CVE-2007-5198

Buffer overflow in the redir function in checkhttp.c in Nagios Plugins before 1.4.10, when running with the -f follow option, allows remote web servers to execute arbitrary code via Location header responses redirects with a large number of leading "L" characters...

CVE-2007-5198

The CVE-2007-5198 issue affects the Nagios plugins, specifically the check_http function’s handling of Location headers. The root cause is a buffer overflow triggered by a large number of leading 'L' characters in redirects when using -f (follow). This can allow remote code execution on the host ...

Solaris 10 (sparc) : 120011-14 (deprecated)

SunOS 5.10: kernel patch. Date this patch was last updated by Sun : Sep/12/07 This plugin has been deprecated and either replaced with individual 120011 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2018/03/12...

Moderate: cyrus-sasl security and bug fix update

2.1.19-14 - Related: bz250732 Fixed a conflict with an earlier test patch 2.1.19-13 - Related: bz250732 Fixed uninitialized stack variable causing segfault 2.1.19-12 - Resolves: bz250732 sasl-sample-server crashes with null realm 2.1.19-11 - Resolves: bz243910 krb5-libs are not thread-safe -...

Numerous XSS Type 2 vulnerabilities in macros bundled with Confluence

'd like to report critical vulnerabilities in 3 of your macros - Column, Image, Block and Code macros. The vulnerabilities are classified as XSS Type 2 stored and the details with example exploits are in the pdfs attached. Because of similarity of the vulnerabilities assume that it is more than...

CVE-2007-3741

The 1 psp aka .tub, 2 bmp, 3 pcx, and 4 psd plugins in gimp allow user-assisted remote attackers to cause a denial of service crash or memory consumption via crafted image files, as discovered using the fusil fuzzing tool...

Code injection

The 1 psp aka .tub, 2 bmp, 3 pcx, and 4 psd plugins in gimp allow user-assisted remote attackers to cause a denial of service crash or memory consumption via crafted image files, as discovered using the fusil fuzzing tool...

DEBIAN-CVE-2007-3741

The 1 psp aka .tub, 2 bmp, 3 pcx, and 4 psd plugins in gimp allow user-assisted remote attackers to cause a denial of service crash or memory consumption via crafted image files, as discovered using the fusil fuzzing tool...

CVE-2007-3741

The 1 psp aka .tub, 2 bmp, 3 pcx, and 4 psd plugins in gimp allow user-assisted remote attackers to cause a denial of service crash or memory consumption via crafted image files, as discovered using the fusil fuzzing tool...

CVE-2007-3741

The 1 psp aka .tub, 2 bmp, 3 pcx, and 4 psd plugins in gimp allow user-assisted remote attackers to cause a denial of service crash or memory consumption via crafted image files, as discovered using the fusil fuzzing tool...

CVE-2007-3741

The CVE-2007-3741 entry relates to The GIMP, specifically its image loaders in the psp (aka .tub), bmp, pcx, and psd plugins. The vulnerability allows user-assisted remote attackers to cause a denial of service (crash or memory consumption) by feeding crafted image files, as identified using fuzz...

CVE-2007-3741

The 1 psp aka .tub, 2 bmp, 3 pcx, and 4 psd plugins in gimp allow user-assisted remote attackers to cause a denial of service crash or memory consumption via crafted image files, as discovered using the fusil fuzzing tool...

PT-2007-4982 · Gnu +1 · Gimp +1

Name of the Vulnerable Software and Affected Versions: GIMP affected versions not specified Description: The issue allows user-assisted remote attackers to cause a denial of service, resulting in a crash or memory consumption, via crafted image files. This is related to the psp, bmp, pcx, and psd...

Mandrake Linux Security Advisory : mozilla-firefox (MDKSA-2007:152)

A number of security vulnerabilities have been discovered and corrected in the latest Mozilla Firefox program, version 2.0.0.6. This update provides the latest Firefox to correct these issues. As well, it provides Firefox 2.0.0.6 for older products. %NASLMINLEVEL 70300 C Tenable Network Security,...

Nagios Plugins 1.4.21.4.9 - Location Header Remote Buffer Overflow

Nagios Plugins 1.4.21.4.9 - Location Header Remote Buffer Overflow source: https://www.securityfocus.com/bid/25952/info Nagios Plugins are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied data before copying it to an insufficiently...

Nagios Plugins 1.4.2/1.4.9 - Location Header Remote Buffer Overflow

source: https://www.securityfocus.com/bid/25952/info Nagios Plugins are prone to a remote buffer-overflow vulnerability because the software fails to properly bounds-check user-supplied data before copying it to an insufficiently sized buffer. Exploiting this issue allows attackers to execute...

squirrel-exec.txt

SquirrelMail G/PGP Encryption Plug-in Remote Command Execution Vulnerability Bugtraq ID: 24782 ----------------------------- There are various vulnerabilities in this software! One is in keyringmain.php! $fpr is not escaped from shellcommands! testbox:/home/w00t cat /tmp/w00t cat: /tmp/w00t: No...

[SECURITY] Fedora 7 Update: wireshark-0.99.6-1.fc7

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...

[SECURITY] Fedora Core 6 Update: wireshark-0.99.6-1.fc6

Wireshark is a network traffic analyzer for Unix-ish operating systems. This package lays base for libpcap, a packet capture and filtering library, contains command-line utilities, contains plugins and documentation for wireshark. A graphical user interface is packaged separately to GTK+ package...

CVE-2007-3494

Papoo CMS 3.6, and possibly earlier, does not verify user privileges when accessing the backend administration plugins, which allows remote authenticated users to 1 read the entire database by accessing the database backup plugin via a devtools/templates/newdumpbackend.html argument in the templa...