CVE-2007-5849

Integer underflow in the asn1getstring function in the SNMP back end backend/snmp.c for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow...

DEBIAN-CVE-2007-5849

Integer underflow in the asn1getstring function in the SNMP back end backend/snmp.c for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow...

CVE-2007-5849

Integer underflow in the asn1getstring function in the SNMP back end backend/snmp.c for CUPS 1.2 through 1.3.4 allows remote attackers to execute arbitrary code via a crafted SNMP response that triggers a stack-based buffer overflow...

SuSE 10 Security Update : file (ZYPP Patch Number 3034)

An integer underflow within the ELF header parsing has been fixed which could lead to arbitrary code execution. CVE-2007-1536 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc...

Important: kernel security update

CVE-2007-4571 ALSA memory disclosure flaw - Tick divider bugs on x8664 - CVE-2007-5494 openOATOMICLOOKUP leaks dentry - PATCH jbd: wait for already submitted tsyncdatalist buffer to complete Possibility of in-place data destruction - LSPP: audit rule causes kernel 'out of memory' condition and...

kernel ieee80211 off-by-two integer underflow

Integer underflow in the ieee80211rx function in net/ieee80211/ieee80211rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211STYPEQOSDATA flag is set, aka an "off-by-two...

Ubuntu 6.10 : linux-source-2.6.17 vulnerabilities (USN-486-1)

The compatsysmount function allowed local users to cause a denial of service when mounting a smbfs filesystem in compatibility mode. CVE-2006-7203 The Omnikey CardMan 4040 driver cm4040cs did not limit the size of buffers passed to read and write. A local attacker could exploit this to execute...

CVE-2007-4997

Integer underflow in the ieee80211rx function in net/ieee80211/ieee80211rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211STYPEQOSDATA flag is set, aka an "off-by-two...

CVE-2007-4997

CVE-2007-4997 affects the Linux kernel 2.6.x, including components in net/ieee80211/ieee80211_rx.c, where an off-by-two integer underflow in ieee80211_rx can crash the kernel when a runt IEEE 802.11 frame with the IEEE80211_STYPE_QOS_DATA flag is used. Impact is remote denial of service (kernel c...

CVE-2007-4622

Integer underflow in the dnsnamefromtext function in 1 libdnsnonsecure.a and 2 libdnssecure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" TSIG key command line argument to dig...

CVE-2007-4622

Integer underflow in the dnsnamefromtext function in 1 libdnsnonsecure.a and 2 libdnssecure.a in IBM AIX 5.2 allows local users to gain privileges via a crafted "-y" TSIG key command line argument to dig...

CVE-2007-4622

CVE-2007-4622 describes an integer underflow in the dns_name_fromtext function within IBM AIX 5.2’s dig program (libdns_nonsecure.a and libdns_secure.a). The vulnerability enables local users to gain root privileges by supplying a crafted -y TSIG key argument to dig, due to an underflow in dns_na...

iDefense Security Advisory 10.30.07: IBM AIX dig dns_name_fromtext Integer Underflow Vulnerability

IBM AIX dig dnsnamefromtext Integer Underflow Vulnerability iDefense Security Advisory 10.30.07 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 30, 2007 I. BACKGROUND dig is a utility that is commonly used for DNS diagnostics. Under AIX 5.2, the dig program is installed by default and ...

GLSA-200710-19 : The Sleuth Kit: Integer underflow

The remote host is affected by the vulnerability described in GLSA-200710-19 The Sleuth Kit: Integer underflow Jean-Sebastien Guay-Leroux reported an integer underflow in the fileprintf function of the 'file' utility which is bundled with The Sleuth Kit CVE-2007-1536, GLSA 200703-26. Note that...

The Sleuth Kit: Integer underflow

Background The Sleuth Kit is a collection of file system and media management forensic analysis tools. Description Jean-Sebastien Guay-Leroux reported an integer underflow in the fileprintf function of the "file" utility which is bundled with The Sleuth Kit CVE-2007-1536, GLSA 200703-26. Note tha...

openSUSE 10 Security Update : file (file-3033)

An integer underflow within the ELF header parsing has been fixed which could lead to arbitrary code execution. CVE-2007-1536 has been assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE...

Preemptive Protection against EMC VMware Workstation DHCP Service Integer Underflow Vulnerability

An integer underflow vulnerability has been reported in the VMware DHCP service. VMware Workstation is a virtualization technology that allows running multiple instances of virtual computers simultaneously with the hosting operating system. The Dynamic Host Configuration Protocol DHCP provides...

CVE-2007-0063

Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528...

Integer overflow

Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528...

cpuset information leak

Integer underflow in the cpusettasksread function in the Linux kernel before 2.6.20.13, and 2.6.21.x before 2.6.21.4, when the cpuset filesystem is mounted, allows local users to obtain kernel memory contents by using a large offset when reading the /dev/cpuset/tasks file...