248 matches found
[SECURITY] Fedora 14 Update: udunits2-2.1.19-1.fc14
The Unidata units utility, udunits2, supports conversion of unit specificat ions between formatted and binary forms, arithmetic manipulation of unit specifications, and conversion of values between compatible scales of measurement. A unit is the amount by which a physical quantity is measured. Fo...
RedHat Update for sudo RHSA-2010:0675-01
Check for the Version of sudo OpenVAS Vulnerability Test RedHat Update for sudo RHSA-2010:0675-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...
Important: Red Hat Security Advisory: sudo security update
An updated sudo package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RedHat Security Advisory RHSA-2009:0267
The remote host is missing updates announced in advisory RHSA-2009:0267. The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root with logging. A flaw was discovered in a way sudo handled group specifications in run as lists in the sudoe...
sudo: Privilege escalation
Background sudo allows a system administrator to give users the ability to run commands as other users. Description Harald Koenig discovered that sudo incorrectly handles group specifications in RunasAlias and related entries when a group is specified in the list using %group syntax, to allow a...
RHEL 5 : sudo (RHSA-2009:0267)
The remote Redhat Enterprise Linux 5 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2009:0267 advisory. The sudo superuser do utility allows system administrators to give certain users the ability to run commands as root with logging. A flaw was...
Moderate: Red Hat Security Advisory: sudo security update
An updated sudo package to fix a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The sudo superuser do utility allows system administrators to give certain users the ability to run...
CVE-2007-4097
Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote attackers to obtain sensitive information, contrary to specifications...
Code injection
Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote attackers to obtain sensitive information, contrary to specifications...
CVE-2007-4097
Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote attackers to obtain sensitive information, contrary to specifications...
CVE-2007-4097
Tor before 0.1.2.15 sends "destroy cells" containing the reason for tearing down a circuit, which allows remote attackers to obtain sensitive information, contrary to specifications...
Ubuntu 4.10 : php4 vulnerability (USN-66-2)
Ubuntu Security Notice USN-66-1 described a circumvention of the 'openbasedir' restriction by using the cURL module. Adam Conrad discovered that the fix from USN-66-1 still allowed to bypass this restriction with certain variants of path specifications. In addition this update fixes the crash of...
CVE-2005-4533
Argument injection vulnerability in scponlyc in scponly 4.1 and earlier, when both scp and rsync compatibility are enabled, allows local users to execute arbitrary applications via "getopt" style argument specifications, which are not filtered...
[Full-disclosure] ICMP attacks against TCP: Conclusions
Folks, My posts to this list have tried to show how easy it is to perform ICMP attacks against TCP. The attacks are blind, so the attacker does not need to be a "man in the middle" to perform then. The typical number of packets required to perform any of these attacks is about 16000 in many cases...
CVE-2002-2112
RCA Digital Cable Modem DCM225 and DCM225E, and other modems that must conform to the Data-over-Cable Service Interface Specifications DOCSIS standard, uses the "public" community string for SNMP access, which allows remote attackers to read or write MIB information...
CVE-2002-0637
InterScan VirusWall 3.52 build 1462 is affected by CVE-2002-0637. The vulnerability arises from email headers that violate RFC syntax via space gap patterns (examples include Content-Type :", Content-Transfer-Encoding :, missing space before a boundary, and boundary= ), which an attacker can expl...
CVE-2001-1210
Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications DOCSIS standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings...
Stake AntiSniff 1.0.1Researchers 1.0 - DNS Overflow (2)
Stake AntiSniff 1.0.1Researchers 1.0 - DNS Overflow 2 // source: https://www.securityfocus.com/bid/1207/info Certain versions of @Stake Inc.'s Antisniffer software contain a remotely exploitable buffer overflow. AntiSniff is a program that was released by L0pht Heavy Industries in July of 1999. I...
Stake AntiSniff 1.0.1/Researchers 1.0 - DNS Overflow (2)
// source: https://www.securityfocus.com/bid/1207/info Certain versions of @Stake Inc.'s Antisniffer software contain a remotely exploitable buffer overflow. AntiSniff is a program that was released by L0pht Heavy Industries in July of 1999. It attempts, through a number of tests, to determine if...
Office 2013 1058
Office 2013 1058...