Fedora 18 : freeradius-2.2.0-0.fc18 (2012-15342)

This updates to the current upstream 2.2.0 release which is configuration compatible with the prior 2.1.12. Version 2.2.0 includes a security fix for CVE-2012-3547 Stack-based buffer overflow This update also includes a fix to prevent .rpmsave and .rpmnew files from being read from the...

CVE-2012-4826

Stack-based buffer overflow in the SQL/PSM aka SQL Persistent Stored Module Stored Procedure SP infrastructure in IBM DB2 9.1, 9.5, 9.7 before FP7, 9.8, and 10.1 might allow remote authenticated users to execute arbitrary code by debugging a stored procedure...

IBM DB2 9.5 < Fix Pack 10 Multiple Vulnerabilities

According to its version, the installation of IBM DB2 9.5 running on the remote host is affected by one or more of the following issues : - An unspecified information disclosure error exists related to the XML feature that can allow improper access to arbitrary XML files. IC81461, CVE-2012-0713 -...

TVMOBiLi Media Server Multiple Remote DoS Vulnerabilities

High-Tech Bridge Security Research Lab has discovered 2 remote DoS vulnerabilities in TVMOBiLi Media server, which could be exploited to crash remote server with malicious HTTP requests. 1 Improper Handling of Length Parameter Inconsistency in TVMOBiLi: CVE-2012-5451 1.1 The vulnerability exists...

PLIB 1.8.5 Buffer Overflow

/ Exploit Title: Plib + flightgear 3dconvert exploit Date: 08/10/2012 Author: Andres Gomez Software Links: Plib: http://plib.sourceforge.net/ flightgear: http://www.flightgear.org/ 3dconvert: ftp://ftp.ihg.uni-duisburg.de/FlightGear/Win32/old/3dconvert-win32.zip Version: Plib 1.8.5 Tested on:...

plib -- stack-based buffer overflow

CVE reports: Stack-based buffer overflow in the error function in ssg/ssgParser.cxx in PLIB 1.8.5 allows remote attackers to execute arbitrary code via a crafted 3d model file that triggers a long error message, as demonstrated by a .ase file...

CVE-2012-1189

Stack-based buffer overflow in modules/graphic/ssgraph/grsound.cpp in The Open Racing Car Simulator TORCS before 1.3.3 and Speed Dreams allows user-assisted remote attackers to execute arbitrary code via a long file name in an engine sample attribute in an xml configuration file...

CVE-2012-1189

Stack-based buffer overflow in modules/graphic/ssgraph/grsound.cpp in The Open Racing Car Simulator TORCS before 1.3.3 and Speed Dreams allows user-assisted remote attackers to execute arbitrary code via a long file name in an engine sample attribute in an xml configuration file...

Novell eDirectory Multiple Buffer Overflow Vulnerabilities (CVE-2006-5478) - Active Check

Novell eDirectory is prone to multiple multiple stack based buffer overflow vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CP...

Mandriva Linux Security Advisory : freeradius (MDVSA-2012:159)

A vulnerability has been found and corrected in freeradius : Stack-based buffer overflow in the cbtlsverify function in FreeRADIUS 2.1.10 through 2.1.12, when using TLS-based EAP methods, allows remote attackers to cause a denial of service server crash and possibly execute arbitrary code via a...

Ubuntu Update for eglibc USN-1589-1

Ubuntu Update for Linux kernel vulnerabilities USN-1589-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN15891.nasl 7960 2017-12-01 06:58:16Z santu $ Ubuntu Update for eglibc USN-1589-1 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This...

Ubuntu: Security Advisory (USN-1589-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

freeradius2 security update

2.1.12-4 - resolves: bug855315 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation...

Ubuntu 8.04 LTS / 10.04 LTS / 11.04 / 11.10 / 12.04 LTS : eglibc, glibc vulnerabilities (USN-1589-1)

It was discovered that positional arguments to the printf family of functions were not handled properly in the GNU C Library. An attacker could possibly use this to cause a stack-based buffer overflow, creating a denial of service or possibly execute arbitrary code. CVE-2012-3404, CVE-2012-3405,...

freeradius security update

2.1.12-4 - resolves: bug855316 CVE-2012-3547 freeradius: Stack-based buffer overflow by processing certain expiration date fields of a certificate during x509 certificate validation...

CVE-2012-4415

Stack-based buffer overflow in the guacclientpluginopen function in libguac in Guacamole before 0.6.3 allows remote attackers to cause a denial of service crash or execute arbitrary code via a long protocol name...

SafeNet Sentinel Protection Installer Long Request DoS Vulnerability - Active Check

Sentinel Protection Installer is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HP iNode Management Center iNodeMngChecker.exe Multiple Vulnerabilities

HP iNode Management Center is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2012-5002

Vulnerability CVE-2012-5002 affects Ricoh DC Software DL-10 SR10 FTP Server (SR10.exe) version 1.1.0.6. The flaw is a stack-based buffer overflow triggered by a long USER command when the Log file name option is enabled, enabling remote code execution under the FTP user context. Multiple sources ...

CVE-2012-5002

Stack-based buffer overflow in SR10 FTP server SR10.exe 1.1.0.6 in Ricoh DC Software DL-10 4.5.0.1, when the Log file name option is enabled, allows remote attackers to execute arbitrary code via a long USER FTP command...