Mageia: Security Advisory (MGASA-2016-0067)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2016-0067 Updated claws-mail packages fix CVE-2015-8708

Updated claws-mail fix security vulnerabilities A stack-based buffer overflow has been found in conveuctojis after applying incomplete patch for CVE-2015-8614. In conveuctojis the comparison is with outlen - 3, but each pass through the loop uses up to 5 bytes and the rest of the function may add...

Amazon Linux AMI : glibc (ALAS-2016-653)

A stack-based buffer overflow flaw was found in the senddg and sendvc functions, used by getaddrinfo and other higher-level interfaces of glibc. A remote attacker able to cause an application to call either of these functions could use this flaw to execute arbitrary code with the permissions of t...

Amazon Linux: Security Advisory (ALAS-2016-653)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian DSA-3481-1 : glibc - security update

Several vulnerabilities have been fixed in the GNU C Library, glibc. The first vulnerability listed below is considered to have critical impact. - CVE-2015-7547 The Google Security Team and Red Hat discovered that the glibc host name resolver function, getaddrinfo, when processing AFUNSPEC querie...

CentOS Update for glibc CESA-2016:0176 centos7

Check the version of glibc SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.882399";...

Debian DLA-416-1 : eglibc security update

Several vulnerabilities have been fixed in the Debian GNU C Library, eglibc : CVE-2015-7547 The Google Security Team and Red Hat discovered that the glibc host name resolver function, getaddrinfo, when processing AFUNSPEC queries for dual A/AAAA lookups, could mismange its internal buffers, leadi...

SUSE: Security Advisory for glibc (SUSE-SU-2016:0473-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DSA 3481-1] glibc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3481-1 [email protected] https://www.debian.org/security/ Florian Weimer February 16, 2016 https://www.debian.org/security/faq -...

[SECURITY] [DSA 3480-1] eglibc security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3480-1 [email protected] https://www.debian.org/security/ Florian Weimer February 16, 2016 https://www.debian.org/security/faq -...

Security Advisory 0017

Security Advisory 0017 PDF Date: October 31st, 2017 Version: 1.6 Revision | Date | Changes ---|---|--- 1.0 | February 16th, 2016 | Initial release 1.1 | February 19th, 2016 | Updates include assessment and mitigation 1.2 | February 25th, 2016 | Updates include options for mitigation and protectio...

DLA-416-1 eglibc - security update

Bulletin has no description...

Debian Security Advisory DSA 3471-1 (qemu - security update)

Several vulnerabilities were discovered in qemu, a full virtualization solution on x86 hardware. CVE-2015-7295 Jason Wang of Red Hat Inc. discovered that the Virtual Network Device support is vulnerable to denial-of-service, that could occur when receiving large packets. CVE-2015-7504 Qinghao Tan...

Advantech WebAccess webvrpcs Service ViewDll.dll TagGroup strcat Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x280B IOCTL in the DrawSrv subsystem. A stack-based buffer...

Advantech WebAccess webvrpcs Service BwpAlarm.dll sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x11369 IOCTL in the BwpAlarm subsystem. A stack-based buffe...

Advantech WebAccess webvrpcs Service ViewSrv.dll Path BwBuildPath Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x27B2 IOCTL in the ViewSrv subsystem. A stack-based buffer...

Advantech WebAccess webvrpcs Service BwpAlarm.dll strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x11366 IOCTL in the BwpAlarm subsystem. A stack-based buffe...

Advantech WebAccess webvrpcs Service DrawSrv.dll TagGroup strcpy Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x280B IOCTL in the DrawSrv subsystem. A stack-based buffer...

Advantech WebAccess webvrpcs Service BwOpcSvc.dll WindowName sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x1388C IOCTL in the BwOpcTool subsystem. A stack-based buff...

(0Day) Advantech WebAccess webvrpcs Service BwWebSvc.dll ProjectName sprintf Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable instances of Advantech WebAccess. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the 0x13C71 IOCTL in the BwOpcTool subsystem. A stack-based buff...