247 matches found
Debian DLA-2115-2 : proftpd-dfsg regression update
It was discovered that there was a regression in a previous fix for a use-after-free vulnerability in the proftpd-dfsg FTP server. Exploitation of the original vulnerability within the memory pool handling could have allowed a remote attacker to execute arbitrary code on the affected system...
Debian: Security Advisory (DLA-2115-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ProFTPD < 1.3.7 Multiple Vulnerabilities
ProFTPD is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:proftpd:proftpd"; ifdescription...
CVE-2020-9273
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in allocpool in pool.c, and possible remote code execution...
CVE-2020-9273
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in allocpool in pool.c, and possible remote code execution...
UBUNTU-CVE-2020-9273
In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel. This triggers a use-after-free in allocpool in pool.c, and possible remote code execution...
PT-2020-5165 · Proftpd +2 · Proftpd +2
Name of the Vulnerable Software and Affected Versions: ProFTPD versions prior to 1.3.5e+r1.3.5-2+deb8u7 ProFTPD versions prior to 1.3.6-alt0.4.ga73dbfe3b ProFTPD versions prior to 1.3.6-4+deb10u4 ProFTPD version 1.3.7 Description: ProFTPD contains a use-after-free vulnerability within the memory...
PYSEC-2019-241
GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogrexpat.cpp when the 10MB threshold is exceeded...
BSA-2018-553
Security Advisory ID : BSA-2018-553 Component : Apache HTTPD Revision : 2.0: Final When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.33 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the...
CVE-2018-1302
When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter...
ALPINE-CVE-2018-1302
When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. The memory pools maintained by the server make this vulnerability hard to trigger in usual configurations, the reporter...
Proftpd堆溢出漏洞
=========================== VULNERABILITIES =========================== ../proftpd-master/src/pool.c:89-116 Heap Overflow due to zero length malloc allocation TYPE: CERT MEM04-C; CWE-131 Code Snippet: ............................ ret = mallocsize; if ret == NULL prlogpriPRLOGALERT, "Out of...
Apache Subversion 1.8.x DoS Vulnerability (May 2015)
Apache Subversion is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Scientific Linux Security Update : httpd on SL3.x i386/x86_64
CVE-2009-1891 httpd: possible temporary DoS CPU consumption in moddeflate CVE-2009-2412 apr, apr-util: Integer overflows in memory pool apr and relocatable memory apr-util management Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in the way the Apache Portable...
Avast! Internet Security 5.0 aswFW.sys kernel driver IOCTL Memory Pool Corruption
No description provided by source. +-------------------------------------------------------------------------------------+ | Avast! Internet Security 5.0 'aswFW.sys' kernel driver IOCTL Memory Pool Corruption | +-------------------------------------------------------------------------------------...
Avast! Internet Security 5.0 Denial Of Service
+-------------------------------------------------------------------------------------+ | Avast! Internet Security 5.0 'aswFW.sys' kernel driver IOCTL Memory Pool Corruption | +-------------------------------------------------------------------------------------+ Tested Platform: Avast! Internet...
Avast! Internet Security 5.0 - 'aswFW.sys' Kernel Driver IOCTL Memory Pool Corruption
+-------------------------------------------------------------------------------------+ | Avast! Internet Security 5.0 'aswFW.sys' kernel driver IOCTL Memory Pool Corruption | +-------------------------------------------------------------------------------------+ Tested Platform: Avast! Internet...
Avast! Internet Security 5.0 - aswFW.sys Kernel Driver IOCTL Memory Pool Corruption
Avast! Internet Security 5.0 - aswFW.sys Kernel Driver IOCTL Memory Pool Corruption +-------------------------------------------------------------------------------------+ | Avast! Internet Security 5.0 'aswFW.sys' kernel driver IOCTL Memory Pool Corruption |...
Avast! 5.0 aswFW.sys kernel driver IOCTL Memory Pool Corruption
Exploit for windows platform in category dos / poc ================================================================================= Avast! Internet Security 5.0 aswFW.sys kernel driver IOCTL Memory Pool Corruption =================================================================================...
IBM DB2 Multiple Unspecified Vulnerabilities (Linux)
The host is installed with IBM DB2 and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: secpodibmdb2multunspecifiedvulnlin.nasl 5055 2017-01-20 14:08:39Z teissa $ IBM DB2 Multiple Unspecified Vulnerabilities Linux Authors: Antu Sanadi Copyright: Copyright c 2009 SecPod,...