Mandriva Linux Security Advisory : rsyslog (MDVSA-2011:134-1)

A vulnerability was discovered and corrected in rsyslog : Stack-based buffer overflow in the parseLegacySyslogMsg function in tools/syslogd.c in rsyslogd in rsyslog 4.6.x before 4.6.8 and 5.2.0 through 5.8.4 might allow remote attackers to cause a denial of service application exit via a long TAG...

Mandriva Update for rsyslog MDVSA-2011:134 (rsyslog)

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Linux Kernel 2.6.36.2 (Ubuntu 10.04) - Half-Nelson.c Econet Privilege Escalation

Linux Kernel 2.6.36.2 Ubuntu 10.04 - Half-Nelson.c Econet Privilege Escalation / half-nelson.c Linux Kernel http://jon.oberheide.org Information: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3848 Stack-based buffer overflow in the econetsendmsg function in net/econet/afeconet.c in the...

DVD X Player 5.5 - '.plf' Playlist Buffer Overflow (Metasploit)

$Id: dvdxplfbof.rb 13673 2011-09-01 05:20:47Z sinn3r $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Citrix Gateway ActiveX Control Stack Based Buffer Overflow Vulnerability

This module exploits a stack based buffer overflow in the Citrix Gateway ActiveX control. Exploitation of this vulnerability requires user interaction. The victim must click a button in a dialog to begin a scan. This is typical interaction that users should be accustom to. Exploitation results in...

libmodplug: Fixed multiple vulnerabilities reported in <= 0.8.8.3 (important)

This update of libmodplug0 fixes the following issues: 1 An integer overflow error exists within the "CSoundFile::ReadWav" function src/loadwav.cpp when processing certain WAV files. This can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted WA...

ZDI-11-252: Apple QuickTime PICT Image PnSize Opcode Remote Code Execution Vulnerability

ZDI-11-252: Apple QuickTime PICT Image PnSize Opcode Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-252 August 8, 2011 -- CVE ID: CVE-2011-0257 -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P -- Affected Vendors: Apple -- Affected Products: Apple Quicktime --...

CVE-2011-0257

CVE-2011-0257 affects Apple QuickTime prior to 7.7. It stems from an integer signedness error in processing PICT PnSize, triggering a stack-based buffer overflow via a crafted PnSize opcode in a PICT file. Consequences documented: remote code execution or a denial of service (application crash). ...

CentOS Update for gimp CESA-2011:0838 centos5 i386

Check for the Version of gimp OpenVAS Vulnerability Test CentOS Update for gimp CESA-2011:0838 centos5 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

CentOS Update for postgresql84 CESA-2011:0198 centos5 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS Update for gstreamer-plugins CESA-2011:0477 centos4 i386

Check for the Version of gstreamer-plugins OpenVAS Vulnerability Test CentOS Update for gstreamer-plugins CESA-2011:0477 centos4 i386 Authors: System Generated Check Copyright: Copyright c 2011 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute i...

CentOS Update for dhclient CESA-2009:1154 centos3 i386

The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CVE-2011-2900

Stack-based buffer overflow in the 1 putdir function in mongoose.c in Mongoose 3.0, 2 putdir function in yasslEWS.c in yaSSL Embedded Web Server yasslEWS 0.2, and 3 shttpdputdir function in iodir.c in Simple HTTPD shttpd 1.42 allows remote attackers to execute arbitrary code via an HTTP PUT...

Debian: Security Advisory (DSA-2253-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 2253-1 (fontforge)

The remote host is missing an update to fontforge announced via advisory DSA 2253-1. OpenVAS Vulnerability Test $Id: deb22531.nasl 6613 2017-07-07 12:08:40Z cfischer $ Description: Auto-generated from advisory DSA 2253-1 fontforge Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc...

CVE-2011-2704

Stack-based buffer overflow in MapServer before 4.10.7 and 5.x before 5.6.7 allows remote attackers to execute arbitrary code via vectors related to OGC filter encoding...

ActFax-FTP-Server

This module exploits a stack-based buffer overflow in actfax ftp Server version 4.27 and earlier. Actfax fails to check input size when parsing 'USER' command. ToDo: Add Execute Shell ToDo: Test Targets...

CVE-2011-2962

Multiple stack-based buffer overflows in Invensys Wonderware Information Server 3.1, 4.0, and 4.0 SP1 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via two unspecified ActiveX controls...

CVE-2011-2959

Stack-based buffer overflow in the Open Database Connectivity ODBC service Odbcixv9se.exe in 7-Technologies Interactive Graphical SCADA System IGSS 9 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted packet to TCP port 22202...

CVE-2011-2962

CVE-2011-2962 affects Wonderware Information Server 3.1, 4.0 and 4.0 SP1. The ICS-CERT advisory details a stack-based buffer overflow in two ActiveX controls that could allow remote code execution on vulnerable clients when a malicious page or file is opened. Invensys issued a patch to address th...