6526 matches found
squid -- several remote denial of service vulnerabilities
Squid security advisory 2009:2 reports: Due to incorrect buffer limits and related bound checks Squid is vulnerable to a denial of service attack when processing specially crafted requests or responses. Due to incorrect data validation Squid is vulnerable to a denial of service attack when...
joomla15 -- com_mailto Timeout Issue
Joomla! Security Center reports: In commailto, it was possible to bypass timeout protection against sending automated emails...
mozilla -- corrupt JIT state after deep return from native function
Mozilla Project reports: Firefox user zbyte reported a crash that we determined could result in an exploitable memory corruption problem. In certain cases after a return from a native function, such as escape, the Just-in-Time JIT compiler could get into a corrupt state. This could be exploited b...
mono -- XML signature HMAC truncation spoofing
Secunia reports: A security issue has been reported in Mono, which can be exploited by malicious people to conduct spoofing attacks. The security issue is caused due to an error when processing certain XML signatures...
isc-dhcp-client -- Stack overflow vulnerability
US-CERT reports: The ISC DHCP dhclient application contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code with root privileges...
linux-flashplugin -- multiple vulnerabilities
Adobe Product Security Incident Response Team reports: Critical vulnerabilities have been identified in Adobe Flash Player version 10.0.32.18 and earlier. These vulnerabilities could cause the application to crash and could potentially allow an attacker to take control of the affected system...
drupal -- multiple vulnerabilities
The Drupal Security Team reports: Cross-site scripting The Forum module does not correctly handle certain arguments obtained from the URL. By enticing a suitably privileged user to visit a specially crafted URL, a malicious user is able to insert arbitrary HTML and script code into forum pages...
phpmyadmin -- XSS vulnerability
The phpMyAdmin project reports: It was possible to conduct an XSS attack via a crafted SQL bookmark. All 3.x releases on which the "bookmarks" feature is active are affected, previous versions are not...
apache -- Prevent chunk-size integer overflow on platforms where sizeof(int) < sizeof(long)
Apache ChangeLog reports: Integer overflow in the approxysendfb function in proxy/proxyutil.c in modproxy in the Apache HTTP Server before 1.3.42 on 64-bit platforms allows remote origin servers to cause a denial of service daemon crash or possibly execute arbitrary code via a large chunk size th...
tor-devel -- DNS resolution vulnerability
The Tor Project reports: A malicious exit relay could convince a controller that the client's DNS question resolves to an internal IP address...
nfsen -- remote command execution
nfsen reports: Due to double input checking, a remote command execution security bug exists in all NfSen versions 1.3 and 1.3.1. Users are requested to update to nfsen-1.3.2...
mozilla -- multiple vulnerabilities
Mozilla Foundation reports: MFSA 2009-32 JavaScript chrome privilege escalation MFSA 2009-31 XUL scripts bypass content-policy checks MFSA 2009-30 Incorrect principal set for file: resources loaded via location bar MFSA 2009-29 Arbitrary code execution using event listeners attached to an element...
ruby -- BigDecimal denial of service vulnerability
The official ruby site reports: A denial of service DoS vulnerability was found on the BigDecimal standard library of Ruby. Conversion from BigDecimal objects into Float numbers had a problem which enables attackers to effectively cause segmentation faults. An attacker can cause a denial of servi...
apr -- multiple vulnerabilities
Secunia reports: Some vulnerabilities have been reported in APR-util, which can be exploited by malicious users and malicious people to cause a DoS Denial of Service. A vulnerability is caused due to an error in the processing of XML files and can be exploited to exhaust all available memory via ...
git -- denial of service vulnerability
SecurityFocus reports: Git is prone to a denial-of-service vulnerability because it fails to properly handle some client requests. Attackers can exploit this issue to cause a daemon process to enter an infinite loop. Repeated exploits may consume excessive system resources, resulting in a denial ...
joomla -- multiple vulnerabilities
Secunia reports: Some vulnerabilities have been reported in Joomla!, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being used. This can be...
pidgin -- multiple vulnerabilities
Secunia reports: Some vulnerabilities and weaknesses have been reported in Pidgin, which can be exploited by malicious people to cause a DoS or to potentially compromise a user's system. A truncation error in the processing of MSN SLP messages can be exploited to cause a buffer overflow. A bounda...
cscope -- multiple buffer overflows
Secunia reports: Some vulnerabilities have been reported in Cscope, which potentially can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to various boundary errors, which can be exploited to cause buffer overflows when parsing specially crafted...
cscope -- buffer overflow
SecurityFocus reports: Attackers may leverage this issue to execute arbitrary code in the context of the application. Failed attacks will cause denial-of-service conditions...
nagios -- Command Injection Vulnerability
Secunia reports: A vulnerability has been reported in Nagios, which can be exploited by malicious users to potentially compromise a vulnerable system. Input passed to the "ping" parameter in statuswml.cgi is not properly sanitised before being used to invoke the ping command. This can be exploite...
horde-base -- multiple vulnerabilities
The Horde team reports: An error within the form library when handling image form fields can be exploited to overwrite arbitrary local files. An error exists within the MIME Viewer library when rendering unknown text parts. This can be exploited to execute arbitrary HTML and script code in a user...
dokuwiki -- Local File Inclusion with register_globals on
DokuWiki reports: A security hole was discovered which allows an attacker to include arbitrary files located on the attacked DokuWiki installation. The included file is executed in the PHP context. This can be escalated by introducing malicious code through uploading file via the media manager or...
tiff -- Multiple integer overflows
Tielei Wang: Multiple integer overflows in inter-color spaces conversion tools in libtiff 3.8 through 3.8.2, 3.9, and 4.0 allow context-dependent attackers to execute arbitrary code via a TIFF image with large 1 width and 2 height values, which triggers a heap-based buffer overflow in the a...
wireshark -- PCNFSD Dissector Denial of Service Vulnerability
Secunia reports: A vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS. The vulnerability is caused due to an error in the PCNFSD dissector and can be exploited to cause a crash via a specially crafted PCNFSD packet...
GnuTLS -- multiple vulnerabilities
SecurityFocus reports: GnuTLS is prone to multiple remote vulnerabilities: A remote code-execution vulnerability. A denial-of-service vulnerability. A signature-generation vulnerability. A signature-verification vulnerability. An attacker can exploit these issues to potentially execute arbitrary...
slim -- local disclosure of X authority magic cookie
Secunia reports: A security issue has been reported in SLiM, which can be exploited by malicious, local users to disclose sensitive information. The security issue is caused due to the application generating the X authority file by passing the X authority cookie via the command line to "xauth"...
nsd -- buffer overflow vulnerability
NLnet Labs: A one-byte buffer overflow has been reported in NSD. The problem affects all versions 2.0.0 to 3.2.1. The bug allows a carefully crafted exploit to bring down your DNS server. It is highly unlikely that this one byte overflow can lead to other system exploits...
openssl -- denial of service in DTLS implementation
Secunia reports: Some vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to cause a DoS. The library does not limit the number of buffered DTLS records with a future epoch. This can be exploited to exhaust all available memory via specially crafted DTLS...
eggdrop -- denial of service vulnerability
Secunia reports: The vulnerability is caused due to an error in the processing of private messages within the server module /mod/server.mod/servrmsg.c. This can be exploited to cause a crash by sending a specially crafted message to the bot...
libsndfile -- multiple vulnerabilities
Secunia reports: Two vulnerabilities have been reported in libsndfile, which can be exploited by malicious people to compromise an application using the library. A boundary error exists within the "vocreadheader" function in src/voc.c. This can be exploited to cause a heap-based buffer overflow v...
drupal -- cross-site scripting
The Drupal Security Team reports: When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte...
ntp -- stack-based buffer overflow
US-CERT reports: ntpd contains a stack buffer overflow which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system or create a denial of service...
cups -- remote code execution and DNS rebinding
Gentoo security team summarizes: The following issues were reported in CUPS: iDefense reported an integer overflow in the cupsImageReadTIFF function in the "imagetops" filter, leading to a heap-based buffer overflow CVE-2009-0163. Aaron Siegel of Apple Product Security reported that the CUPS web...
libwmf -- embedded GD library Use-After-Free vulnerability
Secunia reports: A vulnerability has been reported in libwmf, which can be exploited by malicious people to cause a DoS Denial of Service or compromise an application using the library. The vulnerability is caused due to a use-after-free error within the embedded GD library, which can be exploite...
quagga -- Denial of Service
Debian Security Team reports: It was discovered that Quagga, an IP routing daemon, could no longer process the Internet routing table due to broken handling of multiple 4-byte AS numbers in an AS path. If such a prefix is received, the BGP daemon crashes with an assert failure leading to a denial...
openfire -- Openfire No Password Changes Security Bypass
Secunia reports: A vulnerability has been reported in Openfire which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to Openfire not properly respecting the no password changes setting which can be exploited to change passwords by sendi...
drupal -- cross site scripting
Drupal Security Team reports: When outputting user-supplied data Drupal strips potentially dangerous HTML attributes and tags or escapes characters which have a special meaning in HTML. This output filtering secures the site against cross site scripting attacks via user input. Certain byte...
memcached -- memcached stats maps Information Disclosure Weakness
Secunia reports: A weakness has been reported in memcached, which can be exploited by malicious people to disclose system information. The weakness is caused due to the application disclosing the content of /proc/self/maps if a stats maps command is received. This can be exploited to disclose e.g...
moinmoin -- cross-site scripting vulnerabilities
Secunia reports: Input passed via multiple parameters to action/AttachFile.py is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site...
mozilla -- multiple vulnerabilities
Mozilla Foundation reports: MFSA 2009-22: Firefox allows Refresh header to redirect to javascript: URIs MFSA 2009-21: POST data sent to wrong site when saving web page with embedded frame MFSA 2009-20: Malicious search plugins can inject code into arbitrary sites MFSA 2009-19: Same-origin...
poppler -- Poppler Multiple Vulnerabilities
Secunia reports: Some vulnerabilities have been reported in Poppler which can be exploited by malicious people to potentially compromise an application using the library...
freetype2 -- multiple vulnerabilities
Secunia reports: Some vulnerabilities have been reported in FreeType, which can be exploited by malicious people to potentially compromise an application using the library. An integer overflow error within the "cffcharsetcomputecids" function in cff/cffload.c can be exploited to potentially cause...
xpdf -- multiple vulnerabilities
Secunia reports: Some vulnerabilities have been reported in Xpdf, which can be exploited by malicious people to potentially compromise a user's system. A boundary error exists when decoding JBIG2 symbol dictionary segments. This can be exploited to cause a heap-based buffer overflow and potential...
phpmyadmin -- insufficient output sanitizing when generating configuration file
phpMyAdmin Team reports: Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file. Combined with ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code. This...
cyrus-sasl -- buffer overflow vulnerability
US-CERT reports: The saslencode64 function converts a string into base64. The Cyrus SASL library contains buffer overflows that occur because of unsafe use of the saslencode64 function...
wireshark -- multiple vulnerabilities
Wireshark team reports: Wireshark 1.0.7 fixes the following vulnerabilities: The PROFINET dissector was vulnerable to a format string overflow. Bug 3382 Versions affected: 0.99.6 to 1.0.6, CVE-2009-1210. The Check Point High-Availability Protocol CPHAP dissector could crash. Bug 3269 Versions...
libxine -- multiple vulnerabilities
xine developers report: Fix another possible int overflow in the 4XM demuxer. ref. TKADV2009-004, CVE-2009-0385 Fix an integer overflow in the Quicktime demuxer...
FreeBSD -- remotely exploitable crash in OpenSSL
Problem Description The function ASN1STRINGprintex does not properly validate the lengths of BMPString or UniversalString objects before attempting to print them. Impact An application which attempts to print a BMPString or UniversalString which has an invalid length will crash as a result of...
phpmyadmin -- insufficient output sanitizing when generating configuration file
phpMyAdmin reports: Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file...
drupal6-cck -- cross-site scripting
Drupal CCK plugin developer reports: The Node reference and User reference sub-modules, which are part of the Content Construction Kit CCK project, lets administrators define node fields that are references to other nodes or to users. When displaying a node edit form, the titles of candidate...