[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

251139

 
 

909

 
 

196159

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

Multiple double free, buffer overflow, invalid free and improper overflow checks vulnerabilities was found and corrected in libssh . The updated packages have been upgraded to the 0.5.3 version which is not affected by these issues.

A vulnerability has been found and corrected in libssh: The publickey_from_privatekey function in libssh before 0.5.4, when no algorithm is matched during negotiations, allows remote attackers to cause a denial of service via a Client: Diffie-Hellman Key Exchange Init packet. The updated packages have been upgraded to the 0.5.4 version which is not affected by this issue.

A vulnerability have been discovered and corrected in libtheora: Integer overflow in libtheora in Xiph.Org Theora before 1.1 allows remote attackers to cause a denial of service or possibly execute arbitrary code via a video with large dimensions . The updated packages have been patched to correct this issue.

A vulnerability has been found and corrected in nss_db: The Free Software Foundation Berkeley DB NSS module 2.2.3pre1 reads the DB_CONFIG file in the current working directory, which allows local users to obtain sensitive information via a symlink attack involving a setgid or setuid application that uses this module . The updated packages have been patched to correct this issue.

A vulnerability has been found and corrected in postfix: Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user"s account name . This update provides a solution to this vulnerability.

A vulnerability has been found and corrected in mod_auth_mysql: SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql module for the Apache HTTP Server 2.x allows remote attackers to execute arbitrary SQL commands via multibyte character encodings for unspecified input . This update provides fixes for this vulnerability.

A vulnerability has been found and corrected in memcached: Multiple integer overflows in memcached 1.1.12 and 1.2.2 allow remote attackers to execute arbitrary code via vectors involving length attributes that trigger heap-based buffer overflows . This update provides a solution to this vulnerability. Additionally memcached-1.2.x has been upgraded to 1.2.8 for 2009.0/2009.1 and MES 5 that contains ...

A vulnerability has been found and corrected in mod_auth_mysql: SQL injection vulnerability in mod_auth_mysql.c in the mod-auth-mysql module for the Apache HTTP Server 2.x allows remote attackers to execute arbitrary SQL commands via multibyte character encodings for unspecified input . This update provides fixes for this vulnerability. Update: Packages for 2008.0 are provided for Corporate Deskt ...

The process_stat function in Memcached prior 1.2.8 discloses memory-allocation statistics in response to a stats malloc command, which allows remote attackers to obtain potentially sensitive information by sending this command to the daemon"s TCP port . The updated packages have been patched to prevent this.

A vulnerability has been found and corrected in postfix: Postfix 2.5 before 2.5.4 and 2.6 before 2.6-20080814 delivers to a mailbox file even when this file is not owned by the recipient, which allows local users to read e-mail messages by creating a mailbox file corresponding to another user"s account name . This update provides a solution to this vulnerability. Update: Packages for 2008.0 are be ...


Pages:      Start    143    144    145    146    147    148    149    150    151    152    153    154    155    156    ..   182

© SecPod Technologies