6828 matches found
Solaris 9 (sparc) : 119777-19
commcli 6.3-2.09: core patch. Date this patch was last updated by Sun : Mar/19/07 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 9 (x86) : 121092-01
GNOME 2.6.0x86: Base GUI Libraries Patch. Date this patch was last updated by Sun : Mar/15/06 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if...
Cisco IOS VTP Malformed Version Denial of Service Vulnerability
Cisco IOS contains a vulnerability in the VLAN Trunking Protocol VTP that could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability exists because the VTP feature in several versions of Cisco IOS software does not properly handle malformed packe...
Security fix for the ALT Linux 9 package wireshark version 0.99.2-alt1
July 18, 2006 Sir Raorn 0.99.2-alt1 - 0.99.2 + CVE-2006-3627 + CVE-2006-3628 + CVE-2006-3628 + CVE-2006-3628 + CVE-2006-3628 + CVE-2006-3629 + CVE-2006-3630 + CVE-2006-3628 + CVE-2006-3631 + CVE-2006-3632 - Renaamed from ethereal to wireshark, added Obsoletes - Rediffed all patches - Updated...
[Full-disclosure] rPSA-2006-0122-1 kernel
rPath Security Advisory: 2006-0122-1 Published: 2006-07-07 Products: rPath Linux 1 Rating: Major Exposure Level Classification: Local Deterministic Denial of Service Updated Versions: kernel=/conary.rpath.com@rpl:devel//1/2.6.16.24-0.1-1 References:...
Mandrake Linux Security Advisory : samba (MDKSA-2006:120)
A vulnerability in samba 3.0.x was discovered where an attacker could cause a single smbd process to bloat, exhausting memory on the system. This bug is caused by continually increasing the size of an array which maintains state information about the number of active share connections. Updated...
Mandrake Linux Security Advisory : tetex (MDKSA-2006:113)
Integer overflows were reported in the GD Graphics Library libgd 2.0.28, and possibly other versions. These overflows allow remote attackers to cause a denial of service and possibly execute arbitrary code via PNG image files with large image rows values that lead to a heap-based buffer overflow ...
Mandrake Linux Security Advisory : xine-lib (MDKSA-2006:108)
A buffer overflow in the HTTP Plugin xinepluginphttp.so for xine-lib 1.1.1 allows remote attackers to cause a denial of service application crash via a long reply from an HTTP server, as demonstrated using gxine 0.5.6. CVE-2006-2802 In addition, a possible buffer overflow exists in the AVI demuxe...
Mandrake Linux Security Advisory : postgresql (MDKSA-2006:098)
PostgreSQL 8.1.x before 8.1.4, 8.0.x before 8.0.8, 7.4.x before 7.4.13, 7.3.x before 7.3.15, and earlier versions allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of 'Encoding-Based SQL...
Mandrake Linux Security Advisory : php (MDKSA-2006:074)
A cross-site scripting XSS vulnerability in phpinfo info.c in PHP = 5.1.2 allows remote attackers to inject arbitrary web script or HTML via long array variables, including 1 a large number of dimensions or 2 long values, which prevents HTML tags from being removed. CVE-2006-0996 Directory...
Mandrake Linux Security Advisory : xorg-x11 (MDKSA-2006:056)
Versions of Xorg 6.9.0 and greater have a bug in xf86Init.c, which allows non-root users to use the -modulepath, -logfile and -configure options. This allows loading of arbitrary modules which will execute as the root user, as well as a local DoS by overwriting system files. Updated packages have...
Mandrake Linux Security Advisory : cairo (MDKSA-2006:057)
GNOME Evolution allows remote attackers to cause a denial of service persistent client crash via an attached text file that contains 'Content-Disposition: inline' in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually...
nCipher Advisory #14: Presence of flaws in firmware security
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 nCipher Security Advisory No. 14 Presence of flaws in firmware security -------------------------------------- Note ==== nCipher is publishing three advisories numbered 12, 13 and 14 simultaneously. You are advised to review all three before taking an...
[ MDKSA-2006:047 ] - Updated metamail packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:047 http://www.mandriva.com/security/ Package : metamail Date : February 22, 2006 Affected: 10.1, 10.2, 2006.0, Corporate 3.0 Problem Description: Ulf Harnhammar discovered a buffer overflow vulnerability in...
Mandrake Linux Security Advisory : kernel (MDKSA-2006:040)
A number of vulnerabilities were discovered and corrected in the Linux 2.6 kernel : The udpv6getport function in udp.c, when running IPv6, allows local users to cause a Denial of Service infinite loop and crash CVE-2005-2973. The mqopen system call in certain situations can decrement a counter...
[Full-disclosure] [ MDKSA-2006:023 ] - Updated perl-Net_SSLeay packages fix vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2006:023 http://www.mandriva.com/security/ Package : perl-NetSSLeay Date : January 26, 2006 Affected: 10.1, 10.2, 2006.0, Corporate 3.0 Problem Description: Javier Fernandez-Sanguino Pena discovered that the perl...
Mandrake Linux Security Advisory : ipsec-tools (MDKSA-2006:020)
The Internet Key Exchange version 1 IKEv1 implementation isakmpagg.c in ipsec-tools racoon before 0.6.3, when running in aggressive mode, allows remote attackers to cause a denial of service null dereference and crash via crafted IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for...
Mandrake Linux Security Advisory : tetex (MDKSA-2006:011)
Multiple heap-based buffer overflows in the DCTStream::readProgressiveSOF and DCTStream::readBaselineSOF functions in the DCT stream parsing code Stream.cc in xpdf 3.01 and earlier, allow user-complicit attackers to cause a denial of service heap corruption and possibly execute arbitrary code via...
Mandrake Linux Security Advisory : curl (MDKSA-2005:224)
Stefan Esser discovered that libcurl's URL parser function can have a malloced buffer overflows in two ways if given a too long URL. It cannot be triggered by a redirect, which makes remote exploitation unlikely, but can be passed directly to libcurl allowing for local exploitation and could also...
[Full-disclosure] MDKSA-2005:239 - Updated printer-filters-utils packages fix local vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDKSA-2005:239 http://www.mandriva.com/security/ Package : printer-filters-utils Date : December 30, 2005 Affected: 10.1, 10.2, 2006.0, Corporate 2.1, Corporate 3.0 Problem Description: "newbug" discovered a local root...