408 matches found
Debian: Security Advisory (DSA-1026-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Design/Logic Flaw
classes/Url.php in Justin Hagstrom AutoIndex PHP Script before 2.2.4 allows remote attackers to cause a denial of service CPU and memory consumption via a %00 sequence in the dir parameter to index.php, which triggers an erroneous "recursive calculation."...
Python 2.2 ImageOP Module - Multiple Integer Overflow Vulnerabilities
Python 2.2 ImageOP Module - Multiple Integer Overflow Vulnerabilities source: https://www.securityfocus.com/bid/25696/info Python's imageop module is prone to multiple integer-overflow vulnerabilities because it fails to properly bounds-check user-supplied input to ensure that integer operations ...
FreeBSD : bogofilter -- heap corruption through malformed input (92140bc9-7bde-11da-8ec4-0002b3b60e4c)
Matthias Andree reports : When using Unicode databases default in more recent bogofilter installations, upon encountering invalid input sequences, bogofilter or bogolexer could overrun a malloc'd buffer, corrupting the heap, while converting character sets. Bogofilter would usually be processing...
CVE-2006-0645
Tiny ASN.1 Library libtasn1 before 0.2.18, as used by 1 GnuTLS 1.2.x before 1.2.10 and 1.3.x before 1.3.4, and 2 GNU Shishi, allows attackers to crash the DER decoder and possibly execute arbitrary code via "out-of-bounds access" caused by invalid input, as demonstrated by the ProtoVer SSL test...
Kayako SupportSuite v3.00.x Full path Disclosure .
Kayako SupportSuite v3.00.x Full path Disclosure . Vuln. dicovered by : r0t Date: 25 nov. 2005 orginal advisory:http://pridels.blogspot.com/2005/11/kayako-supportsuite-v300x-full-path.html Vendor:kayako.com affected vesion:v3.00.12 and prior Vuln. Description: Due invalid input parameters or not...
CVE-2002-1399
Unknown vulnerability in cashout and possibly other functions in PostgreSQL 7.2.1 and earlier, and possibly later versions before 7.2.3, with unknown impact, based on an invalid integer input which is processed as a different data type, as demonstrated using cashout2...
Oracle 8 Server - 'TNSLSNR80.EXE' Denial of Service
source: https://www.securityfocus.com/bid/2626/info A denial of service vulnerability exists in Oracle 8. An attacker connecting to port 1526 and sending invalid input will cause the 'TNSLSNR80.EXE' process to consume all available system resources, causing the server to stop responding...