DSA-934-1 pound - remote

Bulletin has no description...

security flaw

Race condition in ebtables netfilter module ebtables.c in Linux 2.6, when running on an SMP system that is operating under a heavy load, might allow remote attackers to cause a denial of service crash via a series of packets that cause a value to be modified after it has been read but before it h...

F5 BIG-IP Cookie Remote Information Disclosure

The remote host appears to be an F5 BIG-IP load balancer. The load balancer encodes the IP address of the actual web server that it is acting on behalf of within a cookie. Additionally, information after 'BIGipServer' is configured by the user and may be the logical name of the device. These valu...

CUPS Server 1.1 - GET Denial of Service

CUPS Server 1.1 - GET Denial of Service / dl-cups.c v0.1 CUPS server freeze and processor load "fuckup" exploit bug found and exploit coded by tracewar darklogic team for educaional purposes only. greetz goes to: setuid, matan. / include include include include include char EVIL =...

CUPS Server <= 1.1 (Get Request) Denial of Service Exploit

Exploit for linux platform in category dos / poc ========================================================== CUPS Server include include include include char EVIL = "\x2e\x2e\x5c\x2e\x2e"; void usagechar argv0 fprintfstdout, "cups/1.x server freeze and remote cpu usage fuckup\n"; fprintfstdout,...

[Full-disclosure] [ISR] Zyxel Prestige 650R-31 Denial Of Service

|| || Infobyte Security Research || www.infobyte.com.ar || 04.08.2005 || .:: SUMMARY Prestige 650R-31 ADSL Router -CPU exausting handling malformed fragmented packets Affected ZyNOS FW v3.40KO.1 It is suspected that all previous versions of ZyNOS are vulnerable. .:: BACKGROUND Zyxel Prestige 600...

Mandrake Linux Security Advisory : OpenOffice.org (MDKSA-2005:082)

AD-LAB discovered a heap overflow in the StgCompObjStream::Load function when OpenOffice.org processes DOC documents. If an attacker created a malicious DOC document that contained a specially crafted header, it could execute arbitrary code with the rights of the user running OpenOffice.org. The...

CVE-2005-0618

The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network...

CVE-2005-0941

The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain...

CVE-2005-0227

PostgreSQL pgsql 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension...

CVE-2005-0941

The StgCompObjStream::Load function in OpenOffice.org OpenOffice 1.1.4 and earlier allocates memory based on 16 bit length values, but process memory using 32 bit values, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a DOC document with certain...

security flaw

The loadelflibrary in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service kernel crash via a crafted ELF library or executable, which causes a free of an invalid pointer...

GLSA-200504-13 : OpenOffice.Org: DOC document Heap Overflow

The remote host is affected by the vulnerability described in GLSA-200504-13 OpenOffice.Org: DOC document Heap Overflow AD-LAB has discovered a heap overflow in the 'StgCompObjStream::Load' function when processing DOC documents. Impact : An attacker could design a malicious DOC document containi...

Windows 2003 Server DoS vulnerabilities

DoS on network operation during high CPU load, on printing in terminal sessions...

security flaw

MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, allows remote authenticated users with INSERT and DELETE privileges to bypass library path restrictions and execute arbitrary libraries by using INSERT INTO to modify the mysql.func table, which is processed by the udfinit function...

CVE-2005-0618

The SMTP binding function in Symantec Firewall/VPN Appliance 200/200R firmware after 1.5Z and before 1.68, Gateway Security 360/360R and 460/460R firmware before vuild 858, and Nexland Pro800turbo, when configured for load balancing between two WANs, might send SMTP traffic to a trusted network...

[SA14428] Symantec Firewall Devices SMTP Binding Configuration Bypass

---------------------------------------------------------------------- Monitor, Filter, and Manage Security Information - Filtering and Management of Secunia advisories - Overview, documentation, and detailed reports - Alerting via email and SMS Request Trial: https://ca.secunia.com/?f=l...

security flaw

Race condition in the 1 loadelflibrary and 2 binfmtaout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor...

security flaw

PostgreSQL pgsql 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension...

security flaw

PostgreSQL pgsql 7.4.x, 7.2.x, and other versions allows local users to load arbitrary shared libraries and execute code via the LOAD extension...