Debian Security Advisory DSA 3270-1 (postgresql-9.4 - security update)

Several vulnerabilities have been found in PostgreSQL-9.4, a SQL database system. CVE-2015-3165 Remote crash SSL clients disconnecting just before the authentication timeout expires can cause the server to crash. CVE-2015-3166 Information exposure The replacement implementation of snprintf failed...

Debian Security Advisory DSA 3269-1 (postgresql-9.1 - security update)

Several vulnerabilities have been found in PostgreSQL-9.1, a SQL database system. CVE-2015-3165 Remote crash SSL clients disconnecting just before the authentication timeout expires can cause the server to crash. CVE-2015-3166 Information exposure The replacement implementation of snprintf failed...

UBUNTU-CVE-2015-3166

The snprintf implementation in PostgreSQL before 9.0.20, 9.1.x before 9.1.16, 9.2.x before 9.2.11, 9.3.x before 9.3.7, and 9.4.x before 9.4.2 does not properly handle system-call errors, which allows attackers to obtain sensitive information or have other unspecified impact via unknown vectors, a...

mini_httpd -- buffer overflow via snprintf

ACME Updates reports: minihttpd 1.21 and earlier allows remote attackers to obtain sensitive information from process memory via an HTTP request with a long protocol string, which triggers an incorrect response size calculation and an out-of-bounds read. rene ACME, the author, claims that the...

ProFTPD 1.2 pre6 snprintf Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/650/info Lack of user input validation in ProFTPD can lead to a remote root vulnerability. On systems that support it ProFTPD will attempt to modify the name of the program being executed argv0 to display the command bein...

PHP 5.3.3 ibase_gen_id() off-by-one Overflow Vulnerability

No description provided by source. === Vulnerability === PHP 5.3.3 Possible All versions ibasegenid off-by-one overflow === Author === cb === Description === User-supplied variable generator copied to 128 byte buffer query size of query variable. So its cause off-by-one overflow. You can see 1...

Synology DiskStation Manager uistrings.cgi lang Parameter Directory Traversal

The Synology DiskStation Manager installed on the remote host is affected by a directory traversal vulnerability. By sending a large, padded file path to the 'lang' parameter of the 'uistrings.cgi' script, an overflow will occur within the snprintf function used to prevent such attacks. A remote,...

Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities

Exploit for linux platform in category web applications Title: Synology DSM multiple vulnerabilities Version affected: = 4.3-3776 Vendor: Synology Discovered by: Andrea Fabrizi Email: email protected Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched Synology DiskStation Manag...

MiniUPnPd Information Disclosure (CVE-2013-2600)

Hi list, I am writing to inform you of an information disclosure vulnerability I noticed in MiniUPnPd a few months back. Specifically, MiniUPnPd versions 1.8 and earlier are prone to an information disclosure vulnerability due to improper use of snprintf while preparing SSDP responses. An attacke...

FreeBSD : spamdyke -- Buffer Overflow Vulnerabilities (7d2336c2-4607-11e1-9f47-00e0815b8da8)

Secunia reports : Fixed a number of very serious errors in the usage of snprintf/vsnprintf. The return value was being used as the length of the string printed into the buffer, but the return value really indicates the length of the string that could be printed if the buffer were of infinite size...

spamdyke -- Buffer Overflow Vulnerabilities

Secunia reports: Fixed a number of very serious errors in the usage of snprintf/vsnprintf. The return value was being used as the length of the string printed into the buffer, but the return value really indicates the length of the string that could be printed if the buffer were of infinite size...

CVE-2010-2628

The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which allows remote attackers to execute arbitrary code via crafted 1 certificate or 2 identity data that triggers buffer overflows...

PHP 5.3.3 - ibase_gen_id() Off-by-One Overflow

PHP 5.3.3 - ibasegenid Off-by-One Overflow === Vulnerability === PHP 5.3.3 Possible All versions ibasegenid off-by-one overflow === Author === cb === Description === User-supplied variable "generator" copied to 128 byte buffer "query" size of query variable. So its cause off-by-one overflow. You...

PHP 5.3.3 ibase_gen_id() off-by-one Overflow Vulnerability

Exploit for php platform in category dos / poc ========================================================== PHP 5.3.3 ibasegenid off-by-one Overflow Vulnerability ========================================================== === Vulnerability === PHP 5.3.3 Possible All versions ibasegenid off-by-one...

PHP 5.3.3 - 'ibase_gen_id()' Off-by-One Overflow

=== Vulnerability === PHP 5.3.3 Possible All versions ibasegenid off-by-one overflow === Author === cb === Description === User-supplied variable "generator" copied to 128 byte buffer "query" size of query variable. So its cause off-by-one overflow. You can see 1 snprintf copy statement to "query...

SuSE 10 Security Update : Cyrus IMAPD (ZYPP Patch Number 6476)

This update of cyrus-imapd fixes a buffer overflow that occurs in snprintf due to incorrectly calculating the size of the destination buffer. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...

cscope security update

15.5-10.RHEL4.3 - Merge incdir-overflow and snprintf patches for better readability, snprintf is used now with PATHLEN limit without other adjustments, related strlen / %.s / len are no longer needed and were dropped - Update tempsec patch, drop extraneous snprintf argument to suppress compiler...

Cscope Multiple Buffer Overflow vulnerability

This host has installed Cscope and is prone to Multiple Buffer Overflow vulnerability. OpenVAS Vulnerability Test $Id: gbcscopemultbofvuln.nasl 4865 2016-12-28 16:16:43Z teissa $ Cscope Multiple Buffer Overflow Vulnerability Authors: Antu Sanadi Copyright: Copyright c 2009 Greenbone Networks GmbH...

MPFR library buffer overflow

mpfrsnprintf and mpfrvsnprintf functions buffer overflow...

FreeBSD : samba -- format string bug in afsacl.so VFS plugin (57ae52f7-b9cc-11db-bf0f-0013720b182d)

The Samba Team reports : NOTE: This security advisory only impacts Samba servers that share AFS file systems to CIFS clients and which have been explicitly instructed in smb.conf to load the afsacl.so VFS module. The source defect results in the name of a file stored on disk being used as the...