Lucene search
K

40 matches found

Prion
Prion
added 2016/06/03 2:59 p.m.18 views

Design/Logic Flaw

The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...

2.1CVSS6.8AI score0.00423EPSS
Exploits0References9Affected Software4
NVD
NVD
added 2016/06/03 2:59 p.m.21 views

CVE-2015-8872

The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...

6.2CVSS6.1AI score0.00423EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2016/06/03 2:0 p.m.21 views

CVE-2015-8872

The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...

6.2CVSS6.5AI score0.00423EPSS
Exploits0
CVE
CVE
added 2016/06/03 2:0 p.m.87 views

CVE-2015-8872

CVE-2015-8872 affects dosfstools: the set_fat function in fat.c can trigger an off-by-two error on FAT12 filesystems when writing an odd number of clusters to the third-to-last entry, potentially causing an invalid memory read and a crash (DoS). Affected is dosfstools prior to 4.0; multiple post-...

6.2CVSS6.1AI score0.00423EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2016/06/03 2:0 p.m.34 views

CVE-2015-8872

The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...

6.3AI score0.00423EPSS
Exploits0References9
RedhatCVE
RedhatCVE
added 2016/05/17 11:48 a.m.29 views

CVE-2015-8872

The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...

6.2CVSS3.4AI score0.00423EPSS
Exploits0References2
CNVD
CNVD
added 2016/05/17 12:0 a.m.26 views

dosfstools memory leak vulnerability

dosfstools is a set of open source command line utilities , it supports the user to be able to easily and quickly create labels and check the GNU/Linux operating system in the MS-DOS FAT file system , etc. . A security vulnerability exists in the 'setfat' function of dosfstools, which originates...

6.2CVSS9.3AI score0.00423EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2015/12/31 12:0 a.m.31 views

CVE-2015-8872

The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...

6.2CVSS6.8AI score0.00423EPSS
Exploits0References3
OSV
OSV
added 2015/12/31 12:0 a.m.4 views

UBUNTU-CVE-2015-8872

The setfat function in fat.c in dosfstools before 4.0 might allow attackers to corrupt a FAT12 filesystem or cause a denial of service invalid memory read and crash by writing an odd number of clusters to the third to last entry on a FAT12 filesystem, which triggers an "off-by-two error."...

6.2CVSS6.8AI score0.00423EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2011/10/10 12:0 a.m.18 views

Ubuntu Update for rsyslog USN-1224-1

Ubuntu Update for Linux kernel vulnerabilities USN-1224-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN12241.nasl 7964 2017-12-01 07:32:11Z santu $ Ubuntu Update for rsyslog USN-1224-1 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This...

5CVSS6.5AI score0.20759EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2011/10/04 12:0 a.m.23 views

Ubuntu 11.04 : rsyslog vulnerability (USN-1224-1)

It was discovered that rsyslog had an off-by-two error when parsing legacy syslog messages. An attacker could potentially exploit this to cause a denial of service via application crash. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu...

5CVSS5.4AI score0.20759EPSS
Exploits2References2
Metasploit
Metasploit
added 2011/09/02 3:55 p.m.50 views

rsyslog Long Tag Off-By-Two DoS

This module triggers an off-by-two overflow in the rsyslog daemon. This flaw is unlikely to yield code execution but is effective at shutting down a remote log daemon. This bug was introduced in version 4.6.0 and corrected in 4.6.8/5.8.5. Compiler differences may prevent this bug from causing any...

5CVSS0.6AI score0.20759EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2011/09/02 12:0 a.m.28 views

RHEL 6 : rsyslog (RHSA-2011:1247)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1247 advisory. - rsyslog: parseLegacySyslogMsg off-by-two buffer overflow CVE-2011-3200 Note that Nessus has not tested for this issue but has instead relied only o...

5CVSS5.8AI score0.20759EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2009/04/29 9:28 a.m.57 views

Important: Red Hat Security Advisory: kernel-rt security and bug fix update

Updated kernel-rt packages that fix several security issues and a bug are now available for Red Hat Enterprise MRG 1.1.2. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel-rt packages contain the Linux kernel, the core of any Linux...

4.7CVSS5.8AI score0.01255EPSS
Exploits9References7
RedHat Linux
RedHat Linux
added 2007/12/19 6:17 p.m.5 views

kernel ieee80211 off-by-two integer underflow

Integer underflow in the ieee80211rx function in net/ieee80211/ieee80211rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211STYPEQOSDATA flag is set, aka an "off-by-two...

7.1CVSS5.9AI score0.0324EPSS
Exploits1References4
Cvelist
Cvelist
added 2007/11/06 7:0 p.m.31 views

CVE-2007-4997

Integer underflow in the ieee80211rx function in net/ieee80211/ieee80211rx.c in the Linux kernel 2.6.x before 2.6.23 allows remote attackers to cause a denial of service crash via a crafted SKB length value in a runt IEEE 802.11 frame when the IEEE80211STYPEQOSDATA flag is set, aka an "off-by-two...

5.9AI score0.0324EPSS
Exploits1References30
securityvulns
securityvulns
added 2007/03/16 12:0 a.m.290 views

MS07-012 Not Fixed

The MS07-012 patch that came out on Black Tuesday in Feb 2007 is not a complete solution to the problem. Title: MFC42u.dll Off-by-Two Overflow Date: 15 March 2007 Affected: Windows 2000, XP, 2003 those that were affected by the MS07-012 patch Reported by: Greg Sinclair gssincla...nnlsoftware.com...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/12/04 12:0 a.m.33 views

GLSA-200611-26 : ProFTPD: Remote execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200611-26 ProFTPD: Remote execution of arbitrary code Evgeny Legerov discovered a stack-based buffer overflow in the sreplace function in support.c, as well as a buffer overflow in in the modtls module. Additionally, an off-by-two...

10CVSS7.2AI score0.74254EPSS
Exploits5References4
OSV
OSV
added 2006/11/30 3:28 p.m.1 views

DEBIAN-CVE-2006-6171

ProFTPD 1.3.0a and earlier does not properly set the buffer size limit when CommandBufferSize is specified in the configuration file, which leads to an off-by-two buffer underflow. NOTE: in November 2006, the role of CommandBufferSize was originally associated with CVE-2006-5815, but this was an...

7.5CVSS6.9AI score0.0959EPSS
Exploits0References1
securityvulns
securityvulns
added 2005/12/08 12:0 a.m.30 views

cUrl / licurl HTTP client library buffer overflow

Off-by-one and off-by-two overflows in URL parsing...

2.5AI score
Exploits0References1Affected Software2
Rows per page
Query Builder