USN-1546-1: libgc vulnerability

It was discovered that multiple integer overflows existed in the malloc and calloc implementations in the Boehm-Demers-Weiser garbage collecting memory allocator libgc. These could allow an attacker to cause a denial of service or possibly execute arbitrary code...

CentOS Update for glibc CESA-2012:0393 centos6

Check for the Version of glibc OpenVAS Vulnerability Test CentOS Update for glibc CESA-2012:0393 centos6 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

httpdx 1.5.4 Heap Overflow

!/usr/bin/perl -w ====================================================================== Exploit Title: httpdx UnhandledExceptionFilter ====================================================================== use strict; use IO::Socket::INET; target my $host = "127.0.0.1"; The perl|php|py|.. page t...

httpdx 1.5.4 - Remote Heap Overflow

httpdx 1.5.4 - Remote Heap Overflow !/usr/bin/perl -w ====================================================================== Exploit Title: httpdx UnhandledExceptionFilter ====================================================================== use strict; use IO::Socket::INET; target my $host =...

httpdx 1.5.4 - Remote Heap Overflow

!/usr/bin/perl -w ====================================================================== Exploit Title: httpdx UnhandledExceptionFilter ====================================================================== use strict; use IO::Socket::INET; target my $host = "127.0.0.1"; The perl|php|py|.. page t...

AZL-41929 CVE-2012-2677 affecting package ceph for versions less than 18.2.2-1

Integer overflow in the orderedmalloc function in boost/pool/pool.hpp in Boost Pool before 3.9 makes it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to be allocated than expected...

CVE-2012-2673

Multiple integer overflows in the 1 GCgenericmalloc and 2 calloc functions in malloc.c, and the 3 GCgenericmallocignoreoffpage function in mallocx.c in Boehm-Demers-Weiser GC libgc before 7.2 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows...

CVE-2012-2676

Multiple integer overflows in the 1 malloc and 2 calloc functions in Hoard before 3.9 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows on implementing code via a large size value, which causes less memory to be allocated than expected...

CVE-2012-2676

Multiple integer overflows in the 1 malloc and 2 calloc functions in Hoard before 3.9 make it easier for context-dependent attackers to perform memory-related attacks such as buffer overflows on implementing code via a large size value, which causes less memory to be allocated than expected...

CVE-2012-2675

The vulnerability CVE-2012-2675 affects nedmalloc (nedmalloc.c) up to version 1.10 beta2, where two integer overflow paths in CallMalloc (malloc) and nedpcalloc (calloc) can cause allocation sizing to be smaller than requested. This can enable context-dependent attackers to perform memory-related...

CVE-2012-2676

CVE-2012-2676 affects the Hoard memory allocator (pre-3.9) and concerns two integer overflow paths in the malloc and calloc implementations. When a large size value is requested, the overflow can cause the allocator to allocate less memory than expected, enabling context‑dependent attackers to pe...

RedHat Update for glibc RHSA-2012:0393-01

Check for the Version of glibc OpenVAS Vulnerability Test RedHat Update for glibc RHSA-2012:0393-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

Fedora Update for gc FEDORA-2012-9637

Check for the Version of gc OpenVAS Vulnerability Test Fedora Update for gc FEDORA-2012-9637 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of the...

FreeBSD : png -- memory corruption/possible remote code execution (262b92fe-81c8-11e1-8899-001ec9578670)

The PNG project reports : libpng fails to correctly handle malloc failures for text chunks in pngsettext2, which can lead to memory corruption and the possibility of remote code execution. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the orderedmalloc function in boost/pool/pool.hpp. An attacker can perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to be allocated...

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the orderedmalloc function in boost/pool/pool.hpp. An attacker can perform memory-related attacks such as buffer overflows via a large memory chunk size value, which causes less memory to be allocated...

glibc security and bug fix update

2.3.4-2.57 - Use malloc as needed in fnmatch 769360 2.3.4-2.56 - Fix handling if newline in addmntent 769360 - Use correct type when casting dtag 769360. - Properly quite output of local 769360 - Check size of pattern in wide character representation in fnmatch 769360 - Report write error in addm...

CentOS 6 : glibc (CESA-2012:0058)

Updated glibc packages that fix two security issues and three bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

glibc security and bug fix update

2.12-1.47.el62.5 - Avoid high cpu usage when accept fails with EMFILE 767692 2.12-1.47.el62.4 - Make implementation of ARENASTEST and ARENASMAX match documentation 769594 - Check malloc arena atomically 769594 2.12-1.47.el62.3 - Check values from TZ file header 767692 2.12-1.47.el62.2 - Correctly...

PHP 5.3.8 Multiple vulnerabilities

PHP 5.3.8 Multiple vulnerabilities Author: Maksymilian Arciemowicz Website: http://cxsecurity.com/ Date: 14.01.2012 CVE: CVE-2011-4153 zendstrndup Original link: http://cxsecurity.com/research/103 --- 1. Multiple NULL Pointer Dereference with zendstrndup CVE-2011-4153 --- As we can see in...