FreeBSD Security Advisory - The internal authentication server of hostapd does not sufficiently validate the message length field of EAP-TLS messages. A remote attacker could cause the hostapd daemon to abort by sending specially crafted EAP-TLS messages, resulting in a Denial of Service.
2e64da0ea32a2dac049fee64d2e2a83e329082a4961e1f7560ffefb7f8cc5160Hostapd versions 0.6 through 1.0 fail to validation EAP-TLS message length allowing for a possible denial of service condition.
a0941ae5fb0105278f2f227f2f8eeb6cb5597abe9be8c07f467d7e20a835d576PRE-CERT Security Advisory - A stack overflow vulnerability has been identified in FreeRADIUS that allows to remotely execute arbitrary code via specially crafted client certificates (before authentication). The vulnerability affects setups using TLS-based EAP methods (including EAP-TLS, EAP-TTLS, and PEAP).
b0d9e9f1f6322b919a73e21f48b721bb95437b973a72a0475504746bc07adab7When OpenOffice reads an ODF document, it first loads and processes an XML stream within the file called the manifest. Apache OpenOffice 3.4.0 has logic errors that allows a carefully crafted manifest to cause reads and writes beyond allocated buffers.
493c97b0d9779ff425aec7f71289318f69ad4df12dd5f0dbdc14075fa27d8e32LibreOffice versions prior to 3.5.5 and Apache OpenOffice versions 3.4.0 and below suffer from a code execution vulnerability.
3885049d1011ea25a22ee7462ec84341203997a45057579787881898c872ee6bPRE-CERT Security Advisory - The Linux kernel contains a vulnerability in the driver for HFS plus file systems that may be exploited for code execution or privilege escalation. A specially-crafted HFS plus filesystem can cause a buffer overflow via the memcpy() call of hfs_bnode_read() (in fs/hfsplus/bnode.c).
8a1ff866f8c109707f489791566f77bc54087a39904a2e9018d41836f35c9f85libzip versions 0.10 and below suffers from heap overflow and information leak vulnerabilities.
eca7dc942cdc097aced0ed595877bbe9eef5010c995ad730102ab89f12c39a5ePRE-CERT Security Advisory - The function countCENHeaders() in zip_util.c of the java.util.zip implementation contains an off-by-one bug. The bug can be exploited via corrupted ZIP files to cause an endless recursion. The endless recursion results in a segmentation fault of the JVM. Oracle Java SE and IcedTea6 have multiple affected versions.
b5f37a7f307a6f81bd2dc8df66689823d138dc57ed9df9c9fb504453144b4fc0The Linux kernel contains a vulnerability in the driver for Be file systems that may lead to a kernel oops via a corrupted Be file system. Kernel versions 2.4, 2.6, and 3.0 are affected.
7aa60e840264e721126ecf359feda1cd4f587b82e190993d8b1f6bc2af36bf12PRE-CERT Security Advisory - The tftp-hpa daemon contains a buffer overflow vulnerability in the function for setting the utimeout option. As the daemon accepts the option from clients, the vulnerability can be remotely exploited. Versions 0.30 through 5.0 are affected.
0a46a4e113dabe89a5380ccddb1dda0c299749eccc3f07ddbd3134e705cf6484PRE-CERT Security Advisory - The Linux kernel contains a vulnerability that may lead to an information disclosure or a denial-of-service due to corrupted partition tables on storage devices. The kernel automatically evaluates partition tables of storage devices. The code for evaluating EFI GUID partition tables contains a buffer overflow bug that allows to leak data from the kernel heap to userspace or that may allow to cause a kernel oops resulting in a denial of service.
1f10331d92917440315f19d8592e62a5b1799c17bfff9f97e6fe3a68a516883dPRE-CERT Security Advisory - The Linux kernel contains a vulnerability that may lead to a denial-of-service due to corrupted partition tables on storage devices. The kernel automatically evaluates partition tables of storage devices. This happens independently of whether any auto-mounting is enabled or not. The code for evaluating EFI GUID partition tables contains a buffer overflow bug that allows to cause kernel oops resulting in a denial of service.
c706d8f1111e5e6772c99b27b909ea43d70a53491a02c722e6e124b5baa947ebPRE-CERT Security Advisory - The Linux kernel contains a vulnerability that may lead to information leakage due to corrupted partition tables. The kernel automatically evaluates partition tables of storage devices. This happens independently of whether any auto-mounting is enabled or not. The code for evaluating OSF partition tables contains a buffer overflow bug that allows to leak data from the kernel heap to userspace.
840a78e369ff5c0e92b3309786394686661b6bce2c03f29b8b88ff04b1d3ea53
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed