738 matches found
CVE-2007-3409
Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service stack consumption via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop...
CVE-2007-3409
CVE-2007-3409 affects the Perl module Net::DNS prior to version 0.60. The vulnerability stems from parsing a malformed compressed DNS packet with self-referencing pointers, which can trigger an infinite loop and cause denial of service (stack consumption/availability impact). Connected advisories...
CVE-2007-3409
Net::DNS before 0.60, a Perl module, allows remote attackers to cause a denial of service stack consumption via a malformed compressed DNS packet with self-referencing pointers, which triggers an infinite loop...
Code injection
Header.pm in Net::DNS before 0.60, a Perl module, 1 generates predictable sequence IDs with a fixed increment and 2 can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin...
CVE-2007-3377
Header.pm in Net::DNS before 0.60, a Perl module, 1 generates predictable sequence IDs with a fixed increment and 2 can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin...
CVE-2007-3377
Header.pm in Net::DNS before 0.60, a Perl module, 1 generates predictable sequence IDs with a fixed increment and 2 can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin...
CVE-2007-3377
Header.pm in Net::DNS before 0.60, a Perl module, 1 generates predictable sequence IDs with a fixed increment and 2 can use the same starting ID for all child processes of a forking server, which allows remote attackers to spoof DNS responses, as originally reported for qpsmtp and spamassassin...
mod_perl PerlRun denial of service
PerlRun.pm in Apache modperl before 1.30, and RegistryCooker.pm in modperl 2.x, does not properly escape PATHINFO before use in a regular expression, which allows remote attackers to cause a denial of service resource consumption via a crafted URI...
CVE-2007-2459
Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...
Heap overflow
Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...
CVE-2007-2459
Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...
CVE-2007-2459
Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...
CVE-2007-2459
CVE-2007-2459 describes a heap-based buffer overflow in libimager-perl’s BMP reader (bmp.c), affecting 0.45–0.56 and potentially enabling remote code execution or a denial of service via crafted 8‑bit/pixel compressed BMP files. Public records in Debian/DSA-1498-1 indicate a fixed version (0.50-1...
CVE-2007-2459
Heap-based buffer overflow in the BMP reader bmp.c in Imager perl module libimager-perl 0.45 through 0.56 allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via crafted 8-bit/pixel compressed BMP files...
Debian DSA-960-3 : libmail-audit-perl - insecure temporary file creation
The former update caused temporary files to be created in the current working directory due to a wrong function argument. This update will create temporary files in the users home directory if HOME is set or in the common temporary directory otherwise, usually /tmp. For completeness below is a co...
DSA-1122 libnet-server-perl - format string
Bulletin has no description...
Crypt::CBC: Insecure initialization vector
Background Crypt::CBC is a Perl module to encrypt data using cipher block chaining CBC. Description Lincoln Stein discovered that Crypt::CBC fails to handle 16 bytes long initializiation vectors correctly when running in the RandomIV mode, resulting in a weaker encryption because the second part ...
CVE-2006-0898
Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...
CVE-2006-0898
Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...
Code injection
Crypt::CBC Perl module 2.16 and earlier, when running in RandomIV mode, uses an initialization vector IV of 8 bytes, which results in weaker encryption when used with a cipher that requires a larger block size than 8 bytes, such as Rijndael...