EUVD-2008-5991

Malware in sbrugna...

Qualcomm Chipsets 安全漏洞

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that originates from a memory corruption when processing diagnostic packets from a Unix client...

[SECURITY] Fedora 42 Update: thunderbird-128.11.1-1.fc42

Mozilla Thunderbird is a standalone mail and newsgroup client...

Mageia: Security Advisory (MGASA-2025-0013)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2025-0013 Updated openafs packages fix security vulnerabilities

A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix client. CVE-2024-10394 An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash. CVE-2024-10396 A malicious server can crash the OpenAFS cac...

Updated openafs packages fix security vulnerabilities

A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix client. CVE-2024-10394 An authenticated user can provide a malformed ACL to the fileserver's StoreACL RPC, causing the fileserver to crash. CVE-2024-10396 A malicious server can crash the OpenAFS cac...

CVE-2024-10394 Theft of credentials in Unix client PAGs

A local user can bypass the OpenAFS PAG Process Authentication Group throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG...

OpenAFS 输入验证错误漏洞

OpenAFS is an OpenAFS open source set of distributed file systems. It allows files and resources to be shared between systems over LANs and WANs. OpenAFS suffers from an input validation error vulnerability that stems from the fact that a local user can bypass the process authentication group...

[SECURITY] Fedora 36 Update: golang-github-path-network-mmproxy-2.1-4.fc36

go-mmproxy is a standalone application that unwraps HAProxy's PROXY protocol also adopted by other projects such as NGINX so that the network connection to the end server comes from client's - instead of proxy server's - IP address and port number...

EKG Gadu 1.9~pre+r2855-3+b1 - Local Buffer Overflow

EKG Gadu 1.9pre+r2855-3+b1 - Local Buffer Overflow Exploit developed using Exploit Pack v6.01 Exploit Author: Juan Sacco - http://www.exploitpack.com - [email protected] Program affected: EKG Gadu Affected value: USERNAME Version: 1:1.9pre+r2855-3+b1 Tested and developed under: Kali Linux 2....

CVE-2008-6021

Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server before 7.0 SP1 have unknown impact and attack vectors, aka "security vulnerabilities found by 3rd party analysis."...

CVE-2008-6021

Multiple unspecified vulnerabilities in Attachmate Reflection for Secure IT UNIX Client and Server before 7.0 SP1 have unknown impact and attack vectors, aka "security vulnerabilities found by 3rd party analysis."...

Two vulnerabilities for PatchLink Update Client for Unix.

PatchLink Update Unix Client File clobbering vulnerability Larry W. Cashdollar Vapid Labs 1/17/2008 Overview From the vendor: “PatchLink Update™ provides rapid, accurate and secure patch management, allowing you to proactively manage threats by automating the collection, analysis and delivery of...

patchlink-pwn.txt

PatchLink Update Unix Client File clobbering vulnerability Larry W. Cashdollar Vapid Labs 1/17/2008 Overview From the vendor: “PatchLink Update™ provides rapid, accurate and secure patch management, allowing you to proactively manage threats by automating the collection, analysis and delivery of...

possible privilege escalation on Sco OpenServer 5.0.7

i started to play with a vanilla installation of SCO OpenServer 5.0.7 to check the portability of some code a few days ago, and noticed that some binary files were segfaulting if given an arbitrary long input; btw i don't think it's really a problem because most of them were not setuid/setgid, an...

Cisco VPN 5000 Client - Buffer Overrun (1)

Cisco VPN 5000 Client - Buffer Overrun 1 // source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both...

Cisco VPN 5000 Client - Buffer Overrun (2)

Cisco VPN 5000 Client - Buffer Overrun 2 // source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both...