Mandriva Linux Security Advisory : nss-pam-ldapd (MDVSA-2013:106)

Updated nss-pam-ldapd packages fixes the following security vulnerability : Garth Mollett discovered that a file descriptor overflow issue in the use of FDSET in nss-pam-ldapd can lead to a stack-based buffer overflow. An attacker could, under some circumstances, use this flaw to cause a process...

Mandriva Linux Security Advisory : asterisk (MDVSA-2013:140)

Multiple vulnerablilities was identified and fixed in asterisk : The SIP channel driver in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; Asterisk Business Edition BE C.3.x before C.3.8.1; and Asterisk...

QNX Multiple Vulnerabilities

OVERVIEW Independent researcher Luigi Auriemma identified a stack-based buffer overflow and a buffer copy without checking size of input vulnerabilities in QNX’s Phrelay, Phwindows, and Phditto products without coordination with ICS-CERT, the vendor, or any other coordinating entity known to...

CVE-2013-0680

Stack-based buffer overflow in the web server in Cogent Real-Time Systems Cogent DataHub before 7.3.0, OPC DataHub before 6.4.22, Cascade DataHub before 6.4.22 on Windows, and DataHub QuickTrend before 7.3.0 allows remote attackers to cause a denial of service daemon crash or possibly execute...

CVE-2013-2685

Stack-based buffer overflow in res/resformatattrh264.c in Asterisk Open Source 11.x before 11.2.2 allows remote attackers to execute arbitrary code via a long sprop-parameter-sets H.264 media attribute in a SIP Session Description Protocol SDP header...

CVE-2013-0512

Stack-based buffer overflow in the Manual Explore browser plug-in for Firefox in IBM Security AppScan Enterprise 5.6 and 8.x before 8.7 and IBM Rational Policy Tester 5.6 and 8.x before 8.5.0.4 allows remote attackers to cause a denial of service plug-in crash via a crafted web page...

Sami FTP Server LIST Command Buffer Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit4 'Sami FTP Server...

CVE-2013-2492

Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT...

RedHat Update for pidgin RHSA-2013:0646-01

Check for the Version of pidgin OpenVAS Vulnerability Test RedHat Update for pidgin RHSA-2013:0646-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the ter...

CentOS Update for finch CESA-2013:0646 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS Update for nss-pam-ldapd CESA-2013:0590 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Stack overflow

nss-pam-ldapd before 0.7.18 and 0.8.x before 0.8.11 allows context-dependent attackers to cause a denial of service application crash and possibly execute arbitrary code by performing a name lookup on an application with a large number of open file descriptors, which triggers a stack-based buffer...

Scientific Linux Security Update : nss-pam-ldapd on SL6.x i386/x86_64 (20130304)

An array index error, leading to a stack-based buffer overflow flaw, was found in the way nss-pam-ldapd managed open file descriptors. An attacker able to make a process have a large number of open file descriptors and perform name lookups could use this flaw to cause the process to crash or,...

Medium: pam

Issue Overview: A stack-based buffer overflow flaw was found in the way the pamenv module parsed users' "/.pamenvironment" files. If an application's PAM configuration contained "userreadenv=1" this is not the default, a local attacker could use this flaw to crash the application or, possibly,...

Asterisk Peer Multiple Vulnerabilities (AST-2012-014 / AST-2012-015)

Binary data 6690.prm...

Debian DSA-2628-1 : nss-pam-ldapd - buffer overflow

Garth Mollett discovered that a file descriptor overflow issue in the use of FDSET in nss-pam-ldapd, which provides NSS and PAM modules for using LDAP as a naming service, can lead to a stack-based buffer overflow. An attacker could, under some circumstances, use this flaw to cause a process that...

DSA-2628-1 nss-pam-ldapd - buffer overflow

Bulletin has no description...

DSA-2623-1 openconnect - buffer overflow

Bulletin has no description...

Debian: Security Advisory (DSA-2623-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2013-0249

Stack-based buffer overflow in the Curlsaslcreatedigestmd5message function in lib/curlsasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long string...