41 matches found
Apache Mod_Rewrite单字节缓冲区溢出漏洞
Apache是一款流行的开放源代码的HTTPD服务程序。 Apache modrewrite模块中LDAP机制处理存在单字节溢出错误,远程攻击者可以利用漏洞以WEB进程权限执行任意指令。 Apache modrewrite模块提供了一个基于规则的使用正则表达式分析器的实时转向URL请求的引擎。modrewrite模块在转义绝对URI机制时存在单字节错误,当分离LDAP URL的数据时escapeabsoluteuri 函数中会触发此漏洞。触发此漏洞可导致指向用户提供数据的指针写入字符指针数组边界之外,可用于控制程序,以WEB权限执行任意指令。...
GLSA-200611-18 : TIN: Multiple buffer overflows
The remote host is affected by the vulnerability described in GLSA-200611-18 TIN: Multiple buffer overflows Urs Janssen and Aleksey Salow have reported multiple buffer overflows in TIN. Additionally, the OpenPKG project has reported an allocation off-by-one flaw which can lead to a buffer overflo...
TIN: Multiple buffer overflows
Background TIN is a threaded NNTP and spool based UseNet newsreader for a variety of platforms. Description Urs Janssen and Aleksey Salow have reported multiple buffer overflows in TIN. Additionally, the OpenPKG project has reported an allocation off-by-one flaw which can lead to a buffer overflo...
[OpenPKG-SA-2006.033] OpenPKG Security Advisory (openldap)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory OpenPKG GmbH http://openpkg.org/security/ http://openpkg.com OpenPKG-SA-2006.033 2006-11-10 Package: openldap Vulnerability: denial of service OpenPKG Specific: no Affected Series: Affected Packages: Corrected Packages:...
[OpenPKG-SA-2006.021] OpenPKG Security Advisory (openssl)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security/ http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2006.021 28-Sep-2006 Package: openssl Vulnerability: denial of service OpenPKG Specific: ...
OpenSSL SSL_get_shared_ciphers() vulnerable to buffer overflow
Overview A buffer overflow vulnerability in an OpenSSL library function could allow a remote attacker to execute code on an affected system. Description The OpenSSL toolkit implements the Secure Sockets Layer SSL versions 2 and 3 and Transport Layer Security TLS version 1 protocols as well as a...
[OpenPKG-SA-2006.014] OpenPKG Security Advisory (shiela)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security/ http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2006.014 25-Jul-2006 Package: shiela Vulnerability: arbitrary code execution OpenPKG...
[OpenPKG-SA-2006.009] OpenPKG Security Advisory (binutils)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security/ http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2006.009 26-May-2006 Package: binutils Vulnerability: arbitrary code execution OpenPKG...
[OpenPKG-SA-2006.005] OpenPKG Security Advisory (tin)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2006.005 19-Feb-2006 Package: tin Vulnerability: buffer overflow OpenPKG Specific: no...
tin -- buffer overflow vulnerabilities
Urs Janssen and Aleksey Salow report possible buffer overflows in tin versions 1.8.0 and 1.8.1. OpenPKG project elaborates there is an allocation off-by-one bug in version 1.8.0 which can lead to a buffer overflow...
[OpenPKG-SA-2005.021] OpenPKG Security Advisory (squid)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2005.021 10-Sep-2005 Package: squid Vulnerability: denial of service OpenPKG Specific...
shtool insecure temporary file creation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 shtool insecure temporary file creation Vendor: http://www.gnu.org/software/shtool/ Advisory: http://www.zataz.net/adviso/shtool-05252005.txt Vendor informed: no more vendor Exploit available: yes Impact : low Exploitation : low shtool contain a...
[OpenPKG-SA-2004.038] OpenPKG Security Advisory (zlib)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2004.038 25-Aug-2004 Package: zlib Vulnerability: denial of service OpenPKG Specific:...
[Full-Disclosure] [OpenPKG-SA-2004.036] OpenPKG Security Advisory (cvstrac)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2004.036 06-Aug-2004 Package: cvstrac Vulnerability: arbitrary code execution OpenPKG...
[OpenPKG-SA-2004.015] OpenPKG Security Advisory (ethereal)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2004.015 16-Apr-2004 Package: ethereal Vulnerability: arbitrary code execution OpenPK...
[OpenPKG-SA-2004.026] OpenPKG Security Advisory (apache)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2004.026 27-May-2004 Package: apache option "withmodssl" only Vulnerability: arbitrar...
[OpenPKG-SA-2004.019] OpenPKG Security Advisory (kolab)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2004.019 05-May-2004 Package: kolab Vulnerability: information leakage, privilege...
[Full-Disclosure] [OpenPKG-SA-2004.017] OpenPKG Security Advisory (png)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2004.017 29-Apr-2004 Package: png Vulnerability: denial of service OpenPKG Specific: ...
[Full-Disclosure] [OpenPKG-SA-2004.016] OpenPKG Security Advisory (neon)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2004.016 16-Apr-2004 Package: neon, subversion, cadaver, sitecopy, tla Vulnerability:...
[OpenPKG-SA-2004.006] OpenPKG Security Advisory (uudeview)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 OpenPKG Security Advisory The OpenPKG Project http://www.openpkg.org/security.html http://www.openpkg.org [email protected] [email protected] OpenPKG-SA-2004.006 12-Mar-2004 Package: uudeview Vulnerability: insecure temp file handling,...