Microsoft Active Directory LSASS Recursive Stack Overflow (MS09-066; CVE-2009-1928)

Active Directory provides central authentication and authorization services for Windows-based systems. Active Directory Application Mode ADAM is a Lightweight Directory Access Protocol LDAP directory service that runs as a user service. A denial of service vulnerability has been discovered in...

Ubuntu Update for php5 vulnerabilities USN-549-1

Ubuntu Update for Linux kernel vulnerabilities USN-549-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN5491.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for php5 vulnerabilities USN-549-1 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

Ubuntu 7.10 : php5 regression (USN-549-2)

USN-549-1 fixed vulnerabilities in PHP. However, some upstream changes were incomplete, which caused crashes in certain situations with Ubuntu 7.10. This update fixes the problem. We apologize for the inconvenience. It was discovered that the wordwrap function did not correctly check lengths...

USN-549-1: PHP vulnerabilities

It was discovered that the wordwrap function did not correctly check lengths. Remote attackers could exploit this to cause a crash or monopolize CPU resources, resulting in a denial of service. CVE-2007-3998 Integer overflows were discovered in the strspn and strcspn functions. Attackers could...

openSUSE 10 Security Update : pdns (pdns-2275)

Two security problems that have been found in PowerDNS are fixed by this update : CVE-2006-4251: The PowerDNS Recursor can be made to crash by sending malformed questions to it over TCP potentially executing code. CVE-2006-4252: Zero second CNAME TTLs can make PowerDNS exhaust allocated stack...

[Full-disclosure] [HV-HIGH] Microsoft Excel Named Range Arbitrary Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Microsoft Excel Named Range Arbitrary Code Execution Classification: =============== Level: low-med-HIGH-crit ID: HEXVIEW200603141 URL: http://www.hexview.com/docs/20060314-1.txt References: =============== Originally published by fearwall on eBay CVE...

[SA17386] SpamAssassin Long Message Header Denial of Service

TITLE: SpamAssassin Long Message Header Denial of Service SECUNIA ADVISORY ID: SA17386 VERIFY ADVISORY: http://secunia.com/advisories/17386/ CRITICAL: Less critical IMPACT: DoS WHERE: From remote SOFTWARE: SpamAssassin 3.x http://secunia.com/product/4506/ DESCRIPTION: A vulnerability has been...

p5-Mail-SpamAssassin -- long message header denial of service

A Secunia Advisory reports: A vulnerability has been reported in SpamAssassin, which can be exploited by malicious people to cause a DoS Denial of Service. The vulnerability is caused due to the use of an inefficient regular expression in "/SpamAssassin/Message.pm" to parse email headers. This ca...

Subversion 1.0.2 - svn_time_from_cstring() Remote Overflow

Subversion 1.0.2 - svntimefromcstring Remote Overflow / subversion-1.0.2 exploit by Gyan Chawdhary ... exploits a stack overflow in the svntimefromcstring function. We build a date format which is valid but at the same time exits after the sscanf function, or else it branches into another functio...