[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

248392

 
 

909

 
 

195452

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 5607 Download | Alert*

LZO is a portable lossless data compression library written in ANSI C. An integer overflow flaw was found in the way the lzo library decompressed certain archives compressed with the LZO algorithm. An attacker could create a specially crafted LZO-compressed input that, when decompressed by an application using the lzo library, would cause that application to crash or, potentially, execute arbitrar ...

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was discovered that Apache Tomcat did not limit the length of chunk sizes when using chunked transfer encoding. A remote attacker could use this flaw to perform a denial of service attack against Tomcat by streaming an unlimited quantity of data, leading to excessive consumption of server resources. I ...

Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. A heap-based buffer overflow flaw was found in Samba"s NetBIOS message block daemon . An attacker on the local network could use this flaw to send specially crafted packets that, when processed by nmbd, co ...

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. It was found that several application-provided XML files, such as web.xml, content.xml, *.tld, *.tagx, and *.jspx, resolved external entities, permitting XML External Entity attacks. An attacker able to deploy malicious applications to Tomcat could use this flaw to circumvent security restrictions set by ...

The 389 Directory Server is an LDAPv3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. It was found that when replication was enabled for each attribute in 389 Directory Server, which is the default configuration, the server returned replicated metadata when the directory was searched while debugging ...

KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. Two integer overflow flaws were found in the QEMU block driver for QCOW version 1 disk images. A user able to alter the QEMU disk image files loaded by a guest could use either of these flaws to corrupt QEMU process memory on ...

OpenSSL is a toolkit that implements the Secure Sockets Layer, Transport Layer Security, and Datagram Transport Layer Security protocols, as well as a full-strength, general purpose cryptography library. This update adds support for the TLS Fallback Signaling Cipher Suite Value, which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS prot ...

The wget package provides the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. A flaw was found in the way Wget handled symbolic links. A malicious FTP server could allow Wget running in the mirror mode to write an arbitrary file to a location writable to by the user running Wget, possibly leading to code execution. Note: This update changes the default value of the --retr-sym ...

The kernel packages contain the Linux kernel, the core of any Linux operating system. This update fixes the following security issues: * Numerous reference count leaks were found in the Linux kernel"s block layer I/O context handling implementation. This could allow a local, unprivileged user to cause a denial of service. * A flaw was found in the Linux kernel"s cifs_lookup implementation. POSIX ...

Mozilla Thunderbird is a standalone mail and newsgroup client. A flaw was found in Sanitiser for OpenType , used by Thunderbird to help prevent potential exploits in malformed OpenType fonts. Malicious content could cause Thunderbird to crash or, under certain conditions, possibly execute arbitrary code with the privileges of the user running Thunderbird. Malicious content could cause Thunderbird ...


Pages:      Start    378    379    380    381    382    383    384    385    386    387    388    389    390    391    ..   560

© SecPod Technologies