[SECURITY] [DSA-1969-1] New krb5 packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1969-1 [email protected] http://www.debian.org/security/ Giuseppe Iuculano January 12, 2010 http://www.debian.org/security/faq -...

krb: KDC integer overflows in AES and RC4 decryption routines (MITKRB5-SA-2009-004)

Multiple integer underflows in the 1 AES and 2 RC4 decryption functionality in the crypto library in MIT Kerberos 5 aka krb5 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code by providing ciphertext with a...

Critical: Red Hat Security Advisory: krb5 security update

Updated krb5 packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3, 4, and 5, and Red Hat Enterprise Linux 4.7, 5.2, and 5.3 Extended Update Support. This update has been rated as having critical security impact by the Red Hat Security Response Team. Kerberos...

WebSphere 7.05 APR-util apr_strmatch_precompile 导致整形下溢漏洞

No description provided by source...

Mandriva Security Advisory MDVSA-2009:319 (xine-lib)

The remote host is missing an update to xine-lib announced via advisory MDVSA-2009:319. OpenVAS Vulnerability Test $Id: mdksa2009319.nasl 6573 2017-07-06 13:10:50Z cfischer $ Description: Auto-generated from advisory MDVSA-2009:319 xine-lib Authors: Thomas Reinke Copyright: Copyright c 2009 E-Sof...

Fedora Core 10 FEDORA-2009-11488 (qt)

The remote host is missing an update to qt announced via advisory FEDORA-2009-11488. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

Fedora 12 : qt-4.5.3-9.fc12 (2009-11487)

A security flaw was found in the WebKit's Cross-Origin Resource Sharing CORS implementation. Multiple security flaws integer underflow, invalid pointer dereference, buffer underflow and a denial of service were found in the way WebKit's FTP parser used to process remote FTP directory listings. No...

Fedora 10 : qt-4.5.3-9.fc10 (2009-11488)

A security flaw was found in the WebKit's Cross-Origin Resource Sharing CORS implementation. Multiple security flaws integer underflow, invalid pointer dereference, buffer underflow and a denial of service were found in the way WebKit's FTP parser used to process remote FTP directory listings. No...

kernel: e1000_clean_rx_irq() denial of service

Integer underflow in the e1000cleanrxirq function in drivers/net/e1000/e1000main.c in the e1000 driver in the Linux kernel before 2.6.30-rc8, the e1000e driver in the Linux kernel, and Intel Wired Ethernet aka e1000 before 7.5.5 allows remote attackers to cause a denial of service panic via a...

CVE-2009-2524

Integer underflow in the NTLM authentication feature in the Local Security Authority Subsystem Service LSASS in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote attackers to cause a deni...

CVE-2009-2515

Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncation of a 64-bit integer to a 32-bit integer, aka...

Integer overflow

Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncation of a 64-bit integer to a 32-bit integer, aka...

CVE-2009-2515

Integer underflow in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2 allows local users to gain privileges via a crafted application that triggers an incorrect truncation of a 64-bit integer to a 32-bit integer, aka...

CVE-2009-2515

CVE-2009-2515 is a Windows kernel local elevation-of-privilege vulnerability caused by an incorrect truncation of a 64-bit value to 32-bit. The issue affects multiple Windows editions listed in MS09-058 (including Windows 2000 SP4, XP SP2/SP3, Server 2003 SP2, Vista SP1/SP2, and Server 2008). An ...

Microsoft Windows LSASS Denial of Service Vulnerability (975467)

This host is missing a critical security update according to Microsoft Bulletin MS09-059. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Windows LSASS Denial of Service Vulnerability (975467)

This host is missing a critical security update according to Microsoft Bulletin MS09-059. OpenVAS Vulnerability Test $Id: secpodms09-059.nasl 8724 2018-02-08 15:02:56Z cfischer $ Microsoft Windows LSASS Denial of Service Vulnerability 975467 Authors: Sharath S Updated By: Madhuri D on 2010-11-24 ...

Microsoft Windows Kernel Integer Underflow Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. The vulnerability is caused by an integer-underflow issue. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will...

openSUSE 10 Security Update : OpenOffice_org (OpenOffice_org-6421)

Secunia reported an integer underflow CVE-2009-0200 and a buffer overflow CVE-2009-0201 that could be triggered while parsing Word documents. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

SuSE 11 Security Update : OpenOffice_org (SAT Patch Number 1258)

This update of OpenOffice.org fixes potential buffer overflow in EMF parser code enhwmf.cxx, emfplus.cxx Thanks to Petr Mladek. Additionally Secunia reported an integer underflow CVE-2009-0200 and a buffer overflow CVE-2009-0201 that could be triggered while parsing Word documents. Also provides...

CentOS 3 / 4 : openoffice.org (CESA-2009:1426)

Updated openoffice.org packages that correct security issues are now available for Red Hat Enterprise Linux 3, 4, and 5. This update has been rated as having important security impact by the Red Hat Security Response Team. OpenOffice.org is an office productivity suite that includes desktop...