Page 45 of 249 results (0.023 seconds)

CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1

Multiple buffer overflows in Python 2.5.2 and earlier on 32bit platforms allow context-dependent attackers to cause a denial of service (crash) or have unspecified other impact via a long string that leads to incorrect memory allocation during Unicode string processing, related to the unicode_resize function and the PyMem_RESIZE macro. Múltiples desbordamientos de búfer en Python 2.5.2 y anteriores en plataformas de 32bit. Permite a atacantes dependientes de contexto causar denegación de servicio (crash) o tener otros impactos no especificados a través de una cadena larga que conduce a una asignación incorrecta de memoria durante el procesamiento de la cadena Unicode, relacionado con la función unicode_resize y el macro PyMem_RESIZE. • http://bugs.gentoo.org/show_bug.cgi?id=232137 http://bugs.python.org/file10825/issue2620-gps02-patch.txt http://bugs.python.org/issue2620 http://lists.apple.com/archives/security-announce/2009/Feb/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00006.html http://secunia.com/advisories/31305 http://secunia.com/advisories/31332 http://secunia.com/advisories/31358 http://secunia.com/advisories/31365 http://secunia.com/advisories/31473 http://secunia. • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 8.8EPSS: 7%CPEs: 3EXPL: 1

Mozilla Firefox 3 before 3.0.1 on Mac OS X allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted GIF file that triggers a free of an uninitialized pointer. Mozilla Firefox 3 anterior a la versión 3.0.1 sobre Mac OS X permite a atacante remotos causar una denegación de servicio (Con caida de la aplicación) o posiblemente ejecutar codigo arbitrario mediante un fichero GIF manipulado que ocasiona la liberacion de un puntero no inicializado. • http://secunia.com/advisories/31132 http://secunia.com/advisories/31270 http://secunia.com/advisories/34501 http://securitytracker.com/id?1020516 http://sunsolve.sun.com/search/document.do?assetkey=1-26-256408-1 http://www.mozilla.org/security/announce/2008/mfsa2008-36.html http://www.securityfocus.com/bid/30266 http://www.ubuntu.com/usn/usn-626-1 http://www.vupen.com/english/advisories/2008/2125 http://www.vupen.com/english/advisories/2009/0977 https://bugzilla.mo • CWE-908: Use of Uninitialized Resource •

CVSS: 7.8EPSS: 0%CPEs: 11EXPL: 0

The do_change_type function in fs/namespace.c in the Linux kernel before 2.6.22 does not verify that the caller has the CAP_SYS_ADMIN capability, which allows local users to gain privileges or cause a denial of service by modifying the properties of a mountpoint. La función do_change_type en fs/namespace.c del núcleo de Linux en versiones anteriores a 2.6.22 no verifica que la persona que llama tiene la capacidad CAP_SYS_ADMIN, lo cual permite a usuarios locales conseguir privilegios o provocar una denegación de servicio mediante la modificación de las propiedades de un punto de montaje. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commitdiff%3Bh=ee6f958291e2a768fd727e7a67badfff0b67711a http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.22 http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00001.html http://secunia.com • CWE-269: Improper Privilege Management •

CVSS: 7.8EPSS: 0%CPEs: 22EXPL: 0

The Linux kernel before 2.6.25.10 does not properly perform tty operations, which allows local users to cause a denial of service (system crash) or possibly gain privileges via vectors involving NULL pointer dereference of function pointers in (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, and (8) wireless/strip.c in drivers/net/. El núcleo de Linux anterior a 2.6.25.10, no realiza de forma adecuada las operaciones tty, esto permite a usuarios locales provocar una denegación de servicio (caída del sistema) o posiblemente obtener privilegios mediante vectores que contienen referencias a puntero NULO en los punteros a funciones en (1) hamradio/6pack.c, (2) hamradio/mkiss.c, (3) irda/irtty-sir.c, (4) ppp_async.c, (5) ppp_synctty.c, (6) slip.c, (7) wan/x25_asy.c, y (8) wireless/strip.c en drivers/net/. • http://git.kernel.org/?p=linux/kernel/git/stable/linux-2.6.25.y.git%3Ba=commitdiff%3Bh=2a739dd53ad7ee010ae6e155438507f329dce788 http://kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.25.10 http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00007.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00000.html http://l • CWE-476: NULL Pointer Dereference •

CVSS: 6.8EPSS: 13%CPEs: 35EXPL: 3

The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic via a birthday attack that uses in-bailiwick referrals to conduct cache poisoning against recursive resolvers, related to insufficient randomness of DNS transaction IDs and source ports, aka "DNS Insufficient Socket Entropy Vulnerability" or "the Kaminsky bug." El protocolo DNS, como es implementado en (1) BIND 8 y 9 en versiones anteriores a 9.5.0-P1, 9.4.2-P1 y 9.3.5-P1; (2) Microsoft DNS en Windows 2000 SP4, XP SP2 y SP3 y Server 2003 SP1 y SP2; y otras implementaciones permiten a atacantes remotos suplantar el tráfico DNS a través de un ataque de un cumpleaños que usa referencias in-bailiwick para llevar a cabo un envenenamiento del caché contra resolutores recursivos, relacionado con la insifuciente aleatoriedad de la ID de la transacción DNS y los puertos de origen, vulnerabilidad también conocida como "DNS Insufficient Socket Entropy Vulnerability" o "the Kaminsky bug". • https://www.exploit-db.com/exploits/6122 https://www.exploit-db.com/exploits/6130 https://www.exploit-db.com/exploits/6123 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2008-009.txt.asc http://blog.invisibledenizen.org/2008/07/kaminskys-dns-issue-accidentally-leaked.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=494401 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01523520 http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID • CWE-331: Insufficient Entropy •