EUVD-2001-1308

Malware in sbrugna...

S.u.S.E. 4.x/5.x/6.x/7.0,Slackware 3.x/4.0,Turbolinux 6,OpenLinux 7.0 fdmount Buffer Overflow (3)

No description provided by source. source: http://www.securityfocus.com/bid/1239/info A buffer overflow exists in the 0.8 version of the fdmount program, distributed with a number of popular versions of Linux. By supplying a large, well crafted buffer containing machine executable code in place o...

Mandrake 6.x,RedHat 6.x,Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM Path Vulnerability (1)

No description provided by source. Mandrake 6.0/6.1,RedHat 6.0/6.1,Turbolinux 3.5 b2/4.2/4.4/6.0.2 userhelper/PAM Path Vulnerability 1 source: http://www.securityfocus.com/bid/913/info Because of double path vulnerabilities in the binary userhelper and PAM, it is possible to get root locally on...

RedHat 4.x/5.x/6.x,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.x man Buffer Overrun (1)

No description provided by source. / source: http://www.securityfocus.com/bid/1011/info RedHat 4.0/4.1/4.2/5.0/5.1/5.2/6.0/6.2,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.2/4.4 man Buffer Overrun Vulnerability A buffer overflow exists in the implementation of the 'man' program shipped with...

phpMyAdmin <= 3.2 - 'server_databases.php' Remote Command Execution Vulnerability

phpMyAdmin 'serverdatabases.php' 远程命令执行漏洞 受影响的系统 Typo3 phpMyAdmin 3.2 Typo3 phpMyAdmin 3.0.1 Typo3 phpMyAdmin 3.0 Typo3 phpMyAdmin 0.2.2 Turbolinux Appliance Server 3.0 x64 Turbolinux Appliance Server 3.0 SuSE openSUSE 10.3 S.u.S.E. openSUSE 11.1 S.u.S.E. openSUSE 11.0 phpMyAdmin phpMyAdmin 2.11....

IRIX <= 6.5,Solaris <= 7.0,Turbolinux 4.2 'uum' Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/757/info Canna is a Japanese input system available as free software. Canna provides a unified user interface for inputting Japanese. Canna supports NemacsMule, kinput2 and canuum. All of these tools can be used by a sing...

RedHat 4.x/5.x/6.x,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.x man Buffer Overrun (2)

No description provided by source. / source: http://www.securityfocus.com/bid/1011/info RedHat 4.0/4.1/4.2/5.0/5.1/5.2/6.0/6.2,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.2/4.4 man Buffer Overrun Vulnerability A buffer overflow exists in the implementation of the 'man' program shipped with...

Turbolinux 3.5 b2 'canuum' Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/758/info Canna is a Japanese input system available as free software. Canna provides a unified user interface for inputting Japanese. Canna supports NemacsMule, kinput2 and canuum. All of these tools can be used by a sing...

OpenLDAP 1.2.7/1.2.8/1.2.9/1.2.10 /usr/tmp/ Symlink Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/1232/info A vulnerability exists in OpenLDAP as shipped with some versions of Linux, including RedHat 6.1 and 6.2, and TurboLinux 6.0.2 and earlier. OpenLDAP will create files in /usr/tmp, which is actually a symbolic lin...

Apache 2.x HTTP Server Arbitrary HTTP Request Headers Security Weakness

漏洞类型： 设计缺陷 受影响的组件 VMWare ESX Server 3.0 VMWare ESX Server 2.5.4 Patch 1 VMWare ESX Server 2.5.4 VMWare ESX Server 2.5.3 Patch 4 VMWare ESX Server 2.5.3 VMWare ESX Server 2.5.2 VMWare ESX Server 2.5 VMWare ESX Server 2.1.3 Patch 2 VMWare ESX Server 2.1.3 VMWare ESX Server 2.1.2 VMWare ESX Server...

Mandrake 6.x,RedHat 6.x,Turbolinux 3.5 b2/4.x/6.0.2 userhelper/PAM Path Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/913/info Because of double path vulnerabilities in the binary userhelper and PAM, it is possible to get root locally on RedHat 6.0 and 6.1 systems. Both userhelper and PAM follow .. paths and userhelper allows you to...

Apache 'mod_proxy_http' Interim Response Denial of Service Vulnerability

CVE: CVE-2008-2364 The Apache 'modproxyhttp' module is prone to a denial-of-service vulnerability that affects the processing of interim responses. Attackers may exploit this issue to cause denial-of-service conditions. Reportedly, the issue affects Apache 2.2.8 and 2.0.63; other versions may als...

ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability

ISC BIND 9 is prone to a remote cache-poisoning vulnerability. An attacker may leverage this issue to manipulate cache data, potentially facilitating man-in-the-middle, site-impersonation, or denial-of-service attacks. Versions prior to the following are vulnerable: BIND 9.4.3-P5 BIND 9.5.2-P2 BI...

CUPS '_cupsImageReadTIFF()'整数溢出漏洞

BUGTRAQ ID: 34571 CVE ID：CVE-2009-0163 CNCVE ID：CNCVE-20090163 Common Unix Printing SystemCUPS是一款通用Unix打印系统，是Unix环境下的跨平台打印解决方案，基于Internet打印协议，提供大多数PostScript和raster打印机服务。 CUPS处理TIFF图像存在整数溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。...

PHP 'mbstring扩展缓冲区溢出漏洞

BUGTRAQ ID: 32948 CVE ID：CVE-2008-5557 PHP是一款网络编程语言。 PHP mbstring扩展存在输入验证错误，远程攻击者可以利用漏洞使应用程序崩溃。 mbstring扩展用于处理多字节unicode字符串，在解码部分HTML实体为unicode字符串时存在问题，由于解码器不正确处理错误条件，堆分配缓冲区的边界检查可被有效的绕过。攻击者利用漏洞可传送任意数据到堆特定域而以应用程序权限执行任意指令。 PHP PHP 5.2.6 PHP PHP 5.2.5 PHP PHP 5.2.4 PHP PHP 5.2.3 PHP PHP 5.2.2 PHP PH...

PHP 'rfc822_write_address()' 功能缓冲区溢出漏洞

CVE-2008-2829 PHP发生缓冲区溢出漏洞，因为它未能执行边界检查，然后复制用户提供的数据不够大内存缓冲器。 攻击者可以利用这一问题向执行任意机器代码的背景下，受影响的网络服务器。利用尝试失败有可能会崩溃的Web服务器，使服务的合法用户。 的PHP 5.2.6及以前的版本是受到此漏洞的影响。 Ubuntu Ubuntu Linux 8.04 LTS sparc Ubuntu Ubuntu Linux 8.04 LTS powerpc Ubuntu Ubuntu Linux 8.04 LTS lpia Ubuntu Ubuntu Linux 8.04 LTS i386 Ubunt...

Adobe Reader 'util.printf()' JavaScript Function Stack Buffer Overflow Vulnerability

Description Adobe Reader is prone to a stack-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application or crash t...

Linux Kernel 2.6.22.16 and Prior Multiple Memory Corruption Vulnerabilities

Linux内核内存的多重漏洞，由于不足的范围内检查，在某些故障处理。 本地攻击者可以利用这些问题导致拒绝服务条件，绕过某些安全限制，而且可能获得敏感信息或获得提升的权限。 这些问题影响之前的版本2.6.22.17。 VMWare ESX Server 3.0.2 VMWare ESX Server 3.0.1 VMWare ESX Server 2.5.5 VMWare ESX Server 2.5.4 VMWare ESX Server 3.5 Ubuntu Ubuntu Linux 7.10 sparc Ubuntu Ubuntu Linux 7.10 powerpc Ubuntu...

Adobe Flash Player Multimedia File Remote Buffer Overflow Vulnerability

Description Adobe Flash Player is prone to a remote buffer-overflow vulnerability when handling multimedia files with certain tags. An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in...

Squid Proxy Cache Update Reply Processing 远程拒绝服务

Squid is prone to a remote denial-of-service vulnerability because the proxy server fails to perform boundary checks before copying user-supplied data into process buffers. Successfully exploiting this issue allows remote attackers to crash the affected application, denying further service to...