479 matches found
Ubuntu 10.04 LTS / 10.10 : thunderbird, thunderbird-locales vulnerabilities (USN-1020-1)
Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash THunderbird or possibly run arbitrary code as the user invoking the program. CVE-2010-3776, CVE-2010-3777, CVE-2010-3778 Marc...
Ubuntu 8.04 LTS / 9.10 / 10.04 LTS / 10.10 : firefox, firefox-{3.0,3.5}, xulrunner-1.9.{1,2} vulnerabilities (USN-1019-1)
Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. CVE-2010-3776, CVE-2010-3777, CVE-2010-3778 It was...
USN-1019-1: Firefox and Xulrunner vulnerabilities
Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash the browser or possibly run arbitrary code as the user invoking the program. CVE-2010-3776, CVE-2010-3777, CVE-2010-3778 It was...
USN-1020-1: Thunderbird vulnerabilities
Jesse Ruderman, Andreas Gal, Nils, Brian Hackett, and Igor Bukanov discovered several memory issues in the browser engine. An attacker could exploit these to crash THunderbird or possibly run arbitrary code as the user invoking the program. CVE-2010-3776, CVE-2010-3777, CVE-2010-3778 Marc...
wireshark -- Multiple problems
wireshark Team reports: It may be possible to make Wireshark or Ethereal crash or use up available memory by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file...
Smail 3 - Multiple RemoteLocal Vulnerabilities
Smail 3 - Multiple RemoteLocal Vulnerabilities // source: https://www.securityfocus.com/bid/12899/info Smail-3 is reported prone to multiple vulnerabilities. These issues can allow a local or remote attacker to execute arbitrary code on a vulnerable computer. A successful attack may lead to a...
Debian DSA-639-1 : mc - several vulnerabilities
Andrew V. Samoilov has noticed that several bugfixes which were applied to the source by upstream developers of mc, the midnight commander, a file browser and manager, were not backported to the current version of mc that Debian ships in their stable release. The Common Vulnerabilities and...
DSA-639-1 mc - several
Bulletin has no description...
CVE-2004-2680
modpython libapache2-mod-python 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory...
mc -- multiple vulnerabilities
Andrew V. Samoilov reported several vulnerabilities that were corrected in MidnightCommand 4.6.0: Format string issues CVE-2004-1004 Buffer overflows CVE-2004-1005 Denial-of-service, infinite loop CVE-2004-1009 Denial-of-service, corrupted section header CVE-2004-1090 Denial-of-service, null...
RHEL 2.1 / 3 : samba (RHSA-2004:632)
Updated samba packages that fix various security vulnerabilities are now available. Samba provides file and printer sharing services to SMB/CIFS clients. During a code audit, Stefan Esser discovered a buffer overflow in Samba versions prior to 3.0.8 when handling unicode filenames. An authenticat...
Debian DSA-047-1 : kernel
The kernels used in Debian GNU/Linux 2.2 have been found to have multiple security problems. This is a list of problems based on the 2.2.19 release notes as found on http://www.linux.org.uk/ : - binfmtmisc used user pages directly - the CPIA driver had an off-by-one error in the buffer code which...
Debian DSA-379-1 : sane-backends - several vulnerabilities
Alexander Hvostov, Julien Blache and Aurelien Jarno discovered several security-related problems in the sane-backends package, which contains an API library for scanners including a scanning daemon in the package libsane that can be remotely exploited. These problems allow a remote attacker to...
Mandrake Linux Security Advisory : samba (MDKSA-2004:092)
Two vulnerabilities were discovered in samba 3.0.x; the first is a defect in smbd's ASN.1 parsing that allows an attacker to send a specially crafted packet during the authentication request which will send the newly spawned smbd process into an infinite loop. As a result, it is possible to use u...
Multiple vendor SOAP server (XML parser) denial of service (DTD parameter entities)
/////////////////////////////////////////////////////////////////////////////// //========================== Security Advisory ==========================// ///////////////////////////////////////////////////////////////////////////////...
DSA-324 ethereal - several vulnerabilities
Bulletin has no description...
b-WsMP3dvuln.txt
========================================== INetCop Security Advisory 2003-0x82-017.b ========================================== Title: Remote Heap Corruption Overflow vulnerability in WsMp3d Again 0x01. Description WsMp3d is webserver daemon that can enjoy mp3. shoutcast-server There is WsMp3 Hea...
NT drivers are potentially vulnerable to format string bug
Many NT drivers are potentially vulnerable to "format string bug". The problem is concerned with DbgPrint function that is used for debug messages. Some drivers instead of directly call of this function use additional intermediate functions. Those functions add a prefix to an outputted string,...
Cisco CDP attacks
Folks, when playing around with CDP, I discovered several interesting things. Due the leak of Cisco hardware around here, I ask you for your expiriences. Details as follows: Program: http://www.phenoelit.de/irpas/cdp.c Known effekts: -IOS 11.11: when flooding the cisco with random deviceID update...