[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

251782

 
 

909

 
 

196543

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 6597 Download | Alert*

A flaw has been found in the OpenSSL TLS server extension code parsing which on affected servers can be exploited in a buffer overrun attack. This allows an attacker to cause an appliation crash or potentially to execute arbitrary code. However, not all OpenSSL based SSL/TLS servers are vulnerable: A server is vulnerable if it is multi-threaded and uses OpenSSL"s internal caching mechanism. In par ...

Two buffer overflows were found in the Freetype font library, which could lead to the execution of arbitrary code.

Several vulnerabilities have been found in exim4 that allow a remote attacker to execute arbitrary code as root user. Exploits for these issues have been seen in the wild. This update fixes a memory corruption issue that allows a remote attacker to execute arbitrary code as the Debian-exim user . A fix for an additional issue that allows the Debian-exim user to obtain root privileges is currently ...

The updated packages from DSA-2154-1 introduced a regression which prevented unprivileged users from using "exim4 -bf" to test filter configurations. This update fixes this problem. Please also read the information provided in DSA-2154-1 if you have not done so already.

A design flaw in exim4 allowed the loal Debian-exim user to obtain root privileges by specifying an alternate configuration file using the -C option or by using the macro override facility . Unfortunately, fixing this vulnerability is not possible without some changes in exim4"s behvaviour. If you use the -C or -D options or use the system filter facility, you should evaluate the changes carefull ...

MWR InfoSecurity identified a buffer overflow in pcscd, middleware to access a smart card via PC/SC, which could lead to the execution of arbitrary code.

Marc Schoenefeld discovered an improper input sanitization in Pango, a library for layout and rendering of text, leading to array indexing error. If a local user was tricked into loading a specially-crafted font file in an application, using the Pango font rendering library, it could lead to denial of service .

It was discovered that Request Tracker, an issue tracking system, stored passwords in its database by using an insufficiently strong hashing method. If an attacker would have access to the password database, he could decode the passwords stored in it.

Several security related problems have been discovered in the OpenOffice.org package that allows malformed documents to trick the system into crashes or even the execution of arbitrary code. CVE-2010-3450 During an internal security audit within Red Hat, a directory traversal vulnerability has been discovered in the way OpenOffice.org 3.1.1 through 3.2.1 processes XML filter files. If a local user ...

Two cross site scripting vulnerabilities were been discovered in Mailman, a web-based mailing list manager. These allowed an attacker to retrieve session cookies via inserting crafted JavaScript into confirmation messages and in the list admin interface .


Pages:      Start    428    429    430    431    432    433    434    435    436    437    438    439    440    441    ..   659

© SecPod Technologies