8 matches found
Astra Linux – Vulnerability in Linux 6.1
In the Linux kernel, the following vulnerability has been resolved: ext4: Avoid potential buffer over-reading in parseapplysbmountoptions. Unlike other strings in the ext4 superblock, we rely on tune2fs to ensure that smountopts is terminated with NUL. Harden parseapplysbmountoptions by treating...
Debian DLA-1070-1 : qemu security update
Multiple vulnerabilities were discovered in qemu, a fast processor emulator. The Common Vulnerabilities and Exposures project identifies the following problems : CVE-2017-6505 Denial of service via infinite loop in the USB OHCI emulation CVE-2017-8309 Denial of service via VNC audio capture...
[SECURITY] [DLA 1071-1] qemu-kvm security update
Package : qemu-kvm Version : 1.1.2+dfsg-6+deb7u23 CVE ID : CVE-2017-6505 CVE-2017-8309 CVE-2017-10664 CVE-2017-11434 Multiple vulnerabilities were discovered in qemu-kvm, a full virtualization solution for Linux hosts on x86 hardware with x86 guests based on the Quick EmulatorQemu. CVE-2017-6505...
DEBIAN-CVE-2017-11434
The dhcpdecode function in slirp/bootp.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service out-of-bounds read and QEMU process crash via a crafted DHCP options string...
CVE-2017-11434
The dhcpdecode function in slirp/bootp.c in QEMU aka Quick Emulator allows local guest OS users to cause a denial of service out-of-bounds read and QEMU process crash via a crafted DHCP options string...
FreeBSD : openvpn -- arbitrary code execution on client through malicious or compromised server (6129fdc7-6462-456d-a3ef-8fc3fbf44d16)
James Yonan reports : A format string vulnerability in the foreignoption function in options.c could potentially allow a malicious or compromised server to execute arbitrary code on the client. Only non-Windows clients are affected. The vulnerability only exists if a the client's TLS negotiation...
openvpn -- arbitrary code execution on client through malicious or compromised server
James Yonan reports: A format string vulnerability in the foreignoption function in options.c could potentially allow a malicious or compromised server to execute arbitrary code on the client. Only non-Windows clients are affected. The vulnerability only exists if a the client's TLS negotiation...
CVE-2002-1369
jobs.c in Common Unix Printing System CUPS 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack...