[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

77982

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

Stéphane Bertin discovered a flaw in the pam_krb5 existing_ticket configuration option where, if enabled and using an existing credential cache, it was possible for a local user to gain elevated privileges by using a different, local user"s credential cache . The updated packages have been patched to prevent this issue.

A denial of service condition was found in Ruby"s regular expression engine. If a Ruby script tried to process a large amount of data via a regular expression, it could cause Ruby to enter an infinite loop and crash . A number of flaws were found in Ruby that could allow an attacker to create a carefully crafted script that could allow for the bypass of certain safe-level restrictions . A denial o ...

Two denial of service vulnerabilities were discovered in the ipsec-tools racoon daemon, which could allow a remote attacker to cause it to consume all available memory . The updated packages have been patched to prevent these issues.

A buffer overflow in the SGI image format decoding routines used by the CUPS image converting filter imagetops was discovered. An attacker could create malicious SGI image files that could possibly execute arbitrary code if the file was printed . An integer overflow flaw leading to a heap buffer overflow was found in the Text-to-PostScript texttops filter. An attacker could create a malicious text ...

The NSS plugin in libpurple in Pidgin 2.4.1 does not verify SSL certificates, which makes it easier for remote attackers to trick a user into accepting an invalid server certificate for a spoofed service. Pidgin 2.4.1 allows remote attackers to cause a denial of service via a long filename that contains certain characters, as demonstrated using an MSN message that triggers the crash in the msn_s ...

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The error-reporting functionality in fs/ext2/dir.c, fs/ext3/dir.c, and possibly fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service by mounting a filesystem that has cor ...

Some vulnerabilities were discovered and corrected in the Linux 2.6 kernel: The error-reporting functionality in fs/ext2/dir.c, fs/ext3/dir.c, and possibly fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which allows physically proximate attackers to cause a denial of service by mounting a filesystem that has cor ...

A heap-based buffer overflow was found in how libxml2 handled long XML entity names. If an application linked against libxml2 processed untrusted malformed XML content, it could cause the application to crash or possibly execute arbitrary code . The updated packages have been patched to prevent this issue. As well, the patch to fix CVE-2008-3281 has been updated to remove the hard-coded entity lim ...

Multiple security vulnerabilities has been identified and fixed in ghostscript: Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation . Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-depend ...

Multiple security vulnerabilities has been identified and fixed in netpbm: Multiple integer overflows in JasPer 1.900.1 might allow context-dependent attackers to have an unknown impact via a crafted image file, related to integer multiplication for memory allocation . Buffer overflow in the jas_stream_printf function in libjasper/base/jas_stream.c in JasPer 1.900.1 might allow context-dependent a ...


Pages:      Start    8    9    10    11    12    13    14    15    16    17    18    19    20    21    ..   182

© 2013 SecPod Technologies