[Forgot Password]
Login  Register Subscribe

23631

 
 

126941

 
 

98250

 
 

909

 
 

79281

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 1830 Download | Alert*

A vulnerability was found in the Lynxcgi: URI handler that could allow an attacker to create a web page redirecting to a malicious URL that would execute arbitrary code as the user running Lynx, if they were using the non-default Advanced user mode . This update corrects these issues and, in addition, makes Lynx always prompt the user before loading a lynxcgi: URI. As well, the default lynx.cfg co ...

A number of vulnerabilities were discovered in Wireshark that could cause it to crash or abort while processing malicious packets . This update provides Wireshark 1.0.4, which is not vulnerable to these issues.

The ACL plugin in dovecot prior to version 1.1.4 treated negative access rights as though they were positive access rights, which allowed attackers to bypass intended access restrictions . The ACL plugin in dovecot prior to version 1.1.6 allowed attackers to bypass intended access restrictions by using the "k" right to create unauthorized "parent/child/child" mailboxes . In addition, two bugs were ...

A security vulnerability has been identified and fixed in nfs-utils, which caused TCP Wrappers to ignore netgroups and allows remote attackers to bypass intended access restrictions . The updated packages have been patched to prevent this.

Multiple integer overflows in GLib"s Base64 encoding and decoding functions enable attackers either to cause denial of service and to execute arbitrary code via an untrusted input . This update provide the fix for that security issue.

A denial of service vulnerability was discovered in how Net-SNMP processed GETBULK requests. A remote attacker with read access to the SNMP server could issue a specially-crafted request which would cause snmpd to crash . Please note that for this to be successfully exploited, an attacker must have read access to the SNMP server. By default, the public community name grants read-only access, howev ...

Drew Yaro of the Apple Product Security Team found two flaws in libxml2. The first is a denial of service flaw in libxml2"s XML parser. If an application linked against libxml2 were to process certain malformed XML content, it cause the application to enter an infinite loop . The second is an integer overflow that caused a heap-based buffer overflow in libxml2"s XML parser. If an application linke ...

Multiple vulnerabilities has been found and corrected in mysql: MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b"" token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service by using this token in a SQL statement . MySQL before 5.0.67 allows local users to bypass certain privilege checks by calling CREATE TABLE ...

Multiple vulnerabilities has been found and corrected in mysql: MySQL 5.0 before 5.0.66, 5.1 before 5.1.26, and 6.0 before 6.0.6 does not properly handle a b"" token, aka an empty bit-string literal, which allows remote attackers to cause a denial of service by using this token in a SQL statement . MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a M ...

Several vulnerabilities were found in the vim editor: A number of input sanitization flaws were found in various vim system functions. If a user were to open a specially crafted file, it would be possible to execute arbitrary code as the user running vim . Ulf Härnhammar of Secunia Research found a format string flaw in vim"s help tags processor. If a user were tricked into executing th ...


Pages:      Start    9    10    11    12    13    14    15    16    17    18    19    20    21    22    ..   182

© 2013 SecPod Technologies