CVE-2007-0315

Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors related to 1 Options.cpp when storing settings in the registry, and 2 the transfer queue QueueCtrl.cpp. NOTE: some of these...

Solaris 8 (i386) : 119135-14

The remote host is missing Sun Security Patch number 119135-14 Message Queue 3.6x86 Service Pack 4 Patch 9 Solaris: C-API only. Date this patch was last updated by Sun : Tue Aug 12 05:59:17 MDT 2008 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@...

Fedora Core 4 : sendmail-8.13.7-2.fc4.1 (2006-836)

Tue Jul 18 2006 Thomas Woerner 8.13.7-2.fc4.1 - using new syntax for access database 177566 - fixed failure message while shutting down sm-client 119429 resolution: stop sm-client before sendmail - fixed method to specify persistent queue runners 126760 - removed patch backup files from...

Fedora Core 5 : sendmail-8.13.7-2.fc5.1 (2006-837)

Tue Jul 18 2006 Thomas Woerner 8.13.7-2.fc5.1 - using new syntax for access database 177566 - fixed failure message while shutting down sm-client 119429 resolution: stop sm-client before sendmail - fixed method to specify persistent queue runners 126760 - removed patch backup files from...

DEBIAN-CVE-2007-0248

The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service crash by causing an externalacl queue overload, which triggers an infinite loop...

Microsoft PGM远程缓冲区溢出漏洞（MS06-052）

PGM是一个可靠且可伸缩的多播协议，允许接收方检测丢失、请求重新传输丢失的数据或者通知应用程序无法恢复的丢失情形。 Microsoft在处理PGM消息时存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞在服务器上执行任意指令。 如果攻击者发送了特制的多播消息的话，就可能触发这个漏洞，导致执行任意指令。但成功攻击要求系统安装了MSMQ（Microsoft消息队列）服务，而该服务不是默认安装的。 Microsoft Windows XP SP2 Microsoft Windows XP SP1 厂商补丁： Microsoft ---------...

CVE-2006-5372

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln 1 APPS11 for Oracle Universal Work Queue and 2 APPS12 for Oracle Application Object Library...

CVE-2006-5372

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln 1 APPS11 for Oracle Universal Work Queue and 2 APPS12 for Oracle Application Object Library...

CVE-2006-4650

Cisco IOS 12.0/12.1/12.2 GRE decapsulation vulnerability: missing RFC2784 fixes allow GRE offset overflow during decapsulation, enabling remote crafted packets to enter the routing queue and potentially bypass ACLs. Affected component is GRE IP tunneling handling; root cause is failure to verify ...

CVE-2006-4620

The usereditaccount.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox...

CVE-2006-4620

The usereditaccount.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox...

CVE-2006-4620

CVE-2006-4620 affects Alt-N WebAdmin 3.2.5 (and possibly earlier) used with MDaemon 9.0.6. The issue allows remote authenticated domain administrators to escalate privileges and access the system mail queue by modifying the MDaemon user mailbox to use another account’s mailbox. Public sources cor...

Cisco IOS GRE issue

Phenoelit Advisory wir-haben-auch-mal-was-gefunden 0815 +---- Title Cisco Systems IOS GRE decapsulation fault Authors FX [email protected] Phenoelit Group http://www.phenoelit.de Advisory http://www.phenoelit.de/stuff/CiscoGRE.txt Affected Products Cisco IOS Tested on: C3550 IOS 12.119 Cisco Bug ID...

Current Versions Release History

Current Versions Release History 5.1c2 30-Jun-06 Valid Core License Keys: issued between 01-Jun-2004 and 31-Oct-2004, or on or after 01-Jun-2005. Admin: Lawful Intercept for Signals is implemented. WSSP: now all string prefixes HTML, JAVASCRIPT, etc. support numeric data. XIMSS: the Signal...

Sendmail: Denial of service

Background Sendmail is a popular mail transfer agent MTA. Description Frank Sheiness discovered that the mime8to7 function can recurse endlessly during the decoding of multipart MIME messages until the stack of the process is filled and the process crashes. Impact By sending specially crafted...

sendmail -- Incorrect multipart message handling

Problem Description A suitably malformed multipart MIME message can cause sendmail to exceed predefined limits on its stack usage. Impact An attacker able to send mail to, or via, a server can cause queued messages on the system to not be delivered, by causing the sendmail process which handles...

Linux Kernel Local DoS vulnerability.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello. I'd like to present one of Linux Kernel vulnerabilities. As far as I know, this one affects 2.6.x kernels. Problem - -- The problem lies in systimercreate in Linux/kernel/posix-timers.c. Each time user creates a posix timer, some kernel memory ...

Ubuntu 4.10 : bogofilter vulnerability (USN-26-1)

Antti-Juhani Kaijanaho discovered a Denial of Service vulnerability in bogofilter. The quoted-printable decoder handled certain Base-64 encoded strings in an invalid way which caused a buffer overflow and an immediate program abort. The exact impact depends on the way bogofilter is integrated int...

CVE-2005-3895

Open Ticket Request System OTRS 1.0.0 through 1.3.2 and 2.0.0 through 2.0.3, when AttachmentDownloadType is set to inline, renders text/html e-mail attachments as HTML in the browser when the queue moderator attempts to download the attachment, which allows remote attackers to execute arbitrary w...

Sympa < 4.1.3 Privilege Escalation Vulnerability

The remote version of Sympa contains a vulnerability which can be exploited by malicious local user to gain escalated privileges. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...