[Forgot Password]
Login  Register Subscribe

30480

 
 

423868

 
 

253390

 
 

909

 
 

197257

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 196372 Download | Alert*

It was discovered that BIND, a DNS server, does not handle DNS records properly which approach size limits inherent to the DNS protocol. An attacker could use crafted DNS records to crash the BIND server process, leading to a denial of service.

It was discovered that BIND, a DNS server, hangs while constructing the additional section of a DNS reply, when certain combinations of resource records are present. This vulnerability affects both recursive and authoritative servers.

KB Sriram discovered that GnuPG, the GNU Privacy Guard did not sufficiently sanitise public keys on import, which could lead to memory and keyring corruption. The problem affects both version 1, in the "gnupg" package, and version two, in the "gnupg2" package.

It was discovered that the e1000 emulation code in QEMU does not enforce frame size limits in the same way as the real hardware does. This could trigger buffer overflows in the guest operating system driver for that network card, assuming that the host system does not discard such frames .

It was discovered that the e1000 emulation code in QEMU does not enforce frame size limits in the same way as the real hardware does. This could trigger buffer overflows in the guest operating system driver for that network card, assuming that the host system does not discard such frames .

Jann Horn had reported two vulnerabilities in Samba, a popular cross-platform network file and printer sharing suite. In particular, these vulnerabilities affect to SWAT, the Samba Web Administration Tool. CVE-2013-0213: Clickjacking issue in SWAT An attacker can integrate a SWAT page into a malicious web page via a frame or iframe and then overlaid by other content. If an authenticated valid user ...

A buffer overflow was found in the e1000e emulation, which could be triggered when processing jumbo frames.

Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2013-1635 If a PHP application accepted untrusted SOAP object input remotely from clients, an attacker could read system files readable for the webserver. CVE-2013-1643 The soap.wsdl_cache_dir function did not take PHP open_basedir r ...

Matthew Horsfall of Dyn, Inc. discovered that BIND, a DNS server, is prone to a denial of service vulnerability. A remote attacker could use this flaw to send a specially-crafted DNS query to named that, when processed, would cause named to use an excessive amount of memory, or possibly crash.

It was discovered that a malicious client could crash a GNUTLS server and vice versa, by sending TLS records encrypted with a block cipher which contain invalid padding. The oldstable distribution is not affected because the security fix that introduced this vulnerability was not applied to it.


Pages:      Start    7743    7744    7745    7746    7747    7748    7749    7750    7751    7752    7753    7754    7755    7756    ..   19637

© SecPod Technologies