8440 matches found
RHEL 7 : sudo (RHSA-2020:0540)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0540 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
Scientific Linux Security Update : sudo on SL7.x x86_64 (20200218)
Security Fixes : - sudo: Stack based buffer overflow when pwfeedback is enabled CVE-2019-18634 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux. include'compat.inc'; if description scriptid133789; scriptversion"1.3"; scriptsetattributeattribute:"pluginmodificationdate",...
Stack overflow
Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different...
: Viper RGB Driver Multiple Vulnerabilities
1. Advisory Information Title : Viper RGB Driver Multiple Vulnerabilities Advisory ID : CORE-2020-0001 Advisory URL : https://www.coresecurity.com/core-labs/advisories/viper-rgb-driver-multiple-vulnerabilities Date published : 2020-02-17 Date of last update : 2020-02-14 Vendors contacted : Patrio...
RHEL 8 : sudo (RHSA-2020:0487)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:0487 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
CVE-2020-8962
CVE-2020-8962 describes a stack-based buffer overflow in the D-Link DIR-842 REVC, caused by the use of strcpy for LOGINPASSWORD when handling a POST request to the /MTFWU endpoint (firmware v3.13B09 HOTFIX). The provided documents do not explicitly detail the impact beyond the overflow descriptio...
CVE-2020-8962
A stack-based buffer overflow was found on the D-Link DIR-842 REVC with firmware v3.13B09 HOTFIX due to the use of strcpy for LOGINPASSWORD when handling a POST request to the /MTFWU endpoint...
Adobe FrameMaker TGA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe FrameMaker. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...
Apple macOS IO80211Family Stack-based Buffer Overflow Information Disclosure Vulnerability
This vulnerability allows local attackers to disclose sensitive information on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...
CVE-2020-0662
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka ‘Windows Remote Code Execution Vulnerability’. Recent assessments: zeroSteiner at March 17, 2020 8:31pm UTC reported: Analysis performed using ipnathlp.dll from Windows Server 2019 x64 sha256:...
HPE Intelligent Management Center dbman Command 10018 Multiple Vulnerabilities
The HPE Intelligent Management Center iMC dbman process running on the remote host is affected by multiple vulnerabilities : - A command injection vulnerability exists due to improper validation of user-supplied data. An unauthenticated, remote attacker can exploit this, via a series of specially...
MGASA-2020-0081 Updated sudo packages fix security vulnerability
The updated packages fix a security vulnerability: In Sudo before 1.8.31, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for...
Stack overflow
Stack-based buffer overflow in Yokogawa CENTUM CS 1000 R3.08.70 and earlier, CENTUM CS 3000 R3.09.50 and earlier, CENTUM CS 3000 Entry R3.09.50 and earlier, CENTUM VP R5.04.20 and earlier, CENTUM VP Entry R5.04.20 and earlier, ProSafe-RS R3.02.10 and earlier, Exaopc R3.72.00 and earlier, Exaquant...
Security Bulletin: XML vulnerabilities in ClearQuest (CVE-2016-0729, CVE-2016-4463)
Summary IBM Rational ClearQuest is vulnerable to XML parsing attacks. These attacks could cause a denial of service or execution of code. Vulnerability Details CVEID: CVE-2016-0729 DESCRIPTION: Apache Xerces-C XML Parser library is vulnerable to a denial of service, caused by improper bounds...
FreeBSD : sudo -- Potential bypass of Runas user restrictions (b4e5f782-442d-11ea-9ba9-206a8a720317)
Todd C. Miller reports : Sudo's pwfeedback option can be used to provide visual feedback when the user is inputting their password. For each key press, an asterisk is printed. This option was added in response to user confusion over how the standard Password: prompt disables the echoing of key...
Mini-SNMPD socket disconnect denial-of-service vulnerability
Summary A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple connections. A specially timed sequence of SNMP connections can trigger a stack overflow, resulting in a denial of service. To trigger this vulnerability, an attacker needs to simply initiate...
CVE-2014-8322
Stack-based buffer overflow in the tcptest function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value...
CVE-2013-3488
Stack-based buffer overflow in Media Player Classic - Home Cinema MPC-HC before 1.7.0.7858 allows remote attackers to execute arbitrary code via a crafted MPEG-2 Transport Stream M2TS file...
CVE-2013-3488
CVE-2013-3488 affects Media Player Classic - Home Cinema (MPC-HC) prior to 1.7.0.7858. The vulnerability is a stack-based buffer overflow in processing MPEG-2 Transport Stream (M2TS) files, enabling remote attackers to potentially execute arbitrary code. The public documents specify the affected ...
Stack overflow
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist on...