3355 matches found
Microsoft DNS RPC Service extractQuotedChar() Overflow (TCP)
No description provided by source. $Id: ms07029msdnszonename.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and term...
ssldump 0.9 b1 Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2096/info ssldump is a traffic analyzer for monitoring network traffic in real time. It is written and maintained by Eric Rescorla. A problem exists which could allow the arbitrary execution of code. The problem exists in...
[SECURITY] Fedora 19 Update: chkrootkit-0.49-9.fc19
chkrootkit is a tool to locally check for signs of a rootkit. It contains: chkrootkit: shell script that checks system binaries for rootkit modification. ifpromisc: checks if the network interface is in promiscuous mode. chklastlog: checks for lastlog deletions. chkwtmp: checks for wtmp deletions...
[SECURITY] Fedora 19 Update: python-lxml-3.3.5-1.fc19
lxml provides a Python binding to the libxslt and libxml2 libraries. It follows the ElementTree API as much as possible in order to provide a more Pythonic interface to libxml2 and libxslt than the default bindings. In particular, lxml deals with Python Unicode strings rather than encoded UTF-8 a...
DEBIAN-CVE-2014-0196
The nttywrite function in drivers/tty/ntty.c in the Linux kernel through 3.14.3 does not properly manage tty driver access in the "LECHO & !OPOST" case, which allows local users to cause a denial of service memory corruption and system crash or gain privileges by triggering a race condition...
Fedora Update for python-lxml FEDORA-2014-5773
Check for the Version of python-lxml OpenVAS Vulnerability Test Fedora Update for python-lxml FEDORA-2014-5773 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...
Suspicious HTML Containing Overly Long Text (CVE-2013-2551)
HTML files may include a text tag containing an overly long and suspicious strings. This behavior may indicate an exploitation attempt...
CVE-2014-0082
actionpack/lib/actionview/template/text.rb in Action View in Ruby on Rails 3.x before 3.2.17 converts MIME type strings to symbols during use of the :text option to the render method, which allows remote attackers to cause a denial of service memory consumption by including these strings in heade...
Fedora Update for python3 FEDORA-2014-2418
Check for the Version of python3 OpenVAS Vulnerability Test Fedora Update for python3 FEDORA-2014-2418 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Scientific Linux Security Update : mysql on SL6.x i386/x86_64 (20140212)
CVE-2014-0386, CVE-2014-0393, CVE-2014-0401, CVE-2014-0402, CVE-2014-0412, CVE-2014-0437, CVE-2013-5908 A buffer overflow flaw was found in the way the MySQL command line client tool mysql processed excessively long version strings. If a user connected to a malicious MySQL server via the mysql...
PT-2014-2181 · Condor · Condor
Name of the Vulnerable Software and Affected Versions: Condor versions 7.2.0 through 7.6.4 Condor versions 7.7.x Description: The issue allows local users to cause a denial of service, affecting the condor schedd daemon and potentially preventing job launches. It may also be possible for attacker...
OpenJDK: XML canonicalizer mutable strings passed to untrusted code (Security, 8026417)
Unspecified vulnerability in Oracle Java SE 6u65 and 7u45, Java SE Embedded 7u45, and OpenJDK 7 allows remote attackers to affect integrity via unknown vectors related to Security. NOTE: the previous information is from the January 2014 CPU. Oracle has not commented on third-party claims that...
[Autopsy] Digital Investigation Analysis
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory...
[Binwalk] Firmware Analysis Tool
Binwalk is a firmware analysis tool designed to assist in the analysis, extraction, and reverse engineering of firmware images and other binary blobs. It is simple to use, fully scriptable, and can be easily extended via custom signatures, extraction rules, and plugin modules. Binwalk supports...
Suspicious Javascript Containing Overly Long Strings (CVE-2013-2551)
Javascript may contain variables assigned with overly long strings. This behavior may indicate an exploitation attempt...
Low: coreutils
Issue Overview: It was discovered that the sort, uniq, and join utilities did not properly restrict the use of the alloca function. An attacker could use this flaw to crash those utilities by providing long input strings. CVE-2013-0221, CVE-2013-0222, CVE-2013-0223 Affected Packages: coreutils...
CVE-2013-6386
Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mtrand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack...
CVE-2013-6386
Drupal 6.x before 6.29 and 7.x before 7.24 uses the PHP mtrand function to generate random numbers, which uses predictable seeds and allows remote attackers to predict security strings and bypass intended restrictions via a brute force attack...
CVE-2013-6386
Removed by vendor...
[SECURITY] Fedora 18 Update: python3-3.3.0-5.fc18
Python 3 is a new version of the language that is incompatible with the 2.x line of releases. The language is mostly the same, but many details, especi ally how built-in objects like dictionaries and strings work, have changed considerably, and a lot of deprecated features have finally been remov...