5315 matches found
kernel: ansi_cprng: off by one error in non-block size request
Off-by-one error in the getprngbytes function in crypto/ansicprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the...
DEBIAN-CVE-2013-4345
Off-by-one error in the getprngbytes function in crypto/ansicprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the...
CVE-2013-4345
CVE-2013-4345 is an off-by-one vulnerability in the Linux kernel’s crypto/ansi_cprng.c get_prng_bytes function, exploitable through requests for small data blocks up to kernel versions before 3.11.4. The issue allows context-dependent attackers to defeat cryptographic protections by mismanaging t...
CVE-2013-4345
Off-by-one error in the getprngbytes function in crypto/ansicprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the...
UBUNTU-CVE-2013-4345
Off-by-one error in the getprngbytes function in crypto/ansicprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the...
CVE-2013-4345
Off-by-one error in the getprngbytes function in crypto/ansicprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the...
Code injection
Off-by-one error in the addrok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service host crash via unspecified hypercalls that ignore virtual-address bits...
CVE-2011-2901
Off-by-one error in the addrok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service host crash via unspecified hypercalls that ignore virtual-address bits...
CVE-2011-2901
CVE-2011-2901 affects Xen 3.3 and earlier. The off-by-one error in the __addr_ok macro allows local 64-bit PV guest administrators to cause a host crash (denial of service) via unspecified hypercalls that ignore virtual-address bits. Public references confirm the issue across multiple advisories ...
织梦内容管理系统(DedeCms) 小说模块insert注入漏洞
DedeCms是免费的PHP网站内容管理系统。 织梦内容管理系统DedeCms 以简单、实用、开源而闻名,是国内最知名的PHP开源网站管理系统,也是使用用户最多的PHP类CMS系统。 在gpc=off的情况下,小说模块添加章节insert注入漏洞。 0 Dedecms 厂商补丁: dedecms ------- 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.dedecms.com/products/dedecms/...
Amazon Linux AMI : t1lib (ALAS-2012-40)
Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics AFM files. If a specially crafted font file was opened by an application linked against t1lib, it could cause the application to crash or, potentially, execute arbitrary code with the privileges of the...
Amazon Linux AMI : texlive (ALAS-2012-48)
TeX Live embeds a copy of t1lib. The t1lib library allows you to rasterize bitmaps from PostScript Type 1 fonts. The following issues affect t1lib code : Two heap-based buffer overflow flaws were found in the way t1lib processed Adobe Font Metrics AFM files. If a specially crafted font file was...
DEBIAN-CVE-2013-4247
Off-by-one error in the builduncpathtoroot function in fs/cifs/connect.c in the Linux kernel before 3.9.6 allows remote attackers to cause a denial of service memory corruption and system crash via a DFS share mount operation that triggers use of an unexpected DFS referral name length...
Memory corruption
Off-by-one error in the builduncpathtoroot function in fs/cifs/connect.c in the Linux kernel before 3.9.6 allows remote attackers to cause a denial of service memory corruption and system crash via a DFS share mount operation that triggers use of an unexpected DFS referral name length...
CVE-2013-4247
Off-by-one error in the builduncpathtoroot function in fs/cifs/connect.c in the Linux kernel before 3.9.6 allows remote attackers to cause a denial of service memory corruption and system crash via a DFS share mount operation that triggers use of an unexpected DFS referral name length...
Fedora Update for nodejs-graceful-fs FEDORA-2013-12908
Check for the Version of nodejs-graceful-fs OpenVAS Vulnerability Test Fedora Update for nodejs-graceful-fs FEDORA-2013-12908 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or...
PT-2013-4917 · Linux · Linux Kernel
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 3.9.6 Description: The issue is caused by an off-by-one error in the build unc path to root function in fs/cifs/connect.c, allowing remote attackers to cause a denial of service, resulting in memory corruption a...
UBUNTU-CVE-2013-4247
Off-by-one error in the builduncpathtoroot function in fs/cifs/connect.c in the Linux kernel before 3.9.6 allows remote attackers to cause a denial of service memory corruption and system crash via a DFS share mount operation that triggers use of an unexpected DFS referral name length...
DEBIAN-CVE-2013-4921
Off-by-one error in the dissectradiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service application crash via a crafted packet...
CVE-2013-4921
Off-by-one error in the dissectradiotap function in epan/dissectors/packet-ieee80211-radiotap.c in the Radiotap dissector in Wireshark 1.10.x before 1.10.1 allows remote attackers to cause a denial of service application crash via a crafted packet...