Page 6 of 31 results (0.008 seconds)

CVSS: 10.0EPSS: 16%CPEs: 3EXPL: 0

Multiple integer overflows in the DPRPC library (DPRPCW32.DLL) in Novell Client 4.83 SP3, 4.90 SP2 and 4.91 SP2 allow remote attackers to execute arbitrary code via an XDR encoded array with a field that specifies a large number of elements, which triggers the overflows in the ndps_xdr_array function. NOTE: this was originally reported to be a buffer overflow by Novell, but the original cause is an integer overflow. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046048.html http://secunia.com/advisories/20048 http://securitytracker.com/id?1016052 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2973719.htm http://www.hustlelabs.com/novell_ndps_advisory.pdf http://www.osvdb.org/25429 http://www.securityfocus.com/archive/1/434017/100/0/threaded http://www.securityfocus.com/bid/17931 http://www.vupen.com/english/advisories/2006/1759 https://exchange.xforce.ibmcloud. •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges. • http://secunia.com/advisories/11014 http://securitytracker.com/id?1008755 http://support.novell.com/cgi-bin/search/searchtid.cgi?/10090585.htm http://www.ciac.org/ciac/bulletins/o-090.shtml http://www.osvdb.org/4120 http://www.securityfocus.com/bid/9441 https://exchange.xforce.ibmcloud.com/vulnerabilities/15367 •

CVSS: 5.0EPSS: 0%CPEs: 252EXPL: 0

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 http://fedoranews.org/updates/FEDORA-2004-095.shtml http://marc.info/?l=bugtraq&m=107955049331965&w=2 http://marc.info/?l=bugtraq&m=108403850228012&w=2 http://rhn.redhat.com/errata/RHSA-2004-119.html http://secunia.com/advisories/11139 http://security.gen •

CVSS: 7.5EPSS: 0%CPEs: 252EXPL: 0

The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. La función do_change_cipher_spec en OpenSSL 0.9.6c hasta 0.9.6.k y 0.9.7a hasta 0.9.7c permite que atacantes remotos provoquen una denegación de servicio (caída) mediante una hábil unión SSL/TLS que provoca un puntero nulo. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-04:05.openssl.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 http://docs.info.apple.com/article.html?artnum=61798 http://fedoranews.org/updates/FEDORA-2004-095.shtml http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http&# • CWE-476: NULL Pointer Dereference •

CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0

Buffer overflow in Novell NetWare Client 4.80 through 4.83 allows local users to cause a denial of service (crash) by using ping, traceroute, or a similar utility to force the client to resolve a large hostname. • http://support.novell.com/servlet/tidfinder/2962694 http://www.cqure.net/advisories.jsp?id=15 https://exchange.xforce.ibmcloud.com/vulnerabilities/9035 •