942 matches found
DSA-1286-1 linux-2.6
Bulletin has no description...
Debian DSA-1280-1 : aircrack-ng - buffer overflow
It was discovered that aircrack-ng, a WEP/WPA security analysis tool, performs insufficient validation of 802.11 authentication packets, which allows the execution of arbitrary code. The oldstable distribution sarge doesn't contain aircrack-ng packages. %NASLMINLEVEL 70300 C Tenable Network...
solaris/sparc connect-back (with XNOR encoded session) 600 bytes
No description provided by source. / black-RXenc-con-back-SOLARIS.c MIPS This is a relitivly small 600 byte shellcode that encodes all network trafic between the exploited process and the attacker. All clear-text shell i/o is encoded using a simple NOT algo before being transmitted on the wire...
KDE JPEG KFile Info插件EXIF本地拒绝服务漏洞
JPEG kfile-info插件用于多个KDE应用程序显示图象META信息。 JPEG kfile-info插件在解析图象META信息时存在问题,本地攻击者可以利用漏洞对使用此插件的应用程序进行拒绝服务攻击。 目前没有详细漏洞细节提供。 KDE KDE 3.5.5 KDE KDE 3.5.4 KDE KDE 3.5.3 KDE KDE 3.5.2 KDE KDE 3.5 KDE KDE 3.4.3 - Gentoo Linux KDE KDE 3.4.2 KDE KDE 3.4.1 + RedHat Fedora Core4 KDE KDE 3.4 KDE KDE 3.4 KDE KD...
Debian DSA-1225-2 : mozilla-firefox - several vulnerabilities
This update covers packages for the little endian MIPS architecture missing in the original advisory. For reference please find below the original advisory text : Several security related problems have been discovered in Mozilla and derived products such as Mozilla Firefox. The Common...
[SECURITY] [DSA 1226-1] New links packages fix arbitrary shell command execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1226-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff December 3rd, 2006 http://www.debian.org/security/faq -...
DSA-1225-1 mozilla-firefox
Bulletin has no description...
[SECURITY] [DSA 1223-1] New tar packages fix arbitrary file overwrite
------------------------------------------------------------------------ Debian Security Advisory DSA-1223-1 [email protected] http://www.debian.org/security/ Noah Meyerhans December 01, 2006 - ------------------------------------------------------------------------ Package : tar Vulnerability...
[SECURITY] [DSA 1223-1] New tar packages fix arbitrary file overwrite
------------------------------------------------------------------------ Debian Security Advisory DSA-1223-1 [email protected] http://www.debian.org/security/ Noah Meyerhans December 01, 2006 - ------------------------------------------------------------------------ Package : tar Vulnerability...
PSToText文件名处理shell命令执行漏洞
PSToText是一款从PostScript 和PDF档案中提取出文字的程序。 PSToText不正确处理文件名数据,远程攻击者可以利用漏洞以应用程序进程权限执行任意shell命令。 攻击者需要构建恶意文件名,诱使用户处理来触发,目前没有详细漏洞细节提供。 Debian Linux 3.1 sparc Debian Linux 3.1 s/390 Debian Linux 3.1 ppc Debian Linux 3.1 mipsel Debian Linux 3.1 mips Debian Linux 3.1 m68k Debian Linux 3.1 ia-64 Debian Lin...
Ultrix 4.5/MIPS dxterm Local Buffer Overflow Exploit
No description provided by source. / Ultrix 4.5/MIPS dxterm exploit by ztion in 2004 Greets to: Stok, sidez It wasn't possible to use '/' in the shellcode. Probably dxterm only copies everything after the last slash, as it expects a path. Since everything is pretty much hardcoded, you will probab...
Debian DSA-1070-1 : kernel-source-2.4.19 - several vulnerabilities
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2004-0427 A local denial of service vulnerability i...
Debian DSA-1082-1 : kernel-source-2.4.17 - several vulnerabilities
Several local and remote vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2004-0427 A local denial of service vulnerability i...
solaris/sparc connect-back with XNOR encoded session 600 bytes
solaris/sparc connect-back with XNOR encoded session 600 bytes. Shellcode exploit for solarissparc platform / black-RXenc-con-back-SOLARIS.c MIPS This is a relitivly small 600 byte shellcode that encodes all network trafic between the exploited process and the attacker. All clear-text shell i/o i...
[SECURITY] [DSA 1107-1] New GnuPG packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1107-1 [email protected] http://www.debian.org/security/ Martin Schulze July 10th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1084-1] New typespeed packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1084-1 [email protected] http://www.debian.org/security/ Steve Kemp May 31st, 2006 http://www.debian.org/security/faq -...
CVE-2004-0997
CVE-2004-0997 is a local privilege-escalation vulnerability in the MIPS ptrace assembly code of the Linux kernel 2.4.x prior to 2.4.17. The connected Debian advisories (DSA-1067-1 and DSA-1070-1) reference this CVE among a list of kernel vulnerabilities and indicate remediation via updates to ker...
[SECURITY] [DSA 1052-1] New cgiirc packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1052-1 [email protected] http://www.debian.org/security/ Martin Schulze May 8th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1028-1] New libimager-perl packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 1028-1 [email protected] http://www.debian.org/security/ Martin Schulze March 7th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 1023-1] New kaffeine packages fix arbitrary code execution
-------------------------------------------------------------------------- Debian Security Advisory DSA 1023-1 [email protected] http://www.debian.org/security/ Martin Schulze April 5th, 2006 http://www.debian.org/security/faq -...