Yakir Sitbon, Ariel Klikstein Security Vulnerabilities
[SECURITY] [DSA 859-1] New xli packages fix arbitrary code execution
Debian Security Advisory DSA 859-1 [email protected] http://www.debian.org/security/ Martin Schulze October 10th, 2005 http://www.debian.org/security/faq Package : xli Vulnerability : buffer overflows Problem type :...
6.6AI Score
EPSS
[SECURITY] [DSA 858-1] New xloadimage packages fix arbitrary code execution
Debian Security Advisory DSA 858-1 [email protected] http://www.debian.org/security/ Martin Schulze October 10th, 2005 http://www.debian.org/security/faq Package : xloadimage Vulnerability : buffer overflows Problem...
6.6AI Score
EPSS
[SECURITY] [DSA 858-1] New xloadimage packages fix arbitrary code execution
Debian Security Advisory DSA 858-1 [email protected] http://www.debian.org/security/ Martin Schulze October 10th, 2005 http://www.debian.org/security/faq Package : xloadimage Vulnerability : buffer overflows Problem...
0.7AI Score
0.029EPSS
Ariel Berkman discovered several buffer overflows in xloadimage, which are also present in xli, a command line utility for viewing images in X11, and could be exploited via large image titles and cause the execution of arbitrary code. For the old stable distribution (woody) these problems have...
4.6AI Score
0.029EPSS
Hi, While creating a stripped down version of xloadimage, I have discovered three buffer overflows in xloadimage when handling the image title name. Unlike most of the supported image formats in xloadimage, the NIFF image format can store a title name of arbitrary length as part of the image file.....
0.3AI Score
xloadimage -- buffer overflows in NIFF image title handling
Ariel Berkman reports: Unlike most of the supported image formats in xloadimage, the NIFF image format can store a title name of arbitrary length as part of the image file. When xloadimage is processing a loaded image, it is creating a new Image object and then writing the...
6.4AI Score
0.029EPSS
0.7AI Score
CORE-2005-0629: MailEnable Buffer Overflow Vulnerability
Core Security Technologies - Corelabs Advisory http://www.coresecurity.com/corelabs/ MailEnable Buffer Overflow Vulnerability Date Published: 2005-07-12 Last Update: 2005-07-12 Advisory ID: CORE-2005-0629 Bugtraq ID: None currently assigned CVE Name: None currently...
-0.2AI Score
FreeBSD : cups-base -- HPGL buffer overflow vulnerability (40a3bca2-6809-11d9-a9e7-0001020eed82)
Ariel Berkman has discovered a buffer overflow vulnerability in CUPS's HPGL input driver. This vulnerability could be exploited to execute arbitrary code with the permission of the CUPS server by printing a specially crated HPGL...
0.4AI Score
0.086EPSS
[SA15986] MailEnable IMAP "STATUS" Command Buffer Overflow
Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ TITLE: MailEnable IMAP "STATUS" Command Buffer Overflow SECUNIA ADVISORY ID: SA15986 VERIFY ADVISORY:...
0.3AI Score
GLSA-200501-07 : xine-lib: Multiple overflows
The remote host is affected by the vulnerability described in GLSA-200501-07 (xine-lib: Multiple overflows) Ariel Berkman discovered that xine-lib reads specific input data into an array without checking the input size in demux_aiff.c, making it vulnerable to a buffer overflow...
0.9AI Score
0.05EPSS
GLSA-200501-10 : Vilistextum: Buffer overflow vulnerability
The remote host is affected by the vulnerability described in GLSA-200501-10 (Vilistextum: Buffer overflow vulnerability) Ariel Berkman discovered that Vilistextum unsafely reads data into an array without checking the length. This code vulnerability may lead to a buffer overflow. Impact...
1.1AI Score
0.022EPSS
Mandrake Linux Security Advisory : xine-lib (MDKSA-2005:011)
iDefense discovered that the PNA_TAG handling code in pnm_get_chunk() does not check if the input size is larger than the buffer size (CVE-2004-1187). As well, they discovered that in this same function, a negative value could be given to an unsigned variable that specifies the read length of...
0.7AI Score
0.05EPSS
Background xine-lib is a multimedia library which can be utilized to create multimedia frontends. Description Ariel Berkman discovered that xine-lib reads specific input data into an array without checking the input size in demux_aiff.c, making it vulnerable to a buffer overflow (CAN-2004-1300) ......
2.6AI Score
0.05EPSS
Vilistextum: Buffer overflow vulnerability
Background Vilistextum is an HTML to text converter. Description Ariel Berkman discovered that Vilistextum unsafely reads data into an array without checking the length. This code vulnerability may lead to a buffer overflow. Impact A remote attacker could craft a malicious webpage which, when...
3.3AI Score
0.022EPSS
XSA-2004-7: stack overflow in AIFF demultiplexer
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 xine security announcement Announcement-ID: XSA-2004-7 Summary: A stack buffer overflow vulnerability in the AIFF demultiplexer has been found by Ariel Berkman and was reported to the xine team by D. J. Bernstein. This can be used for an exploit,...
0.4AI Score
0.05EPSS
CUPS: Multiple vulnerabilities
Background The Common UNIX Printing System (CUPS) is a cross-platform print spooler, hpgltops is a CUPS filter handling printing of HPGL files and lppasswd is a program used locally to manage spooler passwords. Description CUPS makes use of vulnerable Xpdf code to handle PDF files...
1.3AI Score
0.086EPSS
GLSA-200412-25 : CUPS: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200412-25 (CUPS: Multiple vulnerabilities) CUPS makes use of vulnerable Xpdf code to handle PDF files (CAN-2004-1125). Furthermore, Ariel Berkman discovered a buffer overflow in the ParseCommand function in hpgl-input.c in...
0.5AI Score
0.086EPSS
Releases Ubuntu 4.10 Details CAN-2004-1125: The recent USN-48-1 fixed a buffer overflow in xpdf. Since CUPS contains xpdf code to convert incoming PDF files to the PostScript format, this vulnerability applies to cups as well. In this case it could even lead to privilege escalation: if an...
7.8AI Score
0.086EPSS
Mandrake Linux Security Advisory : mplayer (MDKSA-2004:157)
A number of vulnerabilities were discovered in the MPlayer program by iDEFENSE, Ariel Berkman, and the MPlayer development team. These vulnerabilities include potential heap overflows in Real RTSP and pnm streaming code, stack overflows in MMST streaming code, and multiple buffer overflows in the.....
0.4AI Score
0.046EPSS
Background MPlayer is a media player capable of handling multiple multimedia file formats. Description iDEFENSE, Ariel Berkman and the MPlayer development team found multiple vulnerabilities in MPlayer. These include potential heap overflows in Real RTSP and pnm streaming code, stack overflows in.....
3.3AI Score
GLSA-200412-21 : MPlayer: Multiple overflows
The remote host is affected by the vulnerability described in GLSA-200412-21 (MPlayer: Multiple overflows) iDEFENSE, Ariel Berkman and the MPlayer development team found multiple vulnerabilities in MPlayer. These include potential heap overflows in Real RTSP and pnm streaming code, stack...
0.2AI Score
DXFScope 0.2 - Remote Client-Side Buffer Overflow
DXFScope 0.2 - Remote Client-Side Buffer...
0.6AI Score
DJB's students release 44 *nix software vulnerability advisories
Widely deployed open source software is commonly believed to contain fewer security vulnerabilities than similar closed source software due to the possibility of unrestricted third party source code auditing. Predictably, most users of open source software do not invest a significant amount of...
1.6AI Score
7.4AI Score
EPSS
7.4AI Score
Xine-Lib 0.91 - Remote Client-Side Buffer Overflow
Xine-Lib 0.91 - Remote Client-Side Buffer...
0.6AI Score
0.5AI Score
7.4AI Score
7.4AI Score
Vilistextum 2.6.6 - HTML Attribute Parsing Buffer Overflow
Vilistextum 2.6.6 - HTML Attribute Parsing Buffer...
0.8AI Score
7.4AI Score
1.2AI Score
MPlayer 0.91.0 - MMST Get_Header Remote Client-Side Buffer Overflow
MPlayer 0.91.0 - MMST Get_Header Remote Client-Side Buffer...
0.5AI Score
7.4AI Score
EPSS
CUPS 1.1.x - .HPGL File Processor Buffer Overflow
CUPS 1.1.x - .HPGL File Processor Buffer...
1AI Score
0.5AI Score
7.4AI Score
EPSS
Bolthole Filter 2.6.1 - Address Parsing Buffer Overflow
Bolthole Filter 2.6.1 - Address Parsing Buffer...
0.6AI Score
7.4AI Score
7.4AI Score
EPSS
cups-base -- HPGL buffer overflow vulnerability
Ariel Berkman has discovered a buffer overflow vulnerability in CUPS's HPGL input driver. This vulnerability could be exploited to execute arbitrary code with the permission of the CUPS server by printing a specially crated HPGL...
3.4AI Score
0.086EPSS
xss in moodle (post.php)
+--------------------------------+ | | | XSS in Moodle < 1.3 (post.php) | | | +--------------------------------+ Autor: Javier Ubilla Brenni <javierubilla[at]spymac.com> Date: 02/08/04 Software Description: ~~~~~~~~~~~~~~~~~~~~ "Moodle...
AI Score
[CORE SDI ADVISORY] SSH1 CRC-32 compensation attack detector vulnerability
CORE SDI http://www.core-sdi.com SSH1 CRC-32 compensation attack detector vulnerability Date Published: 2001-02-08 Advisory ID: CORE-20010207 Bugtraq ID: 2347 CVE CAN: CAN-2001-0144 Title: SSH1 CRC-32 compensation attack detector vulnerability Class:...
0.1AI Score
0.122EPSS
SUBMISSION - multiple vulnerabilities in Prospero 1.3.5 CGI
= Warped Force Advisory = Author: darkyoda <[email protected]> Subject: Multiple vulnerabilities in Prospero 1.3.5 CGI Discovered: 12.15.00 Announced: 2.1.01 Vendor Status: Maintainer notified 12.27.00. New version...
0.2AI Score
[CORE SDI ADVISORY] MySQL weak authentication
CORE SDI http://www.core-sdi.com Vulnerability Report for MySQL Authentication Vulnerability Date Published: 2000-10-23 Advisory ID: CORE-20001023 Bugtraq ID: 1826 CVE CAN: Not currently assigned. Title: MySQL Authentication Vulnerability Class:...
-0.1AI Score
Linux 2.2.16pre3 Вышла новая pre-версия следующего стабильного ядра: Linux 2.2.16pre3. Подробнее: http://linuxtoday.com/news_story.php3?ltsn=2000-05-16-007-04-NW-KN Kernel Traffic #67 Вышел новый обзор Linux Kernel Traffic: #67. Подробнее: ...
-0.4AI Score
possible remote root compromise in ssh
SuSE distributions contain the ssh package in the version 1.2.27. No later version is provided because of licensing issues. SuSE maintains the 1.2.27 version in a patched package. Three new patches have been added that workaround three independent security problems in the ssh package: a) SSHD-1...
2.2AI Score
0.004EPSS
-0.2AI Score