841 matches found
Mandrake Security Advisory MDVSA-2009:105 (memcached)
The remote host is missing an update to memcached announced via advisory MDVSA-2009:105. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...
CVE-2009-1786
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable...
Code injection
The malloc subsystem in libc in IBM AIX 5.3 and 6.1 allows local users to create or overwrite arbitrary files via a symlink attack on the log file associated with the MALLOCDEBUG environment variable...
CVE-2009-1786
CVE-2009-1786 affects IBM AIX 5.3 and 6.1. The vulnerability resides in the libc malloc subsystem where the MALLOCDEBUG log file can be attacked via a symlink, enabling local users to create or overwrite arbitrary files. Multiple connected sources confirm local privilege implications and public P...
DEBIAN-CVE-2009-1494
The processstat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port...
CVE-2009-1494
The processstat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port...
CVE-2009-1494
The processstat function in Memcached 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon's TCP port...
DEBIAN-CVE-2009-1255
The processstat function in 1 Memcached before 1.2.8 and 2 MemcacheDB 1.2.0 discloses a the contents of /proc/self/maps in response to a stats maps command and b memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain sensitive information such ...
CVE-2009-0847
The asn1bufimbed function in the ASN.1 decoder in MIT Kerberos 5 aka krb5 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service application crash via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmeti...
Denial of Service (DoS)
Overview Affected versions of this package are vulnerable to Denial of Service DoS. The asn1bufimbed function in the ASN.1 decoder in MIT Kerberos 5 aka krb5 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service application crash via a crafted length value that trigger...
CVE-2009-0847
The asn1bufimbed function in the ASN.1 decoder in MIT Kerberos 5 aka krb5 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service application crash via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmeti...
CVE-2009-0847
The asn1bufimbed function in the ASN.1 decoder in MIT Kerberos 5 aka krb5 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service application crash via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmeti...
CVE-2009-0847
The asn1bufimbed function in the ASN.1 decoder in MIT Kerberos 5 aka krb5 1.6.3, when PK-INIT is used, allows remote attackers to cause a denial of service application crash via a crafted length value that triggers an erroneous malloc call, related to incorrect calculations with pointer arithmeti...
libxine -- multiple vulnerabilities
Multiple vulnerabilities were fixed in libxine 1.1.16.2. Tobias Klein reports: FFmpeg contains a type conversion vulnerability while parsing malformed 4X movie files. The vulnerability may be exploited by a remote attacker to execute arbitrary code in the context of FFmpeg or an application using...
Linux/x86-64 - Bind TCP (1337/TCP) Shell + Password (pAzzW0rd) + Egghunter Using sys_access() Shellcode (49 bytes)
Linux/x86-64 - Bind TCP 1337/TCP Shell + Password pAzzW0rd + Egghunter Using sysaccess Shellcode 49 bytes. Shellcode exploit for Linuxx86-64 platform ; Author Doreth.Z10 ; ; Linux x8664 Egghunter using sysaccess ; Shellcode size 49 bytes ; global start section .text start: xor rsi, rsi ; Some pre...
CVE-2008-5233
xine-lib 1.1.12, and other versions before 1.1.15, does not check for failure of malloc in circumstances including 1 the mymngprocessheader function in demuxmng.c, 2 the openmodfile function in demuxmod.c, and 3 framebuffer allocation in the realparseaudiospecificdata function in demuxreal.c, whi...
CVE-2008-5233
xine-lib 1.1.12, and other versions before 1.1.15, does not check for failure of malloc in circumstances including 1 the mymngprocessheader function in demuxmng.c, 2 the openmodfile function in demuxmod.c, and 3 framebuffer allocation in the realparseaudiospecificdata function in demuxreal.c, whi...
Design/Logic Flaw
xine-lib 1.1.12, and other versions before 1.1.15, does not check for failure of malloc in circumstances including 1 the mymngprocessheader function in demuxmng.c, 2 the openmodfile function in demuxmod.c, and 3 framebuffer allocation in the realparseaudiospecificdata function in demuxreal.c, whi...
CVE-2008-5233
xine-lib 1.1.12, and other versions before 1.1.15, does not check for failure of malloc in circumstances including 1 the mymngprocessheader function in demuxmng.c, 2 the openmodfile function in demuxmod.c, and 3 framebuffer allocation in the realparseaudiospecificdata function in demuxreal.c, whi...
CVE-2008-5233
xine-lib 1.1.12, and other versions before 1.1.15, does not check for failure of malloc in circumstances including 1 the mymngprocessheader function in demuxmng.c, 2 the openmodfile function in demuxmod.c, and 3 framebuffer allocation in the realparseaudiospecificdata function in demuxreal.c, whi...