14 matches found
CVE-2024-52337
CVE-2024-52337 affects the tuned package; root cause is improper sanitization of the instance_name argument in instance_create(), enabling log-spoofing via newline-embedded input and potential manipulation of Tuned outputs (e.g., tuned-adm get_instances). Affected advisories show patching/upgradi...
openssl: invalid pointer dereference in d2i_PKCS7 functions
A flaw was found in OpenSSL. An invalid pointer dereference on read can be triggered when an application tries to load malformed PKCS7 data with the d2iPKCS7, d2iPKCS7bio or d2iPKCS7fp functions. This may result in an application crash which could lead to a denial of service. The TLS implementati...
CVE-2019-6695
Lack of root file system integrity checking in Fortinet FortiManager VM application images of 6.2.0, 6.0.6 and below may allow an attacker to implant third-party programs by recreating the image through specific methods...
Secunia launches Secunia Vulnerability Intelligence Manager 4.0
78% of vulnerabilities are found in third-party programs. Security teams cannot monitor all of them manually or determine which ones are critical to their organization. Secunia, the leading provider of IT security solutions that enables businesses and private individuals to manage and control...
Password Hash Grabber
Added: 05/27/2009 Background This tool grabs the windows SAM file or password hashes of the target. The SAM file / password hashes can be viewed in the exploit tools previous results section. Results may be used with third party programs to obtain passwords in plain text. Limitations Password Has...
Password Hash Grabber
Added: 05/27/2009 Background This tool grabs the windows SAM file or password hashes of the target. The SAM file / password hashes can be viewed in the exploit tools previous results section. Results may be used with third party programs to obtain passwords in plain text. Limitations Password Has...
Password Hash Grabber
Added: 05/27/2009 Background This tool grabs the windows SAM file or password hashes of the target. The SAM file / password hashes can be viewed in the exploit tools previous results section. Results may be used with third party programs to obtain passwords in plain text. Limitations Password Has...
Debian Security Advisory DSA 811-2 (common-lisp-controller)
The remote host is missing an update to common-lisp-controller announced via advisory DSA 811-2. The bugfix for the problem mentioned below contained an error that caused third party programs to fail. The problem is corrected by this update. For completeness we're including the original advisory...
Debian DSA-811-2 : common-lisp-controller - design error
The bugfix for the problem mentioned below contained an error that caused third-party programs to fail. The problem is corrected by this update. For completeness we're including the original advisory text : Francois-Rene Rideau discovered a bug in common-lisp-controller, a Common Lisp source and...
CVE-2005-2772
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via 1 a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and 2 certain arguments when launching third party programs such as...
CVE-2005-2772
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via 1 a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and 2 certain arguments when launching third party programs such as...
CVE-2005-2772
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via 1 a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and 2 certain arguments when launching third party programs such as...
CVE-2005-2772
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via 1 a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and 2 certain arguments when launching third party programs such as...
[SECURITY] New versions of termcap-compat fixes buffer overflow
We have received a report that former versions of libtermcap contained an exploitable buffer overflow. Debian itself is not exploitable by this bug since termcap was abandoned in favour of terminfo long ago. However, if you have compiled your own programs using termcap or have installed third par...