4961 matches found
[Full-Disclosure] [SECURITY] [DSA-335-1] New mantis packages fix insecure file permissions
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 335-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 28th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA-316-2] New slashem packages fix buffer overflow
-------------------------------------------------------------------------- Debian Security Advisory DSA 316-2 [email protected] http://www.debian.org/security/ Matt Zimmerman June 11th, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA-312-1] New powerpc kernel fixes several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 312-1 [email protected] http://www.debian.org/security/ Matt Zimmerman June 9th, 2003 http://www.debian.org/security/faq -...
GNU Make For IBM AIX 4.3.3 - CC Path Local Buffer Overflow
GNU Make For IBM AIX 4.3.3 - CC Path Local Buffer Overflow source: https://www.securityfocus.com/bid/9903/info GNU make for IBM AIX has been reported to be prone to a buffer overflow vulnerability, the issue is reported to exist due to a lack of sufficient boundary checks performed when reading t...
Ifenslave 0.0.7 - Argument Local Buffer Overflow (3)
Ifenslave 0.0.7 - Argument Local Buffer Overflow 3 // source: https://www.securityfocus.com/bid/7682/info ifenslave for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it i...
Maelstrom Player 3.0.x - Argument Buffer Overflow (1)
Maelstrom Player 3.0.x - Argument Buffer Overflow 1 source: https://www.securityfocus.com/bid/7632/info Maelstrom for Linux has been reported prone to a buffer overflow vulnerability. The issue is reportedly due to a lack of sufficient bounds checking performed on user-supplied data before it is...
Maelstrom Buffer Overflow
Maelstrom is an arcade game. There is a buffer overflow vulnerability in Maelstrom which allow local attacker arbitrary code execution. Vulnerable systems: Maelstrom 3.0.6 Maelstrom 3.0.5 Example: lucae@linux$ gdb /usr/bin/Maelstrom GNU gdb 5.2.1-2mdk Mandrake Linux Copyright 2002 Free Software...
Sendmail: -1 gone wild
CVE: CAN-2003-0161 CERT: VU897604 FORCED RELEASE -- VENDOR NOTIFIED AS OF 03/18/03 There is a vulnerability in Sendmail versions 8.12.8 and prior. The address parser performs insufficient bounds checking in certain conditions due to a char to int conversion, making it possible for an attacker to...
[SECURITY] [DSA 217-1] New typespeed packages fix buffer overflow
-------------------------------------------------------------------------- Debian Security Advisory DSA 217-1 [email protected] http://www.debian.org/security/ Martin Schulze December 27th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 217-1] New typespeed packages fix buffer overflow
-------------------------------------------------------------------------- Debian Security Advisory DSA 217-1 [email protected] http://www.debian.org/security/ Martin Schulze December 27th, 2002 http://www.debian.org/security/faq -...
zkfingerd 0.9.1 - say() Format String
zkfingerd 0.9.1 - say Format String // source: https://www.securityfocus.com/bid/6404/info zkfingerd is prone to a format string vulnerability. The affected function does not perform sufficient checks when displaying user-supplied input. It is possible to corrupt memory by passing format strings...
SSH Secure Shell for Servers fails to remove child process from master process group
Overview A locally exploitable privilege escalation vulnerability exists in SSH Secure Shell versions 2.0.13 - 3.2.1. Description Secure Shell for Servers, developed by SSH Communications Security, does not properly remove the child process from the master process group after non-interactive...
[SECURITY] [DSA 198-1] New nullmailer packages fix local denial of service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 198-1 [email protected] http://www.debian.org/security/ Martin Schulze November 18th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 195-1] New Apache-Perl packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 195-1 [email protected] http://www.debian.org/security/ Martin Schulze November 13th, 2002 http://www.debian.org/security/faq -...
[SECURITY] [DSA 193-1] New klisa packages fix buffer overflow
-------------------------------------------------------------------------- Debian Security Advisory DSA 193-1 [email protected] http://www.debian.org/security/ Martin Schulze November 11th, 2002 http://www.debian.org/security/faq -...
[A3SC] MS IIS out of process privilege elevation vulnerability(A3CR@K-Vul-2002-06-002)
A3 Security Consulting: CR@K Vulnerability Research Title : MS IIS out of process privilege elevation vulnerabilityA3CR@K-Vul-2002-06-002 Reporter : li0n [email protected] Affected software : IIS 4.0, 5.0, 5.1 Risk : High Local/Remote : Local Category : Windows - IIS - Privilege elevation Date :...
Important: Red Hat Security Advisory: tetex security update
Updated packages for dvips are available which fix a vulnerability allowing print users to execute arbitrary commands. Updated 13 Aug 2003 Added tetex-doc package that was originally left out of the errata. The dvips utility converts DVI format into PostScriptTM, and is used in Red Hat Linux as a...
AlsaPlayer 0.99.71 - Local Buffer Overflow
AlsaPlayer 0.99.71 - Local Buffer Overflow // source: https://www.securityfocus.com/bid/5767/info Alsaplayer is a PCM player that utilizes the ALSA libraries and drivers. It is availabe for Linux and Unix platforms. A vulnerability has been discovered in Alsaplayer. By specifying an overly long...
HP Tru64 UNIX "mailcv" contains buffer overflow (SSRT2193)
Overview The HP Tru64 UNIX implementation of "mailcv" contains a locally exploitable buffer overflow. Description "mailcv" converts dxmail style folders to UNIX style folders. A locally exploitable buffer overflow in "mailcv" may permit a local attacker to gain elevated privileges and execute...
HP Tru64 UNIX "dxsysinfo" contains buffer overflow (SSRT2275)
Overview The HP Tru64 UNIX implementation of "dxsysinfo" contains a locally exploitable buffer overflow. Description "dxsysinfo" is used to monitor system resources. A locally exploitable buffer overflow in "dxsysinfo" may permit a local attacker to gain elevated privileges and execute arbitrary...