Code injection

HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors...

CVE-2010-4108

HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows remote authenticated users to cause a denial of service via unspecified vectors...

[SECURITY] Fedora 13 Update: clamav-0.96.4-1300.fc13

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

DSA-2125-1 openssl - buffer overflow

Bulletin has no description...

USN-1018-1: OpenSSL vulnerability

Rob Hulswit discovered a race condition in the OpenSSL TLS server extension parsing code when used within a threaded server. A remote attacker could trigger this flaw to cause a denial of service or possibly execute arbitrary code with application privileges. CVE-2010-3864...

FreeBSD : openssl -- TLS extension parsing race condition (3042c33a-f237-11df-9d02-0018fe623f2b)

OpenSSL Team reports : Rob Hulswit has found a flaw in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack. Any OpenSSL based TLS server is vulnerable if it is multi-threaded and uses OpenSSL's internal caching mechanism. Servers tha...

DEBIAN-CVE-2010-3864

Multiple race conditions in ssl/t1lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when multi-threading and internal caching are enabled on a TLS server, might allow remote attackers to execute arbitrary code via client data that triggers a heap-based buffer overflow, related to 1 the T...

NiX : A Linux Brute Forcer Download

NiX Brute Forcer is a tool that uses brute force in parallel to log into a system without having authentication credentials beforehand. This tool is intended to demonstrate the importance of choosing strong passwords. The goal of NiX is to support a variety of services that allow remote...

Fedora Update for mysql FEDORA-2010-15166

Check for the Version of mysql OpenVAS Vulnerability Test Fedora Update for mysql FEDORA-2010-15166 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...

openssl -- TLS extension parsing race condition

OpenSSL Team reports: Rob Hulswit has found a flaw in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack. Any OpenSSL based TLS server is vulnerable if it is multi-threaded and uses OpenSSL's internal caching mechanism. Servers that...

[SECURITY] Fedora 14 Update: clamav-0.96.3-1400.fc14

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

JVN#75101998: moobbs2 vulnerable to cross-site scripting

moobbs2 from Moo is a threaded bulletin board software. moobbs contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Update the Software Update to the latest version according to the information provided by the developer...

[SECURITY] Fedora 14 Update: clamav-0.96.1-1401.fc14

Clam AntiVirus is an anti-virus toolkit for UNIX. The main purpose of this software is the integration with mail servers attachment scanning. The package provides a flexible and scalable multi-threaded daemon, a command line scanner, and a tool for automatic updating via Internet. The programs ar...

rsaUnDumper[sql] – универсальный дампер SQL INJECTION

Версия 1.5 Нововведения по сравнению с версией 1.0: добавлена поддержка прокси http; socks4 и sokcs5 - с авторизацией возможно указывать приоритет для потоков фак по ним позже, щас можно почитать msdn теперь вы указываете не url, а HTTP запрос, т.е. есть возможность дампить sql inj с уюзвимым pos...

httpd mod_cache segfault

cacheutil.c in the modcache module in Apache HTTP Server httpd, when caching is enabled and a threaded Multi-Processing Module MPM is used, allows remote attackers to cause a denial of service child processing handler crash via a request with the 1 s-maxage, 2 max-age, 3 min-fresh, or 4 max-stale...

Quick N Easy FTP Server 3.2 Denial Of Service

DCA-0007 Software - Quick 'n Easy FTP Server Vendor Product Description - Quick 'n Easy FTP Server Professional is a multi threaded FTP server for Windows 98/NT/XP and Vista32 bits that can be easily setup even by inexperienced users. New users can be easily created by a wizard which is guiding y...

BVScanner [ADSL]

Black Vlastelin Scanner Прошу любить и жаловать, многопоточный сканнер ADSL роутеров.. cканнер и скомуниздельщик паролей, всё в одном флаконе... Сканнер проходится по диапазону IP адресов, ломится на роутер, по дефолтным паролям, выдерает учётные записи .. и аккуратно записывает .. А собственно...

[SECURITY] Fedora 11 Update: mysql-5.1.47-1.fc11

MySQL is a multi-user, multi-threaded SQL database server. MySQL is a client/server implementation consisting of a server daemon mysqld and many different client programs and libraries. The base package contains the standard MySQL client programs and generic MySQL files...

Apache Httpd < 2.0.64 : Subrequest handling of request headers (mod_headers)

A flaw in the core subrequest process code was fixed, to always provide a shallow copy of the headersin array to the subrequest, instead of a pointer to the parent request's array as it had for requests without request bodies. This meant all modules such as modheaders which may manipulate the inp...

[oCERT-2009-016] Poppler, xpdf integer overflow during heap allocation

2009-016 Poppler, Xpdf integer overflows during heap allocation Description: Poppler and Xpdf are two popular open source projects for processing PDF files. Both projects are vulnerable to an integer overflow during heap memory allocation when processing a PDF file. In general, this results in...