Stack overflow

nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service application crash and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer...

Scientific Linux Security Update : nss-pam-ldapd on SL6.x i386/x86_64 (20130304)

An array index error, leading to a stack-based buffer overflow flaw, was found in the way nss-pam-ldapd managed open file descriptors. An attacker able to make a process have a large number of open file descriptors and perform name lookups could use this flaw to cause the process to crash or,...

Medium: pam

Issue Overview: A stack-based buffer overflow flaw was found in the way the pamenv module parsed users' "/.pamenvironment" files. If an application's PAM configuration contained "userreadenv=1" this is not the default, a local attacker could use this flaw to crash the application or, possibly,...

Asterisk Peer Multiple Vulnerabilities (AST-2012-014 / AST-2012-015)

Binary data 6690.prm...

Debian: Security Advisory (DSA-2623-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-0249

Stack-based buffer overflow in the Curlsaslcreatedigestmd5message function in lib/curlsasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long string...

CVE-2013-1591

CVE-2013-1591 describes a stack-based buffer overflow in the pixman library (libpixman), used by Pale Moon prior to 15.4. The issue is triggered by a path related to pixman’s manipulation routines and may cause crashes or, per some sources, potentially more severe outcomes. Connected advisories i...

CVE-2012-5962

Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices 1.3.1 allows remote attackers to execute arbitrary code via a long DeviceType aka urn field in a UDP pack...

CVE-2012-5960

Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN aka upnp:rootdevice field ...

CVE-2013-0230

Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method...

CVE-2012-5961

Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices 1.3.1 allows remote attackers to execute arbitrary code via a long UDN aka device field in a UDP packet...

CVE-2012-5960

Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN aka upnp:rootdevice field ...

Stack overflow

Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices before 1.6.18 allows remote attackers to execute arbitrary code via a long UDN aka upnp:rootdevice field ...

CVE-2013-0230

Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method...

CVE-2013-0230

CVE-2013-0230 affects MiniUPnPd 1.0 (UPnP daemon). A stack-based buffer overflow in the ExecuteSoapAction function of the SOAPAction HTTP header handling can allow remote attackers to execute arbitrary code via a long quoted method. Public exploit/ PoC activity and Metasploit modules exist (e.g.,...

CVE-2012-5961

Stack-based buffer overflow in the uniqueservicename function in ssdp/ssdpserver.c in the SSDP parser in the portable SDK for UPnP Devices aka libupnp, formerly the Intel SDK for UPnP devices 1.3.1 allows remote attackers to execute arbitrary code via a long UDN aka device field in a UDP packet...

CVE-2013-0230

Stack-based buffer overflow in the ExecuteSoapAction function in the SOAPAction handler in the HTTP service in MiniUPnP MiniUPnPd 1.0 allows remote attackers to execute arbitrary code via a long quoted method...

CVE-2012-5962

Removed by vendor...

CVE-2012-5960

Removed by vendor...

CVE-2012-5961

CVE-2012-5961 affects the Portable SDK for UPnP Devices (libupnp) 1.3.1, where a stack-based buffer overflow in unique_service_name() in ssdp/ssdp_server.c allows remote attackers to execute arbitrary code via a long UDN in a UDP packet. Connected advisories show multiple vendor updates (e.g., op...