4969 matches found
CVE-2006-0905
A "programming error" in fastipsec in FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2 through 3 does not properly update the sequence number associated with a Security Association, which allows packets to pass sequence number checks and allows remote attackers to capture IPSec packets and...
CVE-2006-0905
The CVE-2006-0905 entry concerns a programming error in fast_ipsec on FreeBSD 4.8-RELEASE through 6.1-STABLE and NetBSD 2–3 that fails to properly update the Security Association sequence number. This flaw lets remote attackers bypass sequence-number checks, enabling interception of IPSec packets...
BomberClone < 0.11.6.2 (Error Messages) Remote Buffer Overflow Exploit
Exploit for multiple platform in category remote exploits ====================================================================== BomberClone include include include include include include include / fork + bind port 31337 - ty izik / char linuxshellcode=...
[SECURITY] [DSA 996-1] New Crypt::CBC packages fix cryptographic weakness
-------------------------------------------------------------------------- Debian Security Advisory DSA 996-1 [email protected] http://www.debian.org/security/ Martin Schulze March 13th, 2006 http://www.debian.org/security/faq -...
DSA-996-1 libcrypt-cbc-perl - programming error
Bulletin has no description...
[SECURITY] [DSA 990-1] New bluez-hcidump packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 990-1 [email protected] http://www.debian.org/security/ Martin Schulze March 10th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 978-1] New GnuPG packages fix invalid success return
-------------------------------------------------------------------------- Debian Security Advisory DSA 978-1 [email protected] http://www.debian.org/security/ Martin Schulze February 17th, 2006 http://www.debian.org/security/faq -...
[SECURITY] [DSA 978-1] New GnuPG packages fix invalid success return
-------------------------------------------------------------------------- Debian Security Advisory DSA 978-1 [email protected] http://www.debian.org/security/ Martin Schulze February 17th, 2006 http://www.debian.org/security/faq -...
DSA-968-1 noweb - insecure temporary file
Bulletin has no description...
[Full-disclosure] [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title:xfocus-SD-060206BCB compiler incorrect deal sizeof operator vulnerability Affected version : = BCB6+entupd4 Vendor: http://borland.com/ Url: http://www.xfocus.net/releases/200602/a849.html XFOCUS http://www.xfocus.org had already discovered a...
Windows Access Control Demystified
Hello everybody, We have constructed a logical model of Windows XP access control, in a declarative but executable Datalog format. We have built a scanner that reads access-control configuration information from the Windows registry, file system, and service control manager database, and feeds ra...
Programming cheats: the C language efficient four trick-vulnerability warning-the black bar safety net
Writing efficient and simple C language code, many software engineers are pursuing. This article is for the programming work of some of the experience and experience to do the relevant elaboration. The first trick: to space for time Computer program the greatest paradox in space and time the...
Ubuntu 4.10 : postfix vulnerability (USN-74-1)
Jean-Samuel Reynaud noticed a programming error in the IPv6 handling code of Postfix when /proc/net/ifinet6 is not available which is the case in Ubuntu since Postfix runs in a chroot. If 'permitmxbackup' was enabled in the 'smtpdrecipientrestrictions', Postfix turned into an open relay, i. e...
[SECURITY] [DSA 939-1] New fetchmail packages fix denial of service
-------------------------------------------------------------------------- Debian Security Advisory DSA 939-1 [email protected] http://www.debian.org/security/ Martin Schulze January 13th, 2006 http://www.debian.org/security/faq -...
DSA-939-1 fetchmail - programming error
Bulletin has no description...
delphi Trojan DIY of the port complex by the back door implementation-vulnerability warning-the black bar safety net
delphi Trojan DIY of the port complex by the back door. You may want to ask:“why in the Trojan, backdoors are increasingly widespread today, and we also write procedures?” sobiny: “sense of achievement” In fact, the port multiplexing sounds very esotericart, in fact, very simple, simple only need...
RHEL 4 : perl (RHSA-2005:880)
Updated Perl packages that fix security issues and bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Perl is a high-level programming language commonly used for system administration utilitie...
[SECURITY] [DSA 927-2] New tkdiff packages fix insecure temporary file creation
-------------------------------------------------------------------------- Debian Security Advisory DSA 927-2 [email protected] http://www.debian.org/security/ Martin Schulze December 29th, 2005 http://www.debian.org/security/faq -...
XSS&Sql injection attack in PHP-Fusion 6.00.3 Released
XSS&Sql injection attack in PHP-Fusion 6.00.3 Released Web page:http://www.php-fusion.co.uk/ Author:[email protected] 1.Description ..."PHP-Fusion is a constantly evolving content management system CMS powered by PHP 4 and mySQL. It provides an easy to install system with a simple yet powerf...
GLSA-200512-04 : Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation
The remote host is affected by the vulnerability described in GLSA-200512-04 Openswan, IPsec-Tools: Vulnerabilities in ISAKMP Protocol implementation The Oulu University Secure Programming Group OUSPG discovered that various ISAKMP implementations, including Openswan and racoon included in the...