CVE-2008-0548

Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service daemon crash via a large integer in the Content-Length HTTP header, which triggers a NULL dereference when malloc fails...

Design/Logic Flaw

Steamcast 0.9.75 and earlier allows remote attackers to cause a denial of service daemon crash via a large integer in the Content-Length HTTP header, which triggers a NULL dereference when malloc fails...

Debian Security Advisory DSA 567-1 (tiff)

The remote host is missing an update to tiff announced via advisory DSA 567-1. OpenVAS Vulnerability Test $Id: deb5671.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 567-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

Moderate: python security update

2.2.3-6.8 - Fix possible integer overflow in image ops - Fix off by one strxfrm malloc - Fix pypcre bugs - Resolves: 392031...

Solaris fifofs I_PEEK Kernel Memory Disclosure Exploit (x86/sparc)

No description provided by source. / 10/2007: public release SPARC Solaris 8 without 109454-06 Solaris 9 without 117471-04 Solaris 10 without 127737-01 x86 Solaris 8 without 109455-06 Solaris 9 without 117472-04 Solaris 10 without 127738-01 ...

HP ActiveX (hpqutil.dll ListFiles hpqutil.dll) Remote Heap Overflow PoC

No description provided by source. :. GOODFELLAS Security Research TEAM .: :. http://goodfellas.shellcode.com.ar .: ActiveX hpqutil!ListFiles hpqutil.dll - Remote heap overflow. ============================================================= Internal ID: VULWAR200706041 introduction ------------...

CVE-2007-4643

Integer underflow in Doomsday aka deng 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service daemon crash via a PKTCHAT packet with a data length less than 3, which triggers an erroneous malloc, possibly related to the SvHandlePacket function in svmain.c...

Integer overflow

Integer underflow in Doomsday aka deng 1.9.0-beta5.1 and earlier allows remote attackers to cause a denial of service daemon crash via a PKTCHAT packet with a data length less than 3, which triggers an erroneous malloc, possibly related to the SvHandlePacket function in svmain.c...

CoreHTTP http.c远程缓冲区溢出漏洞

BUGTRAQ ID: 25120 CoreHTTP是一款小型的Web服务器。 CoreHTTP在处理超长用户请求时存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞控制服务器。 CoreHTTP的http.c文件中存在缓冲区溢出漏洞： ----------------------------------------------------------------------- struct sprockt HttpSprockMakestruct sprockt parentsprock struct sprockt sprocket; char reqPATHSIZE,...

Mandrake Linux Security Advisory : wxGTK2 (MDKSA-2004:111)

Several vulnerabilities have been discovered in the libtiff package; wxGTK2 uses a libtiff code tree, so it may have the same vulnerabilities : Chris Evans discovered several problems in the RLE run length encoding decoders that could lead to arbitrary code execution. CVE-2004-0803 Matthias Clase...

Out-of-bounds

Chicken of the VNC cotv 2.0 allows remote attackers to cause a denial of service application crash via a large computer-name size value in a ServerInit packet, which triggers a failed malloc and a resulting NULL dereference...

Moderate gnupg security update

1.2.6-6 - backport fixes for two more malloc overflows from 1.4.5rc1 200502...

IBM AIX Debug Malloc工具本地溢出漏洞

IBM AIX是一款商业性质的UNIX操作系统。 IBM AIX的debug malloc工具中存在堆溢出漏洞，本地攻击者可能利用此漏洞提升自己的权限。 如果本地攻击者使用debug malloc工具调试可执行程序的话，就可能以超级用户权限执行任意代码。 IBM AIX 5.3L IBM AIX 5.3 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： ftp://aix.software.ibm.com/aix/efixes/security/dbgmallocifix.tar.Z...

IBM AIX chcons命令本地溢出漏洞

IBM AIX是一款商业性质的UNIX操作系统。 IBM AIX chcons命令中存在本地溢出漏洞，成功利用这个漏洞的攻击者可以以当前用户的权限执行任意代码。 如果启用了DEBUG MALLOC的话，则攻击者可以通过发送超长的输入参数导致chcon发生核心转储（coredump）。 IBM AIX 5.3L IBM AIX 5.3 IBM AIX 5.2L IBM AIX 5.2 IBM AIX 5.1L IBM AIX 5.1 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://www.ers.ibm.com/...

SquirrelMail chpasswd buffer overflow

No description provided by source. / 0x3142-sq-chpasswd.c Squirremail chpasswd buffer overflow. Tested on SuSE 9. The bug was found by Matias Neiff matias neiff com ar Coded by x314 0x3142 hushmail.com c 2004 Copyright by x314. All Rights Reserved. Greets: m0s krewz. / include stdlib.h char...

Dr.Web AntiVirus 4.33 - LHA long Directory name Local Overflow

Dr.Web AntiVirus 4.33 - LHA long Directory name Local Overflow / stetoscope.c: Dr.Web 4.33 antivirus LHA directory name heap overflow for linux - Howto: Find a valid GOT entry to hijack with objdump -R /opt/drweb/drweb . I guess that you can use the address of free, but my exploit uses the addres...

Dr.Web Antivirus 4.33 (LHA long directory name) Local Overflow Exploit

Exploit for linux platform in category local exploits ====================================================================== Dr.Web Antivirus 4.33 LHA long directory name Local Overflow Exploit ====================================================================== / stetoscope.c: Dr.Web 4.33...

solaris/sparc connect-back (with XNOR encoded session) 600 bytes

Exploit for solaris/sparc platform in category shellcode ================================================================ solaris/sparc connect-back with XNOR encoded session 600 bytes ================================================================ / black-RXenc-con-back-SOLARIS.c MIPS This is a...

FreeBSD : bogofilter -- heap corruption through malformed input (92140bc9-7bde-11da-8ec4-0002b3b60e4c)

Matthias Andree reports : When using Unicode databases default in more recent bogofilter installations, upon encountering invalid input sequences, bogofilter or bogolexer could overrun a malloc'd buffer, corrupting the heap, while converting character sets. Bogofilter would usually be processing...

Freeciv <= 2.0.7 (Jumbo Malloc) Denial of Service Crash

No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h include time.h ifdef WIN32 include winsock.h / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include string.h...