40 matches found
Design/Logic Flaw
The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...
CVE-2015-8872
The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...
CVE-2015-8872
The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...
CVE-2015-8872
CVE-2015-8872 affects dosfstools: the set_fat function in fat.c can trigger an off-by-two error on FAT12 filesystems when writing an odd number of clusters to the third-to-last entry, potentially causing an invalid memory read and a crash (DoS). Affected is dosfstools prior to 4.0; multiple post-...
CVE-2015-8872
The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...
CVE-2015-8872
The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...
dosfstools memory leak vulnerability
dosfstools is a set of open source command line utilities , it supports the user to be able to easily and quickly create labels and check the GNU/Linux operating system in the MS-DOS FAT file system , etc. . A security vulnerability exists in the 'setfat' function of dosfstools, which originates...
CVE-2015-8872
The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...
UBUNTU-CVE-2015-8872
The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...
Ubuntu Update for rsyslog USN-1224-1
Ubuntu Update for Linux kernel vulnerabilities USN-1224-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12241.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for rsyslog USN-1224-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...
Ubuntu 11.04 : rsyslog vulnerability (USN-1224-1)
It was discovered that rsyslog had an off-by-two error when parsing legacy syslog messages. An attacker could potentially exploit this to cause a denial of service via application crash. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu...
rsyslog Long Tag Off-By-Two DoS
This module triggers an off-by-two overflow in the rsyslog daemon. This flaw is unlikely to yield code execution but is effective at shutting down a remote log daemon. This bug was introduced in version 4.6.0 and corrected in 4.6.8/5.8.5. Compiler differences may prevent this bug from causing any...
RHEL 6 : rsyslog (RHSA-2011:1247)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1247 advisory. - rsyslog: parseLegacySyslogMsg off-by-two buffer overflow CVE-2011-3200 Note that Nessus has not tested for this issue but has instead relied only o...
Important: Red Hat Security Advisory: kernel-rt security and bug fix update
Updated kernel-rt packages that fix several security issues and a bug are now available for Red Hat Enterprise MRG 1.1.2. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel-rt packages contain the Linux kernel, the core of any Linux...
kernel ieee80211 off-by-two integer underflow
Integer underflow in the ieee80211rx function in net/ieee80211/ieee80211rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211STYPEQOSDATA flag is set, aka an "off-by-two...
CVE-2007-4997
Integer underflow in the ieee80211rx function in net/ieee80211/ieee80211rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211STYPEQOSDATA flag is set, aka an "off-by-two...
MS07-012 Not Fixed
The MS07-012 patch that came out on Black Tuesday in Feb 2007 is not a complete solution to the problem. Title: MFC42u.dll Off-by-Two Overflow Date: 15 March 2007 Affected: Windows 2000, XP, 2003 those that were affected by the MS07-012 patch Reported by: Greg Sinclair gssincla...nnlsoftware.com...
GLSA-200611-26 : ProFTPD: Remote execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-200611-26 ProFTPD: Remote execution of arbitrary code Evgeny Legerov discovered a stack-based buffer overflow in the sreplace function in support.c, as well as a buffer overflow in in the modtls module. Additionally, an off-by-two...
DEBIAN-CVE-2006-6171
ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an...
cUrl / licurl HTTP client library buffer overflow
Off-by-one and off-by-two overflows in URL parsing...