81 matches found
Oracle Linux 7 : samba (ELSA-2014-0867)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-0867 advisory. - resolves: 1105504 - CVE-2014-0244: DoS in nmbd. - resolves: 1108844 - CVE-2014-3493: DoS in smbd with unicode path names. - resolves: 1105573 -...
samba: smbd unicode path names denial of service
It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to...
samba: smbd unicode path names denial of service
It was discovered that smbd, the Samba file server daemon, did not properly handle certain files that were stored on the disk and used a valid Unicode character in the file name. An attacker able to send an authenticated non-Unicode request that attempted to read such a file could cause smbd to...
Novell ZENworks Asset Management File Upload Directory Traversal - Ver2 (CVE-2010-4229)
A directory traversal vulnerability has been reported in Novell ZENworks. The vulnerability is due to improper handling of path names when uploading files via ZENworks Asset Management. Successful exploitation of this vulnerability would allow a remote attacker to list directories, create arbitra...
Important: Red Hat Security Advisory: udisks security update
Updated udisks packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Google Chrome Multiple Vulnerabilities-02 Feb2013 (Linux)
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln02feb13lin.nasl 27542 2013-02-04 11:39:40Z feb$ Google Chrome Multiple Vulnerabilities-02 Feb2013 Linux Authors: Thanga Prakash S Copyright: Copyright c 2013...
Google Chrome Multiple Vulnerabilities-02 (Feb 2013) - Windows
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome Multiple Vulnerabilities-02 Feb2013 (MAC OS X)
This host is installed with Google Chrome and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbgooglechromemultvuln02feb13macosx.nasl 6115 2017-05-12 09:03:25Z teissa $ Google Chrome Multiple Vulnerabilities-02 Feb2013 MAC OS X Authors: Thanga Prakash S Copyright: Copyright...
SuSE 11.2 Security Update : inst-source-utils (SAT Patch Number 6817)
Multiple code execution flaws have been fixed that could have been exploited via specially crafted file names / directory path names. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The tex...
Important: Red Hat Security Advisory: kernel security, bug fix, and enhancement update
Updated kernel packages that fix multiple security issues, several bugs, and add one enhancement are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores,...
Debian Security Advisory DSA 2266-1 (php5)
The remote host is missing an update to php5 announced via advisory DSA 2266-1. OpenVAS Vulnerability Test $Id: deb22661.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2266-1 php5 Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...
Debian DSA-2266-1 : php5 - several vulnerabilities
Several vulnerabilities were discovered in PHP, which could lead to denial of service or potentially the execution of arbitrary code. - CVE-2010-2531 An information leak was found in the varexport function. - CVE-2011-0421 The Zip module could crash. - CVE-2011-0708 An integer overflow was...
Debian Security Advisory DSA 1815-1 (libtorrent-rasterbar)
The remote host is missing an update to libtorrent-rasterbar announced via advisory DSA 1815-1. OpenVAS Vulnerability Test $Id: deb18151.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1815-1 libtorrent-rasterbar Authors: Thomas Reinke Copyright: Copyright ...
Debian DSA-1815-1 : libtorrent-rasterbar - programming error
It was discovered that the Rasterbar Bittorrent library performed insufficient validation of path names specified in torrent files, which could lead to denial of service by overwriting files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plug...
DSA-1815-1 libtorrent-rasterbar - denial of service
Bulletin has no description...
DEBIAN-CVE-2009-0842
mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to read arbitrary invalid .map files via a full pathname in the map parameter, which triggers the display of partial file contents within an error message, as demonstrated by a /tmp/sekrut.map symlink...
FreeBSD Security Advisory (FreeBSD-SA-04:07.cvs.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-04:07.cvs.asc ADV FreeBSD-SA-04:07.cvs.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
FreeBSD Security Advisory (FreeBSD-SA-04:07.cvs.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-04:07.cvs.asc SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...
CVE-2005-1450
Unknown vulnerability in "the function used to validate path-names for uploading media" in Serendipity before 0.8 has unknown impact...
GLSA-200411-29 : unarj: Long filenames buffer overflow and a path traversal vulnerability
The remote host is affected by the vulnerability described in GLSA-200411-29 unarj: Long filenames buffer overflow and a path traversal vulnerability unarj has a bounds checking vulnerability within the handling of long filenames in archives. It also fails to properly sanitize paths when extracti...