SUSE-SA:2006:032: sendmail

The remote host is missing the patch for the advisory SUSE-SA:2006:032 sendmail. The Mail Transfer Agent sendmail has a remote exploitable problem, where a specially crafted MIME messages can crash sendmail and block queue processing. This issue is tracked by the Mitre CVE ID CVE-2006-1173 and CE...

security flaw

smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service memory and CPU exhaustion by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop...

DEBIAN-CVE-2007-0452

smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service memory and CPU exhaustion by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop...

GLSA-200701-22 : Squid: Multiple Denial of Service vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200701-22 Squid: Multiple Denial of Service vulnerabilities Squid fails to correctly handle ftp:// URI's. There is also an error in the externalacl queue which can cause an infinite looping condition. Impact : An attacker could...

CVE-2007-0315

Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors related to 1 Options.cpp when storing settings in the registry, and 2 the transfer queue QueueCtrl.cpp. NOTE: some of these...

CVE-2007-0315

Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors related to 1 Options.cpp when storing settings in the registry, and 2 the transfer queue QueueCtrl.cpp. NOTE: some of these...

Solaris 8 (i386) : 119135-14

The remote host is missing Sun Security Patch number 119135-14 Message Queue 3.6x86 Service Pack 4 Patch 9 Solaris: C-API only. Date this patch was last updated by Sun : Tue Aug 12 05:59:17 MDT 2008 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@...

Fedora Core 4 : sendmail-8.13.7-2.fc4.1 (2006-836)

Tue Jul 18 2006 Thomas Woerner 8.13.7-2.fc4.1 - using new syntax for access database 177566 - fixed failure message while shutting down sm-client 119429 resolution: stop sm-client before sendmail - fixed method to specify persistent queue runners 126760 - removed patch backup files from...

Fedora Core 5 : sendmail-8.13.7-2.fc5.1 (2006-837)

Tue Jul 18 2006 Thomas Woerner 8.13.7-2.fc5.1 - using new syntax for access database 177566 - fixed failure message while shutting down sm-client 119429 resolution: stop sm-client before sendmail - fixed method to specify persistent queue runners 126760 - removed patch backup files from...

DEBIAN-CVE-2007-0248

The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service crash by causing an externalacl queue overload, which triggers an infinite loop...

Microsoft PGM远程缓冲区溢出漏洞（MS06-052）

PGM是一个可靠且可伸缩的多播协议，允许接收方检测丢失、请求重新传输丢失的数据或者通知应用程序无法恢复的丢失情形。 Microsoft在处理PGM消息时存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞在服务器上执行任意指令。 如果攻击者发送了特制的多播消息的话，就可能触发这个漏洞，导致执行任意指令。但成功攻击要求系统安装了MSMQ（Microsoft消息队列）服务，而该服务不是默认安装的。 Microsoft Windows XP SP2 Microsoft Windows XP SP1 厂商补丁： Microsoft ---------...

CVE-2006-5372

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln 1 APPS11 for Oracle Universal Work Queue and 2 APPS12 for Oracle Application Object Library...

CVE-2006-5372

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln 1 APPS11 for Oracle Universal Work Queue and 2 APPS12 for Oracle Application Object Library...

CVE-2006-4650

Cisco IOS 12.0/12.1/12.2 GRE decapsulation vulnerability: missing RFC2784 fixes allow GRE offset overflow during decapsulation, enabling remote crafted packets to enter the routing queue and potentially bypass ACLs. Affected component is GRE IP tunneling handling; root cause is failure to verify ...

CVE-2006-4620

The usereditaccount.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox...

CVE-2006-4620

The usereditaccount.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox...

CVE-2006-4620

CVE-2006-4620 affects Alt-N WebAdmin 3.2.5 (and possibly earlier) used with MDaemon 9.0.6. The issue allows remote authenticated domain administrators to escalate privileges and access the system mail queue by modifying the MDaemon user mailbox to use another account’s mailbox. Public sources cor...

Cisco IOS GRE issue

Phenoelit Advisory wir-haben-auch-mal-was-gefunden 0815 +---- Title Cisco Systems IOS GRE decapsulation fault Authors FX [email protected] Phenoelit Group http://www.phenoelit.de Advisory http://www.phenoelit.de/stuff/CiscoGRE.txt Affected Products Cisco IOS Tested on: C3550 IOS 12.119 Cisco Bug ID...

Current Versions Release History

Current Versions Release History 5.1c2 30-Jun-06 Valid Core License Keys: issued between 01-Jun-2004 and 31-Oct-2004, or on or after 01-Jun-2005. Admin: Lawful Intercept for Signals is implemented. WSSP: now all string prefixes HTML, JAVASCRIPT, etc. support numeric data. XIMSS: the Signal...

Sendmail: Denial of service

Background Sendmail is a popular mail transfer agent MTA. Description Frank Sheiness discovered that the mime8to7 function can recurse endlessly during the decoding of multipart MIME messages until the stack of the process is filled and the process crashes. Impact By sending specially crafted...