Page 54 of 495 results (0.011 seconds)

CVSS: 7.5EPSS: 9%CPEs: 34EXPL: 0

Buffer overflow in the MSN protocol plugins (1) object.c and (2) slp.c for Gaim before 0.82 allows remote attackers to cause a denial of service and possibly execute arbitrary code via MSNSLP protocol messages that are not properly handled in a strncpy call. Desbordamiento de búfer en los conectores de protocolo MSN (1) object.c y (2) slp.c en Gaim anteriores a 0.83 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código de su elección mediante mensajes de protocolo MSNSLP que no son manejados adecuadamene por una llamada strncpy. • http://gaim.sourceforge.net/security/?id=0 http://www.fedoranews.org/updates/FEDORA-2004-278.shtml http://www.fedoranews.org/updates/FEDORA-2004-279.shtml http://www.gentoo.org/security/en/glsa/glsa-200408-12.xml http://www.gentoo.org/security/en/glsa/glsa-200408-27.xml http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:081 http://www.novell.com/linux/security/advisories/2004_25_gaim.html http://www.redhat.com/support/errata/RHSA-2004-400.html ht •

CVSS: 10.0EPSS: 26%CPEs: 13EXPL: 3

Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields. Múltiples desbordamientos de búfer en Sound eXchange (SoX) anteriores a 12.17 permite a atacantes remotos ejecutar código arbitrario mediante ciertos campos de cabecera de ficheros WAV. • https://www.exploit-db.com/exploits/374 https://www.exploit-db.com/exploits/369 http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000855 http://lwn.net/Articles/95529 http://lwn.net/Articles/95530 http://seclists.org/fulldisclosure/2004/Jul/1227.html http://secunia.com/advisories/12175 http://www.debian.org/security/2004/dsa-565 http://www.gentoo.org/security/en/glsa/glsa-200407-23.xml h •

CVSS: 7.5EPSS: 90%CPEs: 44EXPL: 0

Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages for HTTPS that are handled by the ssl_log function. Vulnerabilidad de cadena de formateo en la función ssl_log en ssl_engine_log.c en mod_ssl 2.8.10 de Apache 1.3.31 puede permitir a atacantes remotos ejecutar mensajes de su elección mediante especificadores de cadena de formato en ciertos mensajes de registro de HTTPS. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000857 http://marc.info/?l=apache-modssl&m=109001100906749&w=2 http://marc.info/?l=bugtraq&m=109005001205991&w=2 http://packetstormsecurity.org/0407-advisories/modsslFormat.txt http://virulent.siyahsapka.org http://www.debian.org/security/2004/dsa-532 http://www.kb.cert.org/vuls/id/303448 http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:075 http://www.osvdb.org/7929 http://www.redhat. •

CVSS: 10.0EPSS: 3%CPEs: 9EXPL: 0

Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code. Desbordamiento de búfer en write_packet en control.c de l2tpd puede permitir a atacantes remotos ejecutar código arbitrario. • http://marc.info/?l=bugtraq&m=108640917925735&w=2 http://security.gentoo.org/glsa/glsa-200407-17.xml http://www.debian.org/security/2004/dsa-530 https://exchange.xforce.ibmcloud.com/vulnerabilities/16326 •

CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0

Rule Set Based Access Control (RSBAC) 1.2.2 through 1.2.3 allows access to sys_creat, sys_open, and sys_mknod inside jails, which could allow local users to gain elevated privileges. • http://marc.info/?l=bugtraq&m=108861182906067&w=2 http://marc.info/?l=bugtraq&m=108879977120430&w=2 http://www.rsbac.org/download/bugfixes http://www.securityfocus.com/bid/10640 https://exchange.xforce.ibmcloud.com/vulnerabilities/16552 •