120 matches found
F5 Networks BIG-IP : Rsync sender.c vulnerability (SOL15548)
Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow remote attackers to execute arbitrary code via directory names that are not properly handled when calling the fname function. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracte...
openSUSE Security Update : opie (openSUSE-SU-2011:0848-1)
This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin CVE-2011-2490. This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...
openSUSE Security Update : opie (openSUSE-SU-2011:0848-1)
This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin CVE-2011-2490. This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...
CVE-2012-5876
Multiple off-by-one errors in NMMediaServerService.dll in Nero MediaHome 4.5.8.0 and earlier allow remote attackers to cause a denial of service crash via a long string in the 1 request line or 2 HTTP Referer header to TCP port 54444, which triggers a heap-based buffer overflow...
CVE-2014-2386
Multiple off-by-one errors in Icinga, possibly 1.10.2 and earlier, allow remote attackers to cause a denial of service crash via unspecified vectors to the 1 displaynavtable, 2 printexportlink, 3 pagenumselector, or 4 pagelimitselector function in cgi/cgiutils.c or 5 statuspagenumselector functio...
Stack overflow
Multiple off-by-one errors in Icinga, possibly 1.10.2 and earlier, allow remote attackers to cause a denial of service crash via unspecified vectors to the 1 displaynavtable, 2 printexportlink, 3 pagenumselector, or 4 pagelimitselector function in cgi/cgiutils.c or 5 statuspagenumselector functio...
CVE-2014-2386
Removed by vendor...
CVE-2014-2386
CVE-2014-2386 affects the Icinga monitoring system. The connected documents confirm multiple off-by-one/buffer overflow issues in the CGI helpers, specifically in files cgi/cgiutils.c (display_nav_table, print_export_link, page_num_selector, page_limit_selector) and cgi/status.c (status_page_num_...
CVE-2013-7108
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service crash via a long string in the last key value in...
CVE-2013-7108
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service crash via a long string in the last key value in...
CVE-2013-7108
Multiple off-by-one errors in Nagios Core 3.5.1, 4.0.2, and earlier, and Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to obtain sensitive information from process memory or cause a denial of service crash via a long string in the last key value in...
CVE-2013-7108
CVE-2013-7108 affects Nagios Core 3.5.1, 4.0.2 and older, and Icinga up to certain releases. It is an off-by-one/heap-over-read flaw in process_cgivars() triggered by a long parameter value, allowing remote authenticated users to read process memory or cause a DoS. Affected products include Nagio...
Nero MediaHome Multiple Remote DoS Vulnerabilities
High-Tech Bridge Security Research Lab has discovered multiple DoS vulnerabilities in Nero Media Home server, which could be exploited by a malicious person to crash the server remotely. 1 Off-by-one errors in Nero MediaHome server: CVE-2012-5876 1.1 The vulnerability exists due to an off-by-one...
CVE-2011-5244
Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...
CVE-2011-5244
Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...
CVE-2011-5244
Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...
CVE-2011-5244
Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...
CVE-2011-5244
Multiple off-by-one errors in the 1 token and 2 linetoken functions in backend/dvi/mdvi-lib/afmparse.c in t1lib, as used in teTeX 3.0.x, GNOME evince, and possibly other products, allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a DVI file containi...
SuSE 10 Security Update : opie (ZYPP Patch Number 7594)
This update fixes off-by-one errors in opiesu CVE-2011-2489 and missing setuid return value checks in opielogin. CVE-2011-2490 This update also removes the setuid bit from opiesu program. If you rely on the setuid bit on opiesu, add the following line to /etc/permissions.local : /usr/bin/opiesu...
CVE-2011-3341
Multiple off-by-one errors in ordercmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service daemon crash or possibly execute arbitrary code via a crafted CMDINSERTORDER command...