EUVD-2010-2729

Malware in sbrugna...

CVE-2010-2725

BarnOwl before 1.6.2 does not check the return code of calls to the 1 ZPending and 2 ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...

Heap-based Buffer Overflow

libzephyr.so is vulnerable to a Heap-based Buffer Overflow. The vulnerability is due to inadequate validation of buffer lengths in BLE connection update operations, which could lead to a divide by zero condition...

Improper Private IP Handling

libzephyr is vulnerable to Improper Private IP Address Handling. The vulnerability is caused due to inadequate filtering mechanisms, resulting in packets with localhost addresses to bypass security checks...

Out-of-bounds Write

libzephyr.so is vulnerable to Out of Bounds Write. The vulnerability is due to insufficient bounds checks when filtering IDs in the canstm32removerxfilter, cannxps32removerxfilter, and mcp2515removerxfilter functions. This issue arises because these functions do not adequately verify that the...

Buffer Overflow

libzephyr.so is vulnerable to Buffer Overflow. The vulnerability exists in wifiargstoparams function at wifishell.c which allows an attacker to cause an application crash...

Buffer Overflow

libzephyr.so is vulnerable to Buffer Overflows. The vulnerability exists in the memcpy function at usbdcnativeposix.c due to not properly handling the buffer size, which allows an attacker to cause an application crash...

barnowl uninitialized memory reference

libzephyr library functions return code is not checked...

[SECURITY] [DSA-2102-1] New barnowl packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-2102-1 [email protected] http://www.debian.org/security/ Sebastien Delafond Sep 3, 2010 http://www.debian.org/security/faq - -...

Debian DSA-2102-1 : barnowl - unchecked return value

It has been discovered that in barnowl, a curses-based instant-messaging client, the return codes of calls to the ZPending and ZReceiveNotice functions in libzephyr were not checked, allowing attackers to cause a denial of service crash of the application, and possibly execute arbitrary code...

DSA-2102-1 barnowl - arbitrary code execution

Bulletin has no description...

CVE-2010-2725

BarnOwl before 1.6.2 does not check the return code of calls to the 1 ZPending and 2 ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...

DEBIAN-CVE-2010-2725

BarnOwl before 1.6.2 does not check the return code of calls to the 1 ZPending and 2 ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...

Code injection

BarnOwl before 1.6.2 does not check the return code of calls to the 1 ZPending and 2 ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...

CVE-2010-2725

BarnOwl before 1.6.2 does not check the return code of calls to the 1 ZPending and 2 ZReceiveNotice functions in libzephyr, which allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors...

CVE-2010-2725

BarnOwl before 1.6.2 has an unchecked return-value vulnerability in libzephyr: ZPending and ZReceiveNotice return codes are not checked, enabling a remote attacker to cause a denial of service (crash) and potentially execute arbitrary code via unknown vectors. Detected in multiple sources (Debian...