75 matches found
Updated libjpeg packages fix security vulnerability
Passing a specially crafted jpeg file to libjpeg-turbo could lead to stack smashing CVE-2014-9092...
libjpeg-turbo: denial of service
Special crafted jpeg files lead to stack smashing and lead to at least a dos maybe remote due to imagick. The Huffman encoder's local buffer can be overrun when a buffered destination manager is being used and an extremely-high-frequency block basically junk image data is being encoded. Even thou...
[SECURITY] [DSA 2664-1] stunnel4 security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2664-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 2, 2013 http://www.debian.org/security/faq -...
Debian DSA-2664-1 : stunnel4 - buffer overflow
Stunnel, a program designed to work as an universal SSL tunnel for network daemons, is prone to a buffer overflow vulnerability when using the Microsoft NT LAN Manager NTLM authentication 'protocolAuthentication = NTLM' together with the 'connect'protocol method 'protocol = connect'. With these...
[SECURITY] [DSA 2664-1] stunnel4 security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2664-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 2, 2013 http://www.debian.org/security/faq -...
DSA-2664-1 stunnel4 - buffer overflow
Bulletin has no description...
MySQL 5.5.8 Denial Of Service
import socket, sys print "\n" print "----------------------------------------------------------------" print "| MySQL 5.5.8 Null Ptr windows |" print "| Level Smash the Stack |" print "----------------------------------------------------------------" print "\n"...
Putty 0.60 Denial Of Service
print "\n" print "----------------------------------------------------------------" print "| putty 0.60 Null Ptr |" print "| Level Smash the Stack |" print "----------------------------------------------------------------" print "\n" import sys, socket, binascii HOST = sys.argv1 PORT = 22 s =...
KingView 6.53 SCADA HMI Heap Overflow
Exploit Title: KingView 6.53 SCADA HMI Heap Overflow PoC Date: 9/28/2010 Author: Dillon Beresford Software Link: http://download.kingview.com/software/kingview%20English%20Version/kingview6.53EN.rar Version: 6.53 English Tested on: Windows XP SP1 works on SP2 and SP3 will release new targets afte...
ProFTPD IAC Remote Root Exploit
No description provided by source. Exploit Title: ProFTPD IAC Remote Root Exploit Date: 7 November 2010 Author: Kingcope use IO::Socket; $numtargets = 13; @targets = Plain Stack Smashing Confirmed to work "FreeBSD 8.1 i386, ProFTPD 1.3.3a Server binary", PLATFORM SPEC "FreeBSD", OPERATING SYSTEM ...
ProFTPD IAC Remote Root Exploit
Exploit Title: ProFTPD IAC Remote Root Exploit Date: 7 November 2010 Author: Kingcope use IO::Socket; $numtargets = 13; @targets = Plain Stack Smashing Confirmed to work "FreeBSD 8.1 i386, ProFTPD 1.3.3a Server binary", PLATFORM SPEC "FreeBSD", OPERATING SYSTEM 0, EXPLOIT STYLE 0xbfbfe000, OFFSET...
Hack of the classic tutorial of buffer overflow and decryption(a)-vulnerability warning-the black bar safety net
The buffer overflow weakness was born in the 7 0's. Morris Worm8 0'scan be considered their first public application. From the 9 0's, related document, such as the famous Aleph1's”Smashing the Stack for Fun and Profit”and code has been on the Internet disclosed. This article is about some need to...
Linuxconf 1.1.x/1.2.x - Local Environment Variable Buffer Overflow (2)
// source: https://www.securityfocus.com/bid/5585/info Linuxconf is a Linux configuration utility from Solucorp. It is typically installed as a setuid root utility for the management and configuration of Linux operating systems. A buffer overflow vulnerability has been reported for Linuxconf. The...
CORE-20020409: Multiple vulnerabilities in stack smashing protection technologies
CORE SECURITY TECHNOLOGIES Advisory http://www.corest.com Multiple vulnerabilities in stack smashing protection technologies Date Published: 2002-04-23 Last Update: 2002-04-23 Advisory ID: CORE-20020409 Bugtraq ID: Non-assigned yet CVE CAN: Non-assigned yet Title: Multiple vulnerabilities in stac...
Multiple vulnerabilities in stack smashing protection technologies.
Advisory ID Internal CORE-20020409 Advisory Information: Advisory ID: CORE-20020409 Bugtraq ID:4586, 4589 CVE Name: Non-assigned yet Title: Multiple vulnerabilities in stack smashing protection technologies. Class: Design limitation, Implementation flaw Remotely Exploitable: Yes Locally...