violation with an invalid parameter length could trigger a panic and denial-of-service via SCTP processing paths (sctp_sf_violation_paramlen, sctp_sf_abort_violation, sctp_make_abort_violation; ...

CVE-2008-4609

The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...

CVE-2008-4609

The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...

CVE-2008-4609

The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...

CVE-2008-4609

The TCP implementation in 1 Linux, 2 platforms based on BSD Unix, 3 Microsoft Windows, 4 Cisco products, and probably other operating systems allows remote attackers to cause a denial of service connection queue exhaustion via multiple vectors that manipulate information in the TCP state table, a...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix several security issues and several bugs are now available for Red Hat Enterprise MRG 1.0. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the core of any Linux...

Design/Logic Flaw

The IPv6 Neighbor Discovery Protocol NDP implementation in 1 FreeBSD 6.3 through 7.1, 2 OpenBSD 4.2 and 4.3, 3 NetBSD, 4 Force10 FTOS before E7.7.1.1, 5 Juniper JUNOS, and 6 Wind River VxWorks 5.x through 6.4 does not validate the origin of Neighbor Discovery messages, which allows remote attacke...

Gentoo Security Advisory GLSA 200507-08 (phpgroupware egroupware)

The remote host is missing updates announced in advisory GLSA 200507-08. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200512-04 (openswan ipsec-tools)

The remote host is missing updates announced in advisory GLSA 200512-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Gentoo Security Advisory GLSA 200512-04 (openswan ipsec-tools)

The remote host is missing updates announced in advisory GLSA 200512-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2008-4160

Unspecified vulnerability in the UFS module in Sun Solaris 8 through 10 and OpenSolaris allows local users to cause a denial of service NULL pointer dereference and kernel panic via unknown vectors related to the Solaris Access Control List ACL implementation...