83 matches found
Exploit for Code Injection in Nette Application
CVE-2020-15227 DISCLAIMER! I take no responsibility of using...
Server buffer overflow in Pure Faction <= 3.0c
Application: Pure Faction http://www.purefaction.org Versions: = 3.0c Platforms: Windows Bug: server buffer overflow Risk: highly critical Exploitation: remote and automatic requires attacker to have joined server Date: 13 Mar 2015 Author: soulsgetnothing e-mail: soulsgetnothing at hotmail dot co...
Oracle Solaris Third-Party Patch Update : keystone (cve_2014_7144_cryptographic_issues)
The remote Solaris system is missing necessary patches to address security updates : - OpenStack keystonemiddleware formerly python-keystoneclient 0.x before 0.11.0 and 1.x before 1.2.0 disables certification verification when the 'insecure' option is set in a paste configuration paste.ini file...
Oracle Solaris Third-Party Patch Update : quagga (cve_2013_2236_buffer_errors)
The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in the newmsglsachangenotify function in the OSPFD API ospfapi.c in Quagga before 0.99.22.2, when --enable-opaque-lsa and the -a command line option are used, allows remote attackers...
Oracle Solaris Third-Party Patch Update : gnutls (cve_2014_0092_cryptographic_issues)
The remote Solaris system is missing necessary patches to address security updates : - lib/x509/verify.c in GnuTLS before 3.1.22 and 3.2.x before 3.2.12 does not properly handle unspecified errors when verifying X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoo...
Oracle Solaris Third-Party Patch Update : tcsd (cve_2012_0698_denial_of)
The remote Solaris system is missing necessary patches to address security updates : - tcsd in TrouSerS before 0.3.10 allows remote attackers to cause a denial of service daemon crash via a crafted typeoffset value in a TCP packet to port 30003. CVE-2012-0698 %NASLMINLEVEL 70300 C Tenable Network...
Oracle Solaris Third-Party Patch Update : perl-58 (cve_2011_3597_improper_input)
The remote Solaris system is missing necessary patches to address security updates : - Eval injection vulnerability in the Digest module before 1.17 for Perl allows context-dependent attackers to execute arbitrary commands via the new constructor. CVE-2011-3597 %NASLMINLEVEL 70300 C Tenable Netwo...
Oracle Solaris Third-Party Patch Update : perl-512 (cve_2012_5195_heap_buffer)
The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in the Perlrepeatcpy function in util.c in Perl 5.12.x before 5.12.5, 5.14.x before 5.14.3, and 5.15.x before 15.15.5 allows context-dependent attackers to cause a denial of service...
Oracle Solaris Third-Party Patch Update : facter (cve_2014_3248_untrusted_search)
The remote Solaris system is missing necessary patches to address security updates : - Untrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when...
Oracle Solaris Third-Party Patch Update : libxtsol (cve_2014_0397_buffer_errors)
The remote Solaris system is missing necessary patches to address security updates. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from the Oracle Third Party software advisories. include'deprecatednasllevel.inc';...
Oracle Solaris Third-Party Patch Update : quagga (cve_2012_1820_denial_of)
The remote Solaris system is missing necessary patches to address security updates : - ImageMagick 6.7.5-7 and earlier allows remote attackers to cause a denial of service infinite loop and hang via a crafted image whose IFD contains IOP tags that all reference the beginning of the IDF...
Oracle Solaris Third-Party Patch Update : freetype (multiple_buffer_errors_vulnerabilities_in)
The remote Solaris system is missing necessary patches to address security updates : - FreeType before 2.4.11 allows context-dependent attackers to cause a denial of service NULL pointer dereference and crash via vectors related to BDF fonts and the improper handling of an 'allocation error' in t...
Oracle Solaris Third-Party Patch Update : bind (cve_2011_4313_denial_of)
The remote Solaris system is missing necessary patches to address security updates : - query.c in ISC BIND 9.0.x through 9.6.x, 9.4-ESV through 9.4-ESV-R5, 9.6-ESV through 9.6-ESV-R5, 9.7.0 through 9.7.4, 9.8.0 through 9.8.1, and 9.9.0a1 through 9.9.0b1 allows remote attackers to cause a denial o...
Oracle Solaris Third-Party Patch Update : libtiff (cve_2012_5581_denial_of)
The remote Solaris system is missing necessary patches to address security updates : - Stack-based buffer overflow in tifdir.c in LibTIFF before 4.0.2 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted DOTRANGE tag in a TIFF image...
Oracle Solaris Third-Party Patch Update : cvs (cve_2012_0804_buffer_errors)
The remote Solaris system is missing necessary patches to address security updates : - Heap-based buffer overflow in the proxyconnect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service crash and possibly execute arbitrary code via a crafted...
Oracle Solaris Third-Party Patch Update : samba (multiple_vulnerabilities_in_samba1)
The remote Solaris system is missing necessary patches to address security updates : - The sysrecvfrom function in nmbd in Samba 3.6.x before 3.6.24, 4.0.x before 4.0.19, and 4.1.x before 4.1.9 allows remote attackers to cause a denial of service infinite loop and CPU consumption via a malformed...
Oracle Solaris Third-Party Patch Update : kerberos (cve_2014_4345_numeric_errors)
The remote Solaris system is missing necessary patches to address security updates : - Off-by-one error in the krb5encodekrbsecretkey function in plugins/kdb/ldap/ libkdbldap/ldapprincipal2.c in the LDAP KDB module in kadmind in MIT Kerberos 5 aka krb5 1.6.x through 1.11.x before 1.11.6 and 1.12....
Oracle Solaris Third-Party Patch Update : nova (cve_2014_3517_information_disclosure)
The remote Solaris system is missing necessary patches to address security updates : - api/metadata/handler.py in OpenStack Compute Nova before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2, when proxying metadata requests through Neutron, makes it easier for remote attackers to guess...
Oracle Solaris Third-Party Patch Update : foomatic (multiple_vulnerabilities_in_foomatic)
The remote Solaris system is missing necessary patches to address security updates : - foomatic-rip-hplip in HP Linux Imaging and Printing HPLIP 3.11.5 allows remote attackers to execute arbitrary code via a crafted FoomaticRIPCommandLine field in a .ppd file. CVE-2011-2697 - foomaticrip.c in...
Oracle Solaris Third-Party Patch Update : samba (cve_2012_6150_input_validation)
The remote Solaris system is missing necessary patches to address security updates : - The winbindnamelisttosidstringlist function in nsswitch/pamwinbind.c in Samba through 4.1.2 handles invalid requiremembershipof group names by accepting authentication by any user, which allows remote...