CVE-2017-1000494

Uninitialized stack variable vulnerability in NameValueParserEndElt upnpreplyparse.c in miniupnpd 2.0 allows an attacker to cause Denial of Service Segmentation fault and Memory Corruption or possibly have unspecified other impact...

UBUNTU-CVE-2017-1000494

Uninitialized stack variable vulnerability in NameValueParserEndElt upnpreplyparse.c in miniupnpd 2.0 allows an attacker to cause Denial of Service Segmentation fault and Memory Corruption or possibly have unspecified other impact...

CVE-2017-1000494

Uninitialized stack variable vulnerability in NameValueParserEndElt upnpreplyparse.c in miniupnpd 2.0 allows an attacker to cause Denial of Service Segmentation fault and Memory Corruption or possibly have unspecified other impact...

Zoom Linux Client 2.0.106600.0904 Buffer Overflow

CONVISO-17-002 - Zoom Linux Client Stack-based Buffer Overflow Vulnerability 1. Advisory Information Conviso Advisory ID: CONVISO-17-002 CVE ID: CVE-2017-15048 CVSS v2: 6.8, AV:N/AC:M/Au:N/C:P/I:P/A:P Date: 2017-10-01 2. Affected Components Zoom client for Linux, version 2.0.106600.0904...

Windows WMI Receive Notification Exploit

This module exploits an uninitialized stack variable in the WMI subsystem of ntoskrnl. This module has been tested on vulnerable builds of Windows 7 SP0 x64 and Windows 7 SP1 x64. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2017-9670

CVE-2017-9670 is a vulnerability in gnuplot where an uninitialized stack variable in load_tic_series() (set.c) of version 5.2.rc1 can cause a Denial of Service (segmentation fault) or memory corruption when a specially crafted file is opened. The connected sources corroborate the issue and its im...

FLARE Script Series: Querying Dynamic State using the FireEye Labs Query-Oriented Debugger (flare-qdb)

Introduction This post continues the FireEye Labs Advanced Reverse Engineering FLARE script series. Here, we introduce flare-qdb, a command-line utility and Python module based on vivisect for querying and altering dynamic binary state conveniently, iteratively, and at scale. flare-qdb works on...

Microsoft Windows NtUserDisableProcessWindowFiltering Information Disclosure Vulnerability

This vulnerability allows local attackers to leak sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handlin...

Flash Uninitialized Stack Variable MPD Parsing Memory Corruption

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=316&can=1&q=label%3AProduct-Flash%20modified-after%3A2015%2F8%2F17&sort=id Tracking for: https://code.google.com/p/chromium/issues/detail?id=472201 Credit is to bilou,...

Fedora 20 : vorbis-tools-1.4.0-13.fc20 (2015-1191)

do not use stack variable out of its scope of validity CVE-2014-9640 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing...

EMC AutoStart ftAgent Multiple Remote Code Execution Vulnerabilities (ESA-2012-020)

The version of EMC AutoStart on the remote host reportedly contains multiple remote code execution vulnerabilities : - The EMC AutoStart ftAgent, when processing messages with opcode 0x32 and subcode 0x04, opcode 0x32 and subcode 0x02, opcode 0x03 and subcode 0x04, opcode 0x55 and subcode 0x16,...

Debian DSA-2109-1 : samba - buffer overflow

A vulnerability has been discovered in samba, a SMB/CIFS file, print, and login server for Unix. The sidparse function does not correctly check its input lengths when reading a binary representation of a Windows SID Security ID. This allows a malicious client to send a sid that can overflow the...

[SECURITY] [DSA-2109-1] New samba packages fix buffer overflow

------------------------------------------------------------------------ Debian Security Advisory DSA-2109-1 [email protected] http://www.debian.org/security/ Stefan Fritsch September 16, 2010 http://www.debian.org/security/faq -...

[SECURITY] [DSA-2109-1] New samba packages fix buffer overflow

------------------------------------------------------------------------ Debian Security Advisory DSA-2109-1 [email protected] http://www.debian.org/security/ Stefan Fritsch September 16, 2010 http://www.debian.org/security/faq -...

DSA-2109-1 samba - buffer overflow

Bulletin has no description...

Moderate: cyrus-sasl security and bug fix update

2.1.19-14 - Related: bz250732 Fixed a conflict with an earlier test patch 2.1.19-13 - Related: bz250732 Fixed uninitialized stack variable causing segfault 2.1.19-12 - Resolves: bz250732 sasl-sample-server crashes with null realm 2.1.19-11 - Resolves: bz243910 krb5-libs are not thread-safe -...

Fedora Core 5 : gnupg-1.4.6-1 (2006-1405)

This update upgrades GnuPG to version 1.4.6, incorporating fixes for a potential buffer overflow CVE-2006-6169 and referencing of a stack variable after it passes out of scope CVE-2006-6235. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

MIT PGP Public Key Server 0.9.2/0.9.4 - Search String Remote Buffer Overflow

source: https://www.securityfocus.com/bid/4828/info The PGP Public Key Server is a freely available, open source software package distributed by MIT. It is designed for use on Linux and Unix operating systems. The PGP Public Key Server does not properly handle long search strings. Under some...

XFree86 3.3.5/3.3.6 - Xlib Display Buffer Overflow

source: https://www.securityfocus.com/bid/1805/info A vulnerability exists in xlib, the C language interface to the X Window System protocol. When applications linked to the xlib library are run, user-supplied values for the DISPLAY environment variable and the command-line argument -display are...