30 matches found
Ghostscript < 8.64 'gdevpdtb.c' Buffer Overflow Vulnerability
No description provided by source. Ghostscript is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input before copying it into a finite-sized buffer. Exploiting this issue allows remote attackers to overwrite a sensitive memory buffer with...
Ghostscript 'CCITTFax' Decoding Filter - Denial of Service Vulnerability
No description provided by source. Ghostscript is prone to a remote denial-of-service vulnerability because it fails to properly validate user-supplied input. Exploiting this issue allows remote attackers to crash the application and possibly to execute code, but this has not been confirmed...
Mozilla Firefox Floating Point Conversion Heap Overflow Vulnerability
Exploit for unknown platform in category remote exploits ===================================================================== Mozilla Firefox Floating Point Conversion Heap Overflow Vulnerability ===================================================================== Vulnerable: VMWare vMA 4.0...
Linux Kernel 'fasync_helper()' Local Privilege Escalation Vulnerability
Exploit for linux platform in category local exploits ======================================================================= Linux Kernel 'fasynchelper' Local Privilege Escalation Vulnerability ======================================================================= Credit: Tavis Ormandy...
Linux Kernel 64bit Personality Handling Local DoS Vulnerability
Exploit for linux platform in category dos / poc ============================================================================= Linux Kernel 64bit Personality Handling Local Denial of Service Vulnerability ============================================================================= Vulnerable:...
MySQL 'sql/sql_table.cc' CREATE TABLE Security Bypass Vulnerability
MySQL is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain access to table files created by other users, The following are vulnerable: MySQL 5.0.x through 5.0.88 MySQL 5.1.x through 5.1.41 MySQL 6.0 prior to 6.0.9-alpha...
BibTeX - '.bib' File Handling Memory Corruption
Bugtraq ID: 34332 Class: Failure to Handle Exceptional Conditions Published: Apr 01 2009 12:00AM Updated: Nov 13 2009 03:46PM Credit: Vincent Lafevre Vulnerable: RedHat Linux 2.1 RedHat Fedora 9 0 RedHat Fedora 11 RedHat Fedora 10 RedHat Enterprise Linux WS 5 RedHat Enterprise Linux WS 4 RedHat...
Expat 2.0.1 UTF-8 Character XML Parsing Remote Denial of Service Vulnerability
No description provided by source. Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat Fedora 11 RedHat Fedora 10 RedHa...
Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service
Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat Fedora 11 RedHat Fedora 10 RedHat Enterprise Linux WS 4 RedHat...
Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service
Expat 2.0.1 - UTF-8 Character XML Parsing Remote Denial of Service Bugtraq ID: 36097 Class: Input Validation Error Published: Jan 17 2009 12:00AM Updated: Nov 12 2009 08:06PM Credit: Peter Valchev Vulnerable: SuSE openSUSE 11.0 SuSE openSUSE 10.3 SuSE Linux 9 SuSE Linux 11 SuSE Linux 10.0 RedHat...
LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability
No description provided by source. Bugtraq ID: 35451 Class: Boundary Condition Error Published: Jun 21 2009 12:00AM Updated: Nov 12 2009 06:46PM Credit: wololo Vulnerable: Ubuntu Ubuntu Linux 9.04 sparc Ubuntu Ubuntu Linux 9.04 powerpc Ubuntu Ubuntu Linux 9.04 lpia Ubuntu Ubuntu Linux 9.04 i386...
pam_ssh用户名枚举漏洞
BUGTRAQ ID: 34333 CNCAN ID:CNCAN-2009040207 pamssh是一款结合SSH密钥和SSH客户端使用的PAM模块,允许使用SSH密钥为UNIX提供登录服务。 pamssh在处理基于SSH KEY的用户验证时存在问题,远程攻击者可以利用漏洞获得敏感用户信息。 当PAM使用USE=ssh编译时,攻击者连接pam+ssh启用的服务器时,如果用户不存在SSH客户端会显示"Password:",而如果是存在用户,则显示"SSH passphrase:",攻击者借此可获得敏感用户信息。 RedHat Fedora 9 RedHat Fedora 10...
Linux Kernel VDSO未明特权提升漏洞
BUGTRAQ ID: 32099 CVE ID:CVE-2008-3527 CNCVE ID:CNCVE-20083527 Linux是一款开放源代码的操作系统。 Linux虚拟动态共享对象vDSO实现存在边界检查错误,本地攻击者可以利用漏洞对系统进行拒绝服务攻击或提升特权。 目前没有详细漏洞细节提供。 RedHat Enterprise Linux Desktop 5 client RedHat Enterprise Linux 5 server Linux kernel 2.6.19 1 Linux kernel 2.6.19 .2 Linux kernel 2.6.19 .1...
Linux Kernel 'do_splice_from()'本地安全绕过漏洞
BUGTRAQ ID: 31903 CVE ID:CVE-2008-4554 CNCVE ID:CNCVE-20084554 Linux是一款开放源代码的操作系统。 Linux在执行部分文件操作时'dosplicefrom'函数不正确拒绝文件描述符,本地攻击者可以利用漏洞绕过本地安全限制。 攻击者可以绕过append-only限制,破坏系统文件。 RedHat Fedora 9 0 RedHat Fedora 8 0 Linux kernel 2.6.26 4 Linux kernel 2.6.26 3 Linux kernel 2.6.26 .6 Linux kernel 2.6.26...
Linux Kernel 'generic_file_splice_write()' Local Privilege Escalation Vulnerabil
The Linux kernel is prone to a local privilege-escalation vulnerability related to the 'genericfilesplicewrite' function. Local attackers can exploit this issue to gain superuser privileges. Successful exploits will result in the complete compromise of the computer. Versions prior to Linux kernel...
Red Hat Fedora目录服务器HTTP非转义函数缓冲区溢出漏洞
BUGTRAQ ID: 31106 CVE ID:CVE-2008-2932 CNCVE ID:CNCVE-20082932 Red Hat Fedora Directory Server是一款目录服务程序。 Red Hat Fedora Directory Server adminutil不正确处理用户输入,远程攻击者可以利用漏洞进行缓冲区溢出,以应用程序权限执行任意指令。 adminutil是一款Red Hat / Fedora Directory Server附带的多个CGI脚本使用的通用函数库。 adminutil...
newsx 'read_article()'缓冲区溢出漏洞
BUGTRAQ ID: 30231 CNCAN ID:CNCAN-2008071603 NewsX NNTP客户端是一款用于访问Internet News服务器的程序。 NewsX 'readarticle'存在缓冲区溢出,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 问题代码如下: --- src/getarticle.c --- static int readarticlelong where,char group char linebufMAXHEADERSIZE+1, line; ... line=linebuf; ... for ;; if...
libmodplug 's3m' Remote Buffer Overflow Vulnerability
No description provided by source. /The libmodplug library is prone to a remote buffer-overflow vulnerability because the software fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running ...
WordPress wp-db.php Character Set SQL Injection Vulnerability
CVE-2007-6318 WordPress is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in...
OpenSSH LINUX_AUDIT_RECORD_EVENT远程记录注入漏洞
OpenSSH是一款开放源码的SSH协议的实现。 OpenSSH存在设计问题,远程攻击者可以利用漏洞注入非法数据到日志条目中,导致攻击被隐藏。 目前没有详细漏洞细节提供。 RedHat Fedora Core6 OpenSSH OpenSSH 4.3p2 Fedora发布了安全公告并修补了此漏洞: http://www.openssh.org/...