CVE-2009-5153

In Novell NetWare before 6.5 SP8, a stack buffer overflow in processing of CALLIT RPC calls in the NFS Portmapper daemon in PKERNEL.NLM allowed remote unauthenticated attackers to execute code, because a length field was incorrectly trusted...

CVE-2009-5153

CVE-2009-5153 affects Novell NetWare prior to 6.5 SP8. A stack buffer overflow occurs in the processing of CALLIT RPC calls within the PKERNEL.NLM NFS Portmapper daemon. The overflow is triggered by trusting a length field, allowing remote, unauthenticated attackers to execute code. This is the r...

Debian DLA-1582-1 : liblivemedia security update

A stack based buffer overflow vulnerability was found in liblivemedia, the LIVE555 RTSP server library. This issue might be leveraged by remote attackers to cause code execution, by sending a crafted packet. For Debian 8 'Jessie', this problem has been fixed in version 2014.01.13-1+deb8u1. We...

EulerOS Virtualization 2.5.2 : kernel (EulerOS-SA-2018-1382)

According to the version of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - A security flaw was found in the chapservercomputemd5 function in the ISCSI target code in the Linux kernel in a way an authenticati...

CVE-2018-6069

Removed by vendor...

Rockwell Automation RSLinx Classic Stack Buffer Overflow (CVE-2018-14829)

A stack buffer overflow vulnerability exists in Rockwell Automation RSLinx Classic. The vulnerability is due to incorrect handling of malformed EtherNet/IP packets. A successful exploitation of the vulnerability could lead to a system crash...

IOBit Malware Fighter stack buffer overflow vulnerability (CNVD-2018-23265)

IObit Malware Fighter is an anti-malware and antivirus program for Microsoft Windows operating systems designed to remove and protect against malware, including trojans, rootkits and ransomware. A buffer overflow vulnerability in the stack exists in RegFilter.sys in IOBit Malware Fighter 6.2. An...

SUSE-SU-2018:3659-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 12 SP3 RT kernel was updated to 4.4.162 to receive various security and bugfixes. The following security bugs were fixed: - CVE-2018-7480: The blkcginitqueue function in block/blk-cgroup.c allowed local users to cause a denial of service double free or possibly have...

skia/api_raster_n32_canvas: Stack-buffer-overflow in sk_bzero

Project: https://skia.googlesource.com/skia.git Detailed report: https://oss-fuzz.com/testcase?key=5763541525594112 Project: skia Fuzzer: libFuzzerskiaapirastern32canvas Fuzz target binary: apirastern32canvas Job Type: libfuzzerasanskia Platform Id: linux Crash Type: Stack-buffer-overflow WRITE 4...

Morris Worm fingerd Stack Buffer Overflow Exploit

This Metasploit module exploits a stack buffer overflow in fingerd on 4.3BSD. This vulnerability was exploited by the Morris worm in 1988-11-02. Cliff Stoll reports on the worm in the epilogue of The Cuckoo's Egg. This module requires Metasploit: https://metasploit.com/download Current source:...

Morris Worm fingerd Stack Buffer Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Morris Worm fingerd Stack Buffer Overflow', 'Description' = %q This module exploits a stack buffer overflow in fingerd on 4.3BSD. This...

VLC Media Player LIVE555 RTSP Server RCE Vulnerability - Windows

VLC Media Player is prone to a remote code execution RCE vulnerability. This VT has been deprecated since VLC Media player is not affected. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

poppler/pdf_fuzzer: Stack-buffer-overflow in IdentityFunction::transform

Detailed report: https://oss-fuzz.com/testcase?key=5728547742679040 Project: poppler Fuzzer: aflpopplerpdffuzzer Fuzz target binary: pdffuzzer Job Type: aflasanpoppler Platform Id: linux Crash Type: Stack-buffer-overflow READ 8 Crash Address: 0x7f65b2f91028 Crash State: IdentityFunction::transfor...

Updated kernel-tmb packages fix security vulnerabilities

This kernel-tmb update is based on the upstream 4.14.78 and adds additional fixes for the L1TF security issues. It also fixes at least the following security issues: Linux kernel from versions 3.9 and up, is vulnerable to a denial of service attack with low rates of specially modified packets...

Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.78 and adds additional fixes for the L1TF security issues. It also fixes at least the following security issues: Linux kernel from versions 3.9 and up, is vulnerable to a denial of service attack with low rates of specially modified packets...

EulerOS Virtualization 2.5.1 : procps-ng (EulerOS-SA-2018-1326)

According to the versions of the procps-ng package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - If the HOME environment variable is unset or empty, top will read its configuration file from the current working directory...

Security update for ntp (moderate)

NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...

Security update for ntp (moderate)

This update for NTP to version 4.2.8p12 fixes the following vulnerabilities bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing...

Advantech WebAccess stack buffer overflow vulnerability (CNVD-2018-21935)

Advantech WebAccess software is the core of Advantech's IoT application platform solution, providing users with a user interface based on HTML5 technology for a cross-platform, cross-browser data access experience. A stack buffer overflow vulnerability exists in Advantech WebAccess. An attacker c...

SUSE-SU-2018:3342-1 Security update for ntp

NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...