[Forgot Password]
Login  Register Subscribe

30481

 
 

423868

 
 

255116

 
 

909

 
 

198683

 
 

282

 
 
 
Paid content will be excluded from the download.

Filter
Matches : 44042 Download | Alert*

A denial-of-service attack related to glob brace expansion was discovered and fixed in pure-ftpd . Packages for 2009.0 are provided as of the Extended Maintenance Program

A vulnerability has been identified and fixed in dovecot: lib-mail/message-header-parser.c in Dovecot 1.2.x before 1.2.17 and 2.0.x before 2.0.13 does not properly handle '\0' characters in header names, which allows remote attackers to cause a denial of service via a crafted e-mail message . Packages for 2009.0 are provided as of the Extended Maintenance Program

Multiple vulnerabilities has been found and corrected in krb5: The krb5_ldap_lockout_audit function in the Key Distribution Center in MIT Kerberos 5 1.8 through 1.8.4 and 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service via unspecified vectors, related to the locked_check_p function . The lookup_lockout_policy function in the Key Distributi ...

A vulnerability has been found and corrected in sudo: The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ., which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedi ...

A vulnerability has been found and corrected in dhcp: ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of service via a zero-length client ID . The updated packages have been patched to correct this issue.

A vulnerability has been found and corrected in sudo: The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a file in the current working directory has the same name as a pseudo-command in the sudoers file and the PATH contains an entry for ., which allows local users to execute arbitrary commands via a Trojan horse executable, as demonstrated using sudoedi ...

A vulnerabilitiy has been found and corrected in sudo: sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name of the pseudo-command and the name of an executable file in an arbitrary directory, which allows local users to gain privileges via a crafted executable file, as demonstrated by a file named sudoedit in a user"s home director ...

MadWifi prior to 0.9.3.3 allowed remote attackers to cause a denial of service via a beacon frame with a large length value in the extended supported rates element, which would trigger an assertion error. Updated packages have been updated to 0.9.3.3 to correct this issue. Wpa_supplicant is built using madwifi-source and has been rebuilt using 0.9.3.3 source.

Several vulnerabilities were found in the vim editor: A number of input sanitization flaws were found in various vim system functions. If a user were to open a specially crafted file, it would be possible to execute arbitrary code as the user running vim . Ulf Härnhammar of Secunia Research found a format string flaw in vim"s help tags processor. If a user were tricked into executing th ...

Tavis Ormandy and Will Drewry found that the bost library did not properly perform input validation on regular expressions. An attacker could exploit this by sening a specially crafted regular expression to an application linked against boost and cause a denial of service via an application crash. The updated packages have been patched to correct this issue.


Pages:      Start    4214    4215    4216    4217    4218    4219    4220    4221    4222    4223    4224    4225    4226    4227    ..   4404

© SecPod Technologies