«
Expand/Collapse
89 items tagged "buffer overflows"
Related tags:
linux [+],
mandriva [+],
buffer overflow [+],
server [+],
gentoo linux security [+],
site [+],
netio [+],
memory corruption [+],
function [+],
denial of service [+],
code [+],
smb [+],
security advisory [+],
dsa [+],
autonomy [+],
zach hoffmann [+],
vulnerability [+],
session [+],
serial number field [+],
scada systems [+],
s system [+],
roberto suggi [+],
ntr [+],
multiple buffer overflow [+],
layout engine [+],
keyview [+],
jpeg 2000 [+],
javascript engine [+],
image [+],
iconics [+],
gentoo [+],
genesis [+],
ftp server [+],
ftp [+],
freefloat [+],
format [+],
font library [+],
flexible interface [+],
factorylink [+],
factory [+],
execution [+],
engine [+],
debian linux [+],
datac [+],
control [+],
christian holler [+],
business simulation game [+],
buffer overflow vulnerabilities [+],
bartlomiej balcerek [+],
audition [+],
adobe audition [+],
adobe [+],
activex control [+],
activex [+],
zero day [+],
zdi [+],
winscard [+],
windows security [+],
whitepaper [+],
volume [+],
tolower [+],
tiff image [+],
tiff [+],
sound [+],
sip [+],
sieve [+],
png image [+],
png file [+],
png [+],
patent claims [+],
null pointer [+],
novell netware [+],
network traffic analyzer [+],
multiple [+],
msgfunctiondemarshall [+],
message data [+],
memory [+],
mail message [+],
magazine volume [+],
magazine [+],
lotus 123 [+],
knife [+],
integer [+],
impulse tracker [+],
hitb [+],
heap [+],
glpng [+],
gdip [+],
format validation [+],
format strings [+],
fixed [+],
file [+],
exploits [+],
dissector [+],
directory [+],
cyrus [+],
corruption [+],
bypassing [+],
bmp image [+],
based buffer overflow [+],
army knife [+],
army [+],
anatomy [+],
advisory updates [+],
security [+],
linux security [+],
wkssr [+],
webos [+],
web developer community [+],
web [+],
vmware products [+],
system languages [+],
secunia [+],
safer use [+],
research [+],
python [+],
overflows [+],
non common [+],
module [+],
memory issues [+],
logic error [+],
logic [+],
ladd harris [+],
invalid pointer [+],
integer overflow [+],
glsa [+],
fyodor tags [+],
chris clark townsend [+],
browser engine [+],
boston [+],
bmp image files [+],
black hat [+],
avi file [+],
avi [+],
asia [+],
architectures [+],
application [+],
txt [+],
debian [+],
mandriva linux [+],
advisory [+],
mdvsa [+],
buffer [+]
-
-
16:48
»
Packet Storm Security Recent Files
This whitepaper goes into detail on how to bypass tolower() filters in buffer overflows. It uses a stack-based buffer overflow as an example but the technique can also be applied to heap overflows as well.
-
16:48
»
Packet Storm Security Misc. Files
This whitepaper goes into detail on how to bypass tolower() filters in buffer overflows. It uses a stack-based buffer overflow as an example but the technique can also be applied to heap overflows as well.
-
-
7:35
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2413-1 - Two buffer overflows have been discovered in libarchive, a library providing a flexible interface for reading and writing archives in various formats. The possible buffer overflows while reading is9660 or tar streams allow remote attackers to execute arbitrary code depending on the application that makes use of this functionality.
-
7:35
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2413-1 - Two buffer overflows have been discovered in libarchive, a library providing a flexible interface for reading and writing archives in various formats. The possible buffer overflows while reading is9660 or tar streams allow remote attackers to execute arbitrary code depending on the application that makes use of this functionality.
-
7:35
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2413-1 - Two buffer overflows have been discovered in libarchive, a library providing a flexible interface for reading and writing archives in various formats. The possible buffer overflows while reading is9660 or tar streams allow remote attackers to execute arbitrary code depending on the application that makes use of this functionality.
-
-
19:35
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2386-1 - Several vulnerabilities have been discovered in openttd, a transport business simulation game. Multiple buffer overflows and off-by-one errors allow remote attackers to cause denial of service.
-
19:35
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2386-1 - Several vulnerabilities have been discovered in openttd, a transport business simulation game. Multiple buffer overflows and off-by-one errors allow remote attackers to cause denial of service.
-
19:35
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2386-1 - Several vulnerabilities have been discovered in openttd, a transport business simulation game. Multiple buffer overflows and off-by-one errors allow remote attackers to cause denial of service.
-
19:33
»
Packet Storm Security Advisories
Secunia Research has discovered four buffer overflows in the NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. NTR ActiveX Control version 1.1.8 is affected.
-
19:33
»
Packet Storm Security Recent Files
Secunia Research has discovered four buffer overflows in the NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. NTR ActiveX Control version 1.1.8 is affected.
-
19:33
»
Packet Storm Security Misc. Files
Secunia Research has discovered four buffer overflows in the NTR ActiveX control, which can be exploited by malicious people to compromise a user's system. NTR ActiveX Control version 1.1.8 is affected.
-
-
22:35
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2371-1 - Two buffer overflows were discovered in JasPer, a library for handling JPEG-2000 images, which could lead to the execution of arbitrary code.
-
22:35
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2371-1 - Two buffer overflows were discovered in JasPer, a library for handling JPEG-2000 images, which could lead to the execution of arbitrary code.
-
22:35
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2371-1 - Two buffer overflows were discovered in JasPer, a library for handling JPEG-2000 images, which could lead to the execution of arbitrary code.
-
-
17:28
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201111-12 - Multiple vulnerabilities, including buffer overflows, have been found in abcm2ps. Versions less than 5.9.13 are affected.
-
17:28
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201111-12 - Multiple vulnerabilities, including buffer overflows, have been found in abcm2ps. Versions less than 5.9.13 are affected.
-
17:28
»
Packet Storm Security Misc. Files
Gentoo Linux Security Advisory 201111-12 - Multiple vulnerabilities, including buffer overflows, have been found in abcm2ps. Versions less than 5.9.13 are affected.
-
-
7:51
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2329-1 - Bartlomiej Balcerek discovered several buffer overflows in torque server, a PBS-derived batch processing server. This allows an attacker to crash the service or execute arbitrary code with privileges of the server via crafted job or host names.
-
7:51
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2329-1 - Bartlomiej Balcerek discovered several buffer overflows in torque server, a PBS-derived batch processing server. This allows an attacker to crash the service or execute arbitrary code with privileges of the server via crafted job or host names.
-
7:51
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2329-1 - Bartlomiej Balcerek discovered several buffer overflows in torque server, a PBS-derived batch processing server. This allows an attacker to crash the service or execute arbitrary code with privileges of the server via crafted job or host names.
-
-
17:46
»
Packet Storm Security Recent Files
HITB Magazine Volume 1 Issue 7 - Topics include What Would We Do Without Enemies, Extending SQL Injection Attacks Using Buffer Overflows, Windows Security Hardening, and more.
-
17:46
»
Packet Storm Security Misc. Files
HITB Magazine Volume 1 Issue 7 - Topics include What Would We Do Without Enemies, Extending SQL Injection Attacks Using Buffer Overflows, Windows Security Hardening, and more.
-
-
11:44
»
Packet Storm Security Exploits
Core Security Technologies Advisory - Adobe Audition is vulnerable to numerous buffer overflows while parsing several fields inside the TRKM chunk on session (.ses) files. Then, a memory corruption can be leveraged to execute arbitrary code on vulnerable systems by enticing users to open specially crafted session files.
-
11:44
»
Packet Storm Security Recent Files
Core Security Technologies Advisory - Adobe Audition is vulnerable to numerous buffer overflows while parsing several fields inside the TRKM chunk on session (.ses) files. Then, a memory corruption can be leveraged to execute arbitrary code on vulnerable systems by enticing users to open specially crafted session files.
-
11:44
»
Packet Storm Security Misc. Files
Core Security Technologies Advisory - Adobe Audition is vulnerable to numerous buffer overflows while parsing several fields inside the TRKM chunk on session (.ses) files. Then, a memory corruption can be leveraged to execute arbitrary code on vulnerable systems by enticing users to open specially crafted session files.
-
-
13:04
»
Packet Storm Security Exploits
A very large amount of vulnerabilities have been discovered in multiple SCADA systems. These ranges from buffer overflows to denial of service to directory traversal issues and more. Systems affected include Siemens Tecnomatix FactoryLink, Iconics GENESIS32 / GENESIS64, 7-Technologies IGSS, and DATAC RealWin. Included are 34 advisories and related proof of concepts.
-
13:04
»
Packet Storm Security Recent Files
A very large amount of vulnerabilities have been discovered in multiple SCADA systems. These ranges from buffer overflows to denial of service to directory traversal issues and more. Systems affected include Siemens Tecnomatix FactoryLink, Iconics GENESIS32 / GENESIS64, 7-Technologies IGSS, and DATAC RealWin. Included are 34 advisories and related proof of concepts.
-
13:04
»
Packet Storm Security Misc. Files
A very large amount of vulnerabilities have been discovered in multiple SCADA systems. These ranges from buffer overflows to denial of service to directory traversal issues and more. Systems affected include Siemens Tecnomatix FactoryLink, Iconics GENESIS32 / GENESIS64, 7-Technologies IGSS, and DATAC RealWin. Included are 34 advisories and related proof of concepts.
-
-
11:01
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2180-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. Roberto Suggi Liverani discovered that the sanitizing performed by ParanoidFragmentSink was incomplete. Zach Hoffmann discovered that incorrect parsing of recursive eval() calls could lead to attackers forcing acceptance of a confirmation dialogue. Crashes in the layout engine may lead to the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Various other issues have also been addressed.
-
11:01
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2180-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. Roberto Suggi Liverani discovered that the sanitizing performed by ParanoidFragmentSink was incomplete. Zach Hoffmann discovered that incorrect parsing of recursive eval() calls could lead to attackers forcing acceptance of a confirmation dialogue. Crashes in the layout engine may lead to the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Various other issues have also been addressed.
-
11:01
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2180-1 - Several vulnerabilities have been found in the Iceape internet suite, an unbranded version of Seamonkey. Roberto Suggi Liverani discovered that the sanitizing performed by ParanoidFragmentSink was incomplete. Zach Hoffmann discovered that incorrect parsing of recursive eval() calls could lead to attackers forcing acceptance of a confirmation dialogue. Crashes in the layout engine may lead to the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Christian Holler discovered buffer overflows in the Javascript engine, which could allow the execution of arbitrary code. Various other issues have also been addressed.
-
8:12
»
Packet Storm Security Advisories
Ubuntu Security Notice 1049-1 - Multiple vulnerabilities have been addressed in the firefox and xulrunner packages. Jesse Ruderman, Igor Bukanov, Olli Pettay, Gary Kwong, Jeff Walden, Henry Sivonen, Martijn Wargers, David Baron and Marcia Knous discovered several memory issues in the browser engine. Zach Hoffman discovered that a recursive call to eval() wrapped in a try/catch statement places the browser into a inconsistent state. It was discovered that memory was used after being freed in a method used by JSON.stringify. Christian Holler discovered multiple buffer overflows in the JavaScript engine. Daniel Kozlowski discovered that a JavaScript Worker kept a reference to memory after it was freed. Various other issues have also been addressed.
-
-
16:15
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2155-1 - Two buffer overflows were found in the Freetype font library, which could lead to the execution of arbitrary code.
-
16:15
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2155-1 - Two buffer overflows were found in the Freetype font library, which could lead to the execution of arbitrary code.
-
16:15
»
Packet Storm Security Misc. Files
Debian Linux Security Advisory 2155-1 - Two buffer overflows were found in the Freetype font library, which could lead to the execution of arbitrary code.
-
-
12:44
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2011-011 - Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to card-starcos.c.
-
12:44
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2011-011 - Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to card-starcos.c.
-
12:44
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2011-011 - Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to card-starcos.c.
-
-
16:01
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-227 - Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a SITE MKDIR, SITE UTIME command. Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a FTPS server.
-
16:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-227 - Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a SITE MKDIR, SITE UTIME command. Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a FTPS server.
-
14:19
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-227 - Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a SITE MKDIR, SITE UTIME command. Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a FTPS server.
-
14:19
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-227 - Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a SITE MKDIR, SITE UTIME command. Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a FTPS server.
-
14:19
»
Packet Storm Security Misc. Files
Mandriva Linux Security Advisory 2010-227 - Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authenticated users to create directories, delete directories, create symlinks, and modify file timestamps via directory traversal sequences in a SITE MKDIR, SITE UTIME command. Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD before 1.3.3c allow remote attackers to execute arbitrary code via vectors involving a TELNET IAC escape character to a FTPS server.
-
-
22:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-215 - Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service via a large ZSIZE value in a black-and-white RGB image that triggers an invalid pointer dereference. Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the expandrow function. The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept function, and does not have accompanying documentation describing how daemon applications should handle unsuccessful calls to the accept function, which makes it easier for remote attackers to conduct denial of service attacks that terminate these applications via network connections. Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allow remote attackers to cause a denial of service by establishing and then immediately closing a TCP connection, leading to the accept function having an unexpected return value of None, an unexpected value of None for the address, or an ECONNABORTED, EAGAIN, or EWOULDBLOCK error, or the getpeername function having an ENOTCONN error, a related issue to CVE-2010-3492.
-
-
18:01
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-196 - Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
-
18:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-196 - Multiple stack-based buffer overflows in the Sieve plugin in Dovecot 1.0 before 1.0.4 and 1.1 before 1.1.7, as derived from Cyrus libsieve, allow context-dependent attackers to cause a denial of service and possibly execute arbitrary code via a crafted SIEVE script, as demonstrated by forwarding an e-mail message to a large number of recipients, a different vulnerability than CVE-2009-2632.
-
-
14:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-189 - The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service via crafted SCARD_SET_ATTRIB message data, which is improperly demarshalled and triggers a buffer over-read, a related issue to CVE-2010-0407. Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon in MUSCLE PCSC-Lite 1.5.4 and earlier might allow local users to gain privileges via crafted this vulnerability exists because of an incorrect fix for CVE-2010-0407. Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.
-
14:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-189 - The MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon in MUSCLE PCSC-Lite before 1.5.4 might allow local users to cause a denial of service via crafted SCARD_SET_ATTRIB message data, which is improperly demarshalled and triggers a buffer over-read, a related issue to CVE-2010-0407. Buffer overflow in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon in MUSCLE PCSC-Lite 1.5.4 and earlier might allow local users to gain privileges via crafted this vulnerability exists because of an incorrect fix for CVE-2010-0407. Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart Card daemon in MUSCLE PCSC-Lite before 1.5.4 allow local users to gain privileges via crafted message data, which is improperly demarshalled.
-
-
13:01
»
SecuriTeam
Two vulnerabilities were discoverd in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
19:00
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-179 - Multiple integer overflows in glpng.c in glpng 1.45 allow context-dependent attackers to execute arbitrary code via a crafted PNG image, related to the pngLoadF function, leading to heap-based buffer overflows. The updated packages have been patched to correct this issue.
-
19:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-179 - Multiple integer overflows in glpng.c in glpng 1.45 allow context-dependent attackers to execute arbitrary code via a crafted PNG image, related to the pngLoadF function, leading to heap-based buffer overflows. The updated packages have been patched to correct this issue.
-
-
12:01
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-166 - Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; a crafted JPEG file, related to the gdip_load_jpeg_image_internal function in jpegcodec.c; or a crafted BMP file, related to the gdip_read_bmp_image function in bmpcodec.c, leading to heap-based buffer overflows. The updated packages have been patched to correct this issue.
-
12:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-166 - Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrary code via a crafted TIFF file, related to the gdip_load_tiff_image function in tiffcodec.c; a crafted JPEG file, related to the gdip_load_jpeg_image_internal function in jpegcodec.c; or a crafted BMP file, related to the gdip_read_bmp_image function in bmpcodec.c, leading to heap-based buffer overflows. The updated packages have been patched to correct this issue.
-
-
12:01
»
Packet Storm Security Recent Files
Secunia Research has discovered two vulnerabilities in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused by boundary errors in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing certain records. This can be exploited to cause stack-based buffer overflows via specially crafted files. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
-
12:00
»
Packet Storm Security Advisories
Secunia Research has discovered two vulnerabilities in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused by boundary errors in the SpreadSheet Lotus 123 reader (wkssr.dll) when parsing certain records. This can be exploited to cause stack-based buffer overflows via specially crafted files. Successful exploitation allows execution of arbitrary code. Autonomy KeyView versions 10.4 and 10.9 are affected.
-
-
19:01
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-140 - This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs. Fixed a possible resource destruction issues in shm_put_var(). Fixed a possible information leak because of interruption of XOR operator. Fixed a possible memory corruption because of unexpected call-time pass by reference and following memory clobbering through callbacks. Fixed a possible memory corruption in ArrayObject::uasort(). Fixed a possible memory corruption in parse_str(). Fixed a possible memory corruption in pack(). Fixed a possible memory corruption in substr_replace(). Fixed a possible memory corruption in addcslashes(). Fixed a possible stack exhaustion inside fnmatch(). Fixed a possible dechunking filter buffer overflow. Fixed a possible arbitrary memory access inside sqlite extension. Fixed string format validation inside phar extension. Fixed handling of session variable serialization on certain prefix characters. Fixed a NULL pointer dereference when processing invalid XML-RPC requests. Fixed SplObjectStorage unserialization problems. Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. Fixed possible buffer overflows when handling error packets in mysqlnd. Additionally some of the third party extensions and required dependencies has been upgraded and/or rebuilt for the new php version.
-
19:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-140 - This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs. Fixed a possible resource destruction issues in shm_put_var(). Fixed a possible information leak because of interruption of XOR operator. Fixed a possible memory corruption because of unexpected call-time pass by reference and following memory clobbering through callbacks. Fixed a possible memory corruption in ArrayObject::uasort(). Fixed a possible memory corruption in parse_str(). Fixed a possible memory corruption in pack(). Fixed a possible memory corruption in substr_replace(). Fixed a possible memory corruption in addcslashes(). Fixed a possible stack exhaustion inside fnmatch(). Fixed a possible dechunking filter buffer overflow. Fixed a possible arbitrary memory access inside sqlite extension. Fixed string format validation inside phar extension. Fixed handling of session variable serialization on certain prefix characters. Fixed a NULL pointer dereference when processing invalid XML-RPC requests. Fixed SplObjectStorage unserialization problems. Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. Fixed possible buffer overflows when handling error packets in mysqlnd. Additionally some of the third party extensions and required dependencies has been upgraded and/or rebuilt for the new php version.
-
-
19:03
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-137 - Multiple integer underflows/overflows and heap buffer overflows was discovered and fixed. A heap buffer overflow was discovered in the bytecode support. The bytecode support is NOT enabled per default in Mandriva due to previous patent claims, but packages by PLF is affected. The updated packages have been patched to correct these issues.
-
19:01
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-137 - Multiple integer underflows/overflows and heap buffer overflows was discovered and fixed. A heap buffer overflow was discovered in the bytecode support. The bytecode support is NOT enabled per default in Mandriva due to previous patent claims, but packages by PLF is affected. The updated packages have been patched to correct these issues.
-
-
19:02
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2071-1 - Dyon Balding discovered buffer overflows in the MikMod sound library, which could lead to the execution of arbitrary code if a user is tricked into opening malformed Impulse Tracker or Ultratracker sound files.
-
19:01
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2071-1 - Dyon Balding discovered buffer overflows in the MikMod sound library, which could lead to the execution of arbitrary code if a user is tricked into opening malformed Impulse Tracker or Ultratracker sound files.
-
-
19:02
»
Packet Storm Security Recent Files
Debian Linux Security Advisory 2066-1 - Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer. It was discovered that null pointer dereferences, buffer overflows and infinite loops in the SMB, SMB PIPE, ASN1.1 and SigComp dissectors could lead to denial of service or the execution of arbitrary code.
-
19:01
»
Packet Storm Security Advisories
Debian Linux Security Advisory 2066-1 - Several remote vulnerabilities have been discovered in the Wireshark network traffic analyzer. It was discovered that null pointer dereferences, buffer overflows and infinite loops in the SMB, SMB PIPE, ASN1.1 and SigComp dissectors could lead to denial of service or the execution of arbitrary code.
-
-
22:00
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201006-6 - Stack-based buffer overflows in Transmission may allow for remote execution of arbitrary code. Multiple stack-based buffer overflows in the tr_magnetParse() function in libtransmission/magnet.c have been discovered. Versions less than 1.92 are affected.
-
19:00
»
Packet Storm Security Recent Files
Gentoo Linux Security Advisory 201006-2 - Multiple integer overflows in CamlImages might result in the remote execution of arbitrary code. Tielei Wang reported multiple integer overflows, possibly leading to heap-based buffer overflows in the (1) read_png_file() and read_png_file_as_rgb24() functions, when processing a PNG image (CVE-2009-2295) and (2) gifread.c and jpegread.c files when processing GIF or JPEG images (CVE-2009-2660). Versions less than 3.0.2 are affected.
-
19:00
»
Packet Storm Security Advisories
Gentoo Linux Security Advisory 201006-2 - Multiple integer overflows in CamlImages might result in the remote execution of arbitrary code. Tielei Wang reported multiple integer overflows, possibly leading to heap-based buffer overflows in the (1) read_png_file() and read_png_file_as_rgb24() functions, when processing a PNG image (CVE-2009-2295) and (2) gifread.c and jpegread.c files when processing GIF or JPEG images (CVE-2009-2660). Versions less than 3.0.2 are affected.
-
-
4:49
»
SecDocs
Authors:
Chris Clark Townsend Ladd Harris Tags:
web application law Event:
Source Conference Boston 2010 Abstract: WebOS developers work with a large spectrum of web and system languages, including JavaScript, Java, and C++. WebOS is the first mobile platform that primarily uses web languages; however, we believe that they will become more common as platform vendors court the massive web developer community. But, web developers do not understand how the subtleties of how the mobile security model differs from that of the web. For example, WebOS does not enforce the Same Origin Policy (SOP) and some valuable user data is shared. Consequently, minor web application vulnerabilities have a much larger impact on WebOS phones. Almost all WebOS applications run as JavaScript within a WebKit process. However, the same privileges do not apply to all applications. Attackers can use attacks, such as Cross-Site Scripting or buffer overflows, to compromise low-privileged applications and then exploit WebOS unique vulnerabilities classes, such as Card Parameter Injection, to compromise system services and elevate privileges. This presentation will show how to find and exploit these vulnerabilities, a topic which has never been discussed in a public forum. Combined, the presenters published the first WebOS security information and responsibly disclosed over ten WebOS vulnerabilities. Discovering these vulnerabilities required developing innovative security testing techniques. For example, we created a WebOS specific fuzzing agent that uses JavaScript to monitor and detect application failures. We plan on releasing these tools at SOURCE Boston.
-
-
12:00
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-105 - This updates provides a new OpenOffice.org version 3.1.1. It holds security and bug fixes for integer and heap-based buffer overflows.
-
12:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-105 - This updates provides a new OpenOffice.org version 3.1.1. It holds security and bug fixes for integer and heap-based buffer overflows.
-
-
20:00
»
Packet Storm Security Advisories
Secunia Research has discovered a vulnerability in imlib2, which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused by a logic error within the IMAGE_DIMENSIONS_OK() macro in src/lib/image.h. This can be exploited to cause heap-based buffer overflows via e.g. specially crafted ARGB, XPM, and BMP image files.
-
-
22:00
»
Packet Storm Security Advisories
Secunia Research has discovered two vulnerabilities in multiple VMWare products, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused by two integer truncation errors in vmnc.dll when processing HexTile encoded video chunks and can be exploited to cause heap-based buffer overflows. Successful exploitation may allow execution of arbitrary code by tricking a user into opening a specially crafted AVI file.
-
-
19:52
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 10-062 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware NWFTPD daemon. Authentication or default anonymous access is required to exploit this vulnerability. The specific flaw exists when parsing malformed arguments to the verbs RMD, RNFR, and DELE. Overly long parameters will result in stack based buffer overflows which can be leveraged to execute arbitrary code.
-
19:52
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 10-062 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netware NWFTPD daemon. Authentication or default anonymous access is required to exploit this vulnerability. The specific flaw exists when parsing malformed arguments to the verbs RMD, RNFR, and DELE. Overly long parameters will result in stack based buffer overflows which can be leveraged to execute arbitrary code.
-
-
9:00
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-056 - This update provides the OpenOffice.org 3.0 major version and holds multiple security updates relating to integer and heap buffer overflows.
-
9:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-056 - This update provides the OpenOffice.org 3.0 major version and holds multiple security updates relating to integer and heap buffer overflows.
-
-
21:00
»
Packet Storm Security Recent Files
Mandriva Linux Security Advisory 2010-031 - This advisory updates Wireshark to the version 1.0.11, which fixes The SMB and SMB2 dissectors could crash. The Infiniband dissector could crash on some platforms. Several buffer overflows were discovered and fixed in the LWRES dissector.
-
21:00
»
Packet Storm Security Advisories
Mandriva Linux Security Advisory 2010-031 - This advisory updates Wireshark to the version 1.0.11, which fixes The SMB and SMB2 dissectors could crash. The Infiniband dissector could crash on some platforms. Several buffer overflows were discovered and fixed in the LWRES dissector.
1337day (was: Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
SecurityFocus Vulnerabilities
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Hack a Day
Wirevolution