|Paid content will be excluded from the download.
| Matches : 2952
|It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges.
David Wheeler discovered a buffer overflow in ldns"s code to parse RR records, which could lead to the execution of arbitrary code.
It was discovered that the Apache FCGID module, a FastCGI implementation, did not properly enforce the FcgidMaxProcessesPerClass resource limit, rendering this control ineffective and potentially allowing a virtual host to consume excessive resources.
cURL is a command-line tool and library for transferring data with URL syntax. It was discovered that the countermeasures against the Dai/Rogaway chosen-plaintext attack on SSL/TLS cause interoperability issues with some server implementations. This update ads the the CURLOPT_SSL_OPTIONS and CURLSSLOPT_ALLOW_BEAST options to the library, and the - --ssl-allow-beast option to the "curl" ...
Several vulnerabilities have been discovered in Sympa, a mailing list manager, that allow to skip the scenario-based authorization mechanisms. This vulnerability allows to display the archives management page, and download and delete the list archives by unauthorized users.
It was discovered that Performance Co-Pilot , a framework for performance monitoring, contains several vulnerabilites. CVE-2012-3418 Multiple buffer overflows in the PCP protocol decoders can cause PCP clients and servers to crash or, potentially, execute arbitrary code while processing crafted PDUs. CVE-2012-3419 The "linux" PMDA used by the pmcd daemon discloses sensitive information f ...
It was discovered that Moin, a Python clone of WikiWiki, incorrectly evaluates ACLs when virtual groups are involved. This may allow certain users to have additional permissions or lack expected permissions.
Several vulnerabilities were found in libexif, a library used to parse EXIF meta-data on camera files. CVE-2012-2812: A heap-based out-of-bounds array read in the exif_entry_get_value function allows remote attackers to cause a denial of service or possibly obtain potentially sensitive information from process memory via an image with crafted EXIF tags. CVE-2012-2813: A heap-based out-of-bounds ar ...
James Clawson discovered that rssh, a restricted shell for OpenSSH to be used with scp/sftp, rdist and cvs, was not correctly filtering command line options. This could be used to force the execution of a remote script and thus allow arbitrary command execution. Two CVE were assigned: CVE-2012-2251 Incorrect filtering of command line when using rsync protocol. It was for example possible to pass d ...
"halfdog" discovered that incorrect interrupt handling in Virtualbox, a x86 virtualization solution - can lead to denial of service.
Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   295
© 2013 SecPod Technologies