18 matches found
SuSE 11.3 Security Update : kdebase4-workspace (SAT Patch Number 9467)
This kdebase4-workspace update fixes two security issues : - NULL pointer dereference in KDM and KCheckPass. CVE-2013-4132 - Memory leak that could lead to a denial of service. CVE-2013-4133 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugi...
SuSE 10 Security Update : Samba (ZYPP Patch Number 8058)
A remote code execution flaw in Samba has been fixed : - PIDL based autogenerated code uses client supplied size values which allows attackers to write beyond the allocated array size. CVE-2012-1182 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C...
Novell Groupwise Address Book Code Execution
Application: Novell Groupwise Address Book Remote Code Execution Platforms: Windows Exploitation: Remote code execution CVE Number: 2011-4189 Novell TID: 733885 PRL: 2012-04 Author: Francis Provencher Protek Research Lab's Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1...
libpng chunk decompression integer overflow vulnerability
Overview The libpng library contains an integer overflow vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Portable Network Graphics PNG image format is used as an alternative to other image formats such as the Graphi...
SuSE 10 Security Update : nbd (ZYPP Patch Number 7450)
Nbd was updated to fix a buffer overflow in the mainloop function of nbd-server.c. This vulnerability can be exploited by remote attackers via long requests to execute arbitrary code. CVE-2011-0530: CVSS v2 Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P: Buffer Errors CWE-119 %NASLMINLEVEL 70300 C...
SuSE 10 Security Update : clamav (ZYPP Patch Number 7804)
This version update of clamav fixes a recursion level crash. CVE-2011-3627 was assigned to this issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid56602;...
SuSE 11.1 Security Update : iSCSI (SAT Patch Number 2879)
This update of iscscitarget/tgt fixes multiple overflows and a format string vulnerability : - CVE-2010-2221: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Buffer Errors CWE-119 - CVE-2010-0743: CVSS v2 Base Score: 5.0 MEDIUM AV:N/AC:L/Au:N/C:N/I:N/A:P: Format String Vulnerability...
SuSE 10 Security Update : ClamAV (ZYPP Patch Number 6144)
ClamAV update to version 0.95. This also fix some potential security bugs. CVE-2009-1241 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid41486;...
SuSE 11 Security Update : freetype2 (SAT Patch Number 792)
Freetype was updated to fix some integer overflows that can be exploited remotely in conjunction with programs like a web-browser. CVE-2009-0946 Thanks to Tavis Ormandy who found the bugs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin...
Novell Netstorage Multiple Vulnerabilities
Novell Netstorage Multiple Vulnerabilities - Description "Novell NetStorage acts as a bridge between a company's protected Novell network and the Internet, providing protected file access from any Internet location. Files and folders on a Novell NetWare® 6.5 server or Novell Open Enterprise...
Novell Netstorage XSS / Denial Of Service
Novell Netstorage Multiple Vulnerabilities - Description "Novell NetStorage acts as a bridge between a company's protected Novell network and the Internet, providing protected file access from any Internet location. Files and folders on a Novell NetWare® 6.5 server or Novell Open Enterprise...
iDefense Security Advisory 12.01.06: Novell ZENworks Asset Management Collection Client Heap Overflow Vulnerability
Novell ZENworks Asset Management Collection Client Heap Overflow Vulnerability iDefense Security Advisory 12.01.06 http://labs.idefense.com/intelligence/vulnerabilities/ Dec 01, 2006 I. BACKGROUND Novell Inc's ZENworks is a set of tools used to automate IT management and business processes across...
phpMyAdminSQL.txt
phpMyAdmin serverprivileges.php SQL Injection Vulnerabilities. I. BACKGROUND phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. II. DESCRIPTION phpMyAdmin serverprivileges.php is prone to SQL Injection vulnerability. A remote attacker may execute...
phpMyAdmin server_privileges.php SQL Injection Vulnerabilities.
phpMyAdmin serverprivileges.php SQL Injection Vulnerabilities. I. BACKGROUND phpMyAdmin is a tool written in PHP intended to handle the administration of MySQL over the Web. II. DESCRIPTION phpMyAdmin serverprivileges.php is prone to SQL Injection vulnerability. A remote attacker may execute...
[Full-Disclosure] NOVL-2005-10096251 GroupWise WebAccess error handling modules (report)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For Immediate Disclosure ============================== Summary ============================== Security Alert: NOVL-2005-10096251 Title: GroupWise WebAccess Error modules loading report Date: 21-January-2005 Revision: Original Product Name: GroupWise...
NOVL-2003-2966549 - Enterprise Web Server PERL Buffer Overflow
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For Immediate Disclosure ============================== Summary ============================== Security Alert: NOVL-2003-2966549 Title: Enterprise Web Server PERL Handler Buffer Overflow Date: 23-Jul-2003 Revision: Original Product Name: Netware...
NOVL-2003-2966205 - iChain 2.2 Field Patch 1a
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For Immediate Disclosure ============================== Summary ============================== Security Alert: NOVL-2003-2966205 Title: iChain 2.2 Field Patch 1a Date: 05-Jun-2003 Revision: Original Product Name: iChain 2.2 OS/Platforms: Netware...
NOVL-2002-2963297 - NetBasic Buffer Overflow + Scripting Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 For Immediate Disclosure ============================== Summary ============================== Security Alert: NOVL-2002-2963297 Title: NetBasic Buffer Overflow + Scripting Vulnerability Date: 20-Aug-2002 Revision: Original Security Alert Product Name...