CVE-2011-1643

Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.x, 7.x before 7.15bsu4, 8.0, and 8.5 before 8.51su2 and Cisco Unified Presence Server 6.x, 7.x, 8.0, and 8.5 before 8.5xnr allow remote attackers to read database data by connecting to a query interface through an SSL session,...

[SECURITY] Fedora 15 Update: cups-1.4.8-2.fc15

The Common UNIX Printing System provides a portable printing layer for UNIX=C2=AE operating systems. It has been developed by Easy Software Produc ts to promote a standard printing solution for all UNIX vendors and users. CUPS provides the System V and Berkeley command-line interfaces...

7 Layer Labs SQL Injection

IRANIAN THE BEST HACKERS IN THE WORLD Remote SQL injection Vulnerability 7 Layer Labs listacompleta.php?IDCategoria AuTh0r : EhsanHp200 H0ME : www.ehsanhp.blogsky.com Email : [email protected] Vendor : http://www.7layerlabs.com/ Persian Gulf 4 Ever! Dork : "Design by 7 Layer Labs "...

Postfix SMTP Server SASL Authentication Memory Corruption (CVE-2011-1720)

A memory corruption vulnerability has been reported in Postfix SMTP server. Postfix is a popular mail server for Unix-like platforms. The vulnerability is specific to Postfix servers that use Cyrus Simple Authentication and Security Layer SASL library. SASL is a framework for providing...

MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow

No description provided by source. $Id: ms10026avinsamplespersec.rb 13555 2011-08-13 02:15:05Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing an...

MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow

$Id: ms10026avinsamplespersec.rb 13555 2011-08-13 02:15:05Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow

Exploit for windows platform in category remote exploits $Id: ms10026avinsamplespersec.rb 13555 2011-08-13 02:15:05Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more...

Microsoft MPEG Layer-3 Audio - Stack Overflow (MS10-026) (Metasploit)

$Id: ms10026avinsamplespersec.rb 13555 2011-08-13 02:15:05Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

MS10-026 Microsoft MPEG Layer-3 Audio Stack Based Overflow

This module exploits a buffer overflow in l3codecx.ax while processing a AVI files with MPEG Layer-3 audio contents. The overflow only allows to overwrite with 0's so the three least significant bytes of EIP saved on stack are overwritten and shellcode is mapped using the .NET DLL memory techniqu...

CentOS Update for gnutls CESA-2010:0166 centos5 i386

Check for the Version of gnutls OpenVAS Vulnerability Test CentOS Update for gnutls CESA-2010:0166 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it und...

CentOS Update for openssl CESA-2010:0162 centos5 i386

Check for the Version of openssl OpenVAS Vulnerability Test CentOS Update for openssl CESA-2010:0162 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

CentOS Update for gnutls CESA-2009:1232 centos4 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Debian Security Advisory DSA 2264-1 (linux-2.6)

The remote host is missing an update to linux-2.6 announced via advisory DSA 2264-1. OpenVAS Vulnerability Test $Id: deb22641.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2264-1 linux-2.6 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

mutt: SSL host name check may be skipped when verifying certificate chain

Mutt does not verify that the smtps server hostname matches the domain name of the subject of an X.509 certificate, which allows man-in-the-middle attackers to spoof an SSL SMTP server via an arbitrary certificate, a different vulnerability than CVE-2009-3766...

Ubuntu: Security Advisory (USN-1168-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-2264-1 : linux-2.6 - privilege escalation/denial of service/information leak

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leak. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2010-2524 David Howells reported an issue in the Common...

[SECURITY] [DSA 2264-1] linux-2.6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2264-1 [email protected] http://www.debian.org/security/ dann frazier June 18, 2011 http://www.debian.org/security/faq -...

DSA-2264-1 linux-2.6 - several issues

Bulletin has no description...

TLS: MITM attacks via session renegotiation

The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services IIS 7.0, modssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services NSS 3.12.4 and earlier, multiple Cis...

(smtpd): Crash due to improper management of SASL handlers for SMTP sessions

The SMTP server in Postfix before 2.5.13, 2.6.x before 2.6.10, 2.7.x before 2.7.4, and 2.8.x before 2.8.3, when certain Cyrus SASL authentication methods are enabled, does not create a new server handle after client authentication fails, which allows remote attackers to cause a denial of service...