Lucene search
K

4603 matches found

CERT
CERT
added 2004/08/27 12:0 a.m.22 views

Multiple memory leak vulnerabilities in isakmpd

Overview Multiple memory handling vulnerabilities exist in the isakmpd that could allow a remote attacker to cause a denial of service. Description The OpenBSD isakmpd establishes security associations for encrypted and authenticated IPsec network traffic. It implements the Internet Security...

5CVSS6.7AI score0.0365EPSS
Exploits0
seebug.org
seebug.org
added 2004/08/25 12:0 a.m.14 views

Winamp <= 5.04 Skin File (.wsz) Remote Code Execution Exploit

No description provided by source. This 0day exploit is known to be circulating in the wild There is no patch for this vulnerability - Do not use Winamp ! http://www.milw0rm.com/sploits/skinhead.rar 171 Ko index.html ----------- html head /head frameset rows=",1" framespacing="0" border="0"...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2004/08/25 12:0 a.m.30 views

Hastymail security update

---Software--- Hastymail is a web based IMAP client written in PHP4 released under the GNU GPL. More information about Hastymail can be found at our homepage: http://hastymail.sourceforge.net ---Problem--- A problem was discovered yesterday regarding the use of the "download" link to download...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/10 12:0 a.m.37 views

Fedora Core 1 : kernel-2.4.22-1.2199.nptl (2004-251)

Paul Starzetz discovered flaws in the Linux kernel when handling file offset pointers. These consist of invalid conversions of 64 to 32-bit file offset pointers and possible race conditions. A local unprivileged user could make use of these flaws to access large portions of kernel memory. The...

2.1CVSS5.4AI score0.00766EPSS
Exploits5References3
securityvulns
securityvulns
added 2004/08/05 12:0 a.m.57 views

CESA-2004-001: libpng

CESA-2004-001 - rev 3 libPNG 1.2.5 stack-based buffer overflow and other code concerns ================================================================ Programs : libpng users including mozilla, konqueror, various e-mail clients, generally lots. Also reports that some versions of IE are vulnerabl...

10CVSS0.82537EPSS
Exploits3
CERT
CERT
added 2004/08/04 12:0 a.m.47 views

libpng png_handle_iCCP() NULL pointer dereference

Overview The Portable Network Graphics library libpng contains a remotely exploitable vulnerability that could cause affected applications to crash. Description The Portable Network Graphics PNG image format is used as an alternative to other image formats such as the Graphics Interchange Format...

8.5AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.30 views

Mandrake Linux Security Advisory : cvs (MDKSA-2004:048)

Stefan Esser discovered that malformed 'Entry' lines in combination with Is-modified and Unchanged can be used to overflow malloced memory in a way that can be remotely exploited. The updated packages contain a patch to correct the problem. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

7.5CVSS5.4AI score0.67525EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2004/07/31 12:0 a.m.31 views

Mandrake Linux Security Advisory : sendmail (MDKSA-2003:092)

A buffer overflow vulnerability was discovered in the address parsing code in all versions of sendmail prior to 8.12.10 by Michal Zalewski, with a patch to fix the problem provided by Todd C. Miller. This vulnerability seems to be remotely exploitable on Linux systems running on the x86 platform;...

10CVSS5.8AI score0.60185EPSS
Exploits3References4
securityvulns
securityvulns
added 2004/07/30 12:0 a.m.19 views

[Full-Disclosure] [VSA0402] OpenFTPD format string vulnerability

VSA0402 - openftpd - void.at security notice Overview ======== We have discovered a format string vulnerability in openftpd http://www.openftpd.org:9673/openftpd. OpenFTPD is a free, open source FTP server implementation for the UNIX platform. FTP4ALL is not vulnerable it doesnt use that message...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2004/06/11 12:0 a.m.31 views

EEYE: RealPlayer embd3260.dll Error Response Heap Overflow

RealPlayer embd3260.dll Error Response Heap Overflow Release Date: June 10, 2004 Date Reported: May 14, 2004 Severity: High Remote Code Execution Vendor: RealNetworks Systems Affected: RealOne Player RealOne Player v2 RealPlayer 10 RealPlayer 8 RealPlayer Enterprise Description: eEye Digital...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2004/06/10 12:0 a.m.43 views

Trend Officescan local privilege escalation

Product: Trend OfficeScan Product Description: Trend OfficeScan is a Corporate Antivirus product from Trend Microsystems Versions affected: Tested on 5.5 others may be vulnerable Vulnerability type: Local privilege escalation Vendor URL: http://www.trendmicro.com OS tested Windows XP + SP1 others...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2004/05/28 12:0 a.m.39 views

[security bulletin] SSRT4719 hp OpenView Select Access remote unauthorized access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBMA01045 REVISION: 0 SSRT4719 rev.0 hp OpenView Select Access remote unauthorized access ----------------------------------------------------------------- NOTICE: There are no restrictions for distribution of this Bulletin...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2004/05/21 12:0 a.m.24 views

[UNIX] OpenBSD Procfs Memory Disclosure Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

Exploits0
securityvulns
securityvulns
added 2004/05/11 12:0 a.m.63 views

[Full-Disclosure] CSA-200402-1: Previous Open Webmail vulnerability is exploitable

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cycom AB Security Advisory CSA-200402-1 www.cycom.se Advisory: Previous Open Webmail vulnerability is exploitable Date: Sat Feb 21 15:18:21 CET 2004, updated: Thu May 6 10:37:29 CEST 2004 Application: Open Webmail 2.20, 2.21 and 2.30 and -current...

0.2AI score
Exploits0
CERT
CERT
added 2004/04/30 12:0 a.m.18 views

libgcc contains multiple flaws that allow integer type range vulnerabilities to occur at runtime

Overview The libgcc runtime for the gcc and g++ compilers contain multiple flaws that can result in integer type range vulnerabilities in programs that are compiled using the -ftrapv option. Description Both gcc and g++ provide an -ftrapv compiler option that, according to the gcc man page,...

7.7AI score
Exploits0References4
CERT
CERT
added 2004/04/30 12:0 a.m.44 views

Gaim contains a buffer overflow vulnerability in the gaim_quotedp_decode() function

Overview There is a buffer overflow vulnerability in the Gaim gaimquotedpdecode function, which could cause a pointer to reference memory beyond the terminating null byte. Description Gaim is a multi-protocol instant messenger available for a number of operating systems. It includes a feature tha...

9.8CVSS9.7AI score0.11214EPSS
Exploits1References5
securityvulns
securityvulns
added 2004/04/23 12:0 a.m.62 views

[VulnWatch] Netegrity SiteMinder Affiliate Agent Cookie Overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Netegrity SiteMinder Affiliate Agent Cookie Overflow Release Date: 04/22/2004 Application: SiteMinder Affiliate Agent 4.x Platform: Solaris, Windows, HP-UX Severity: A remote attacker can...

10CVSS0.3AI score0.04986EPSS
Exploits0
securityvulns
securityvulns
added 2004/04/23 12:0 a.m.27 views

[Full-Disclosure] Cross Site Scripting fusion news

===================================================================== ========================== DarkBicho ================================ PROGRAM: fusion news HOMEPAGE: http://www.fusionphp.net/ version: 3.6.1 Bug: Cross Site Scripting Date: 22/04/2003 Author: DarkBicho web:...

0.8AI score
Exploits0
Packet Storm
Packet Storm
added 2004/04/19 12:0 a.m.20 views

kphone.stun.txt

KPhone STUN DoS Malformed STUN Packets ------------------------------------------------------------------------ Article reference: http://www.securiteam.com/unixfocus/5PP0B1FCLY.html SUMMARY KPhone is "a SIP Session Initiation Protocol user agent for Linux, with which you can initiate VoIP Voice...

7.4AI score
Exploits0
CERT
CERT
added 2004/04/14 12:0 a.m.22 views

Sun Solaris SSH Daemon fails to properly log client IP addresses

Overview The Sun Solaris Secure Shell Daemon sshd may incorrectly log client IP addresses. Description SSH is a program used to provide secure connection and communications between client and servers. Upon connecting to the service, the client's IP address is logged. There is a vulnerability in t...

6.9AI score
Exploits0References3
Rows per page
Query Builder