1951 matches found
Critical: Red Hat Security Advisory: : Updated Sendmail packages fix vulnerability.
Updated Sendmail packages that fix a potentially-exploitable vulnerability are now available. Sendmail is a widely used Mail Transport Agent MTA and is included in all Red Hat Linux distributions. Michal Zalewski found a bug in the prescan function of unpatched Sendmail versions prior to 8.12.10...
Important: Red Hat Security Advisory: glibc security update
Updated glibc packages that fix a number of bugs as well as a buffer overflow issue are now available. The GNU libc package known as glibc contains the standard C libraries used by applications. A bug in the getgrouplist function can cause a buffer overflow if the size of the group list is too...
Important: Red Hat Security Advisory: : Updated kon2 packages fix buffer overflow
A buffer overflow in kon2 allows local users to obtain root privileges. KON is a Kanji emulator for the console. There is a buffer overflow vulnerability in the command line parsing code portion of the kon program up to and including version 0.3.9b. This vulnerability, if appropriately exploited,...
Oracle9i Application Server 9.0.2 - MOD_ORADAV Access Control
source: https://www.securityfocus.com/bid/14274/info The modoradav module for Oracle HTTP Server included in Oracle9i Application Server is prone to a vulnerability. This is related to access controls on the '/davpublic' and '/davportal' directories, allowing a malicious user to fill up the...
Cyrus Sieve / libSieve buffer overflow
problem ------- Cyrus' Sieve implementation contains a couple of classic string based buffer overflows in script parsing code. Anyone who can execute Sieve scripts can exploit these bugs. Versions up to libSieve 2.1.2 and Cyrus IMAP 2.1.10 are affected. Note that with Cyrus IMAP server exploiting...
[security bulletin] SSRT-547 HP Tru64 UNIX Potential Security Vulnerabilities TPC/IP, FTPD, ARP
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TITLE: SSRT-547 HP Tru64 UNIX Potential Security Vulnerabilities TPC/IP, FTPD, ARP REVISION: 0 NOTICE: There are no restrictions for distribution of this Bulletin provided that it remains complete and intact. RELEASE DATE: 10 September, 2002 SEVERITY:...
Sun Solaris ptexec does not adequately validate argument passed via -o option
Overview The Sun Solaris ptexec command is subject to a buffer overflow due to not adequately validating arguments passed via the -o option. Description A locally exploitable buffer overflow exists in the ptexec command which is included in the SUNWvts package. This package is not included in the...
File Transfer Protocol allows data connection hijacking via PASV mode race condition
Overview There is a vulnerability in the File Transfer Protocol FTP that allows an attacker to hijack FTP data connections when the client connects using passive mode PASV. Description In FTP PASV mode, the client makes a control connection to the FTP server typically port 21/tcp and requests a...
Security Bulletin (MS00-060) Re-release
Microsoft Security Bulletin MS00-060 - -------------------------------------- Patch Available for "IIS Cross-Site Scripting" Vulnerabilities Originally posted: August 25, 2000 Updated: November 2, 2000 Summary ======= On August 25, 2000, Microsoft released the original version of this bulletin, t...
netbsd-netstat.txt
Date: Tue, 9 Feb 1999 17:15:23 +1100 From: matthew green To: [email protected] Subject: NetBSD Security Advisory 1999-002 -----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 1999-002 ================================= Topic: Security problem with netstat Version: NetBSD-current from...
PT-2008-6903 · Washington University · University Of Washington Imap Toolkit +1
Name of the Vulnerable Software and Affected Versions: University of Washington IMAP Toolkit versions 2002 through 2007c University of Washington Alpine version 2.00 and earlier Description: The issue concerns multiple stack-based buffer overflows in the University of Washington IMAP Toolkit and...