similar to: CVE-2008-1105 - Boundary failure when parsing SMB responses

Displaying 20 results from an estimated 1000 matches similar to: "CVE-2008-1105 - Boundary failure when parsing SMB responses"

2008 May 28
0
[SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure when parsing SMB responses == can result in a buffer overrun == == CVE ID#: CVE-2008-1105 == == Versions: Samba 3.0.0 - 3.0.29 (inclusive) == == Summary: Specifically crafted SMB responses can result == in a heap overflow
2007 Dec 10
1
[SECURITY] Buffer overrun in send_mailslot()
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure in GETDC mailslot == processing can result in a buffer overrun == == CVE ID#: CVE-2007-6015 == == Versions: Samba 3.0.0 - 3.0.27a (inclusive) == == Summary: Specifically crafted GETDC mailslot requests == can trigger a
2009 Sep 19
3
sieve security problem
hi , anybody knows more about this ? http://secunia.com/advisories/36698/ http://secunia.com/advisories/36629/ http://secunia.com/advisories/36713/ -- Best Regards MfG Robert Schetterer Germany/Munich/Bavaria
2006 Jul 10
5
[SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Memory exhaustion DoS against smbd == CVE ID#: CAN-2006-1059 == == Versions: Samba Samba 3.0.1 - 3.0.22 (inclusive) == == Summary: smbd may allow internal structures == maintaining state for share connections == to grow unbounded. ==
2006 Jul 10
5
[SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Memory exhaustion DoS against smbd == CVE ID#: CAN-2006-1059 == == Versions: Samba Samba 3.0.1 - 3.0.22 (inclusive) == == Summary: smbd may allow internal structures == maintaining state for share connections == to grow unbounded. ==
2006 Nov 28
1
GNU Tar vulnerability
Please, note: http://secunia.com/advisories/23115/ A port maintainer CC'ed. -- Dixi. Sem.
2007 Oct 08
5
3.1.1 RC4?
Keir, I noticed that a Shadow patch went into the 3.1.1 staging tree today. Does this mean that we should expect a 4th release candidate before the 3.1.1 release tag is official? If so - how much testing time are you going to give that release candidate before deciding whether a release tag, or another RC round is appropriate? Ben Guthro _______________________________________________
2006 Mar 19
2
Functional Testing
Hey all, I have a many-to-many relationship (Questions has_and_belongs_to_many Answers), and when I destroy the Question (the one) I also destroy all the Answers (the many). Since the following doesn''t seem to work for has_and_belongs_to_many: class Question < AR::Base... has_and_belongs_to_many :answers, :dependent => :destroy end I have this embedded in a transaction block
2005 Apr 05
1
Secunia / Firefox Javascript "Arbitrary Memory Exposure" test
I just confirmed the following bug on my firefox. http://secunia.com/advisories/14820/ Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050219 Firefox/1.0 (I think my firefox is a month or two behind, from ports, but the advisary indicates both 1.0.1 and 1.0.2 are effected.) FreeBSD localhost 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004
2006 Oct 21
4
CentOS 3.8 Kernel Update with NVIDIA Video Card
I need some advice. I updated the kernel but when I restarted my computer I got the following error message: -- I cannot start the X server (your graphical interface). It is likely that it is not set up correctly. ... Failed to load the NVIDIA kernel module! -- I've started my computer using the old kernel. I found out that there's a new nvidia driver so I will also update it.
2007 Nov 15
0
[SECURITY] CVE-2007-5398 - Remote Code Execution in Samba's nmbd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Remote code execution in Samba's WINS == server daemon (nmbd) when processing name == registration followed name query requests. == == CVE ID#: CVE-2007-5398 == == Versions: Samba 3.0.0 - 3.0.26a (inclusive) == == Summary: When nmbd
2007 Dec 10
0
[SECURITY] Buffer overrun in send_mailslot()
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Boundary failure in GETDC mailslot == processing can result in a buffer overrun == == CVE ID#: CVE-2007-6015 == == Versions: Samba 3.0.0 - 3.0.27a (inclusive) == == Summary: Specifically crafted GETDC mailslot requests == can trigger a
2007 Nov 15
0
[SECURITY] CVE-2007-5398 - Remote Code Execution in Samba's nmbd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Remote code execution in Samba's WINS == server daemon (nmbd) when processing name == registration followed name query requests. == == CVE ID#: CVE-2007-5398 == == Versions: Samba 3.0.0 - 3.0.26a (inclusive) == == Summary: When nmbd
2005 Apr 21
6
Information disclosure?
Hello, For some reason, I thought little about the "clear" command today.. Let's say a privileged user (root) logs on, edit a sensitive file (e.g, a file containing a password, running vipw, etc) .. then runs clear and logout. Then anyone can press the scroll-lock command, scroll back up and read the sensitive information.. Isn't "clear" ment to clear the
2006 Jul 28
2
Ruby vulnerability?
Hi, FYI, Red Hat released an advisory today about a vulnerability in Ruby. So far it doesn't appear in the VuXML, but am I correct in presuming it will soon? https://rhn.redhat.com/errata/RHSA-2006-0604.html http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694 cheers, -- Joel Hatton -- Infrastructure Manager | Hotline: +61 7 3365 4417 AusCERT - Australia's national
2003 Oct 19
23
Notification
************* eManager Notification ************** Recipient, Content filter has detected a sensitive e-mail. Destination mailbox(es): "samba@samba.org" ******************* End of message ******************* -------------- next part -------------- Received: from 208.8.92.167 by jupiter.INSIDEAI.COM (InterScan E-Mail VirusWall NT); Sun, 19 Oct 2003 14:55:27 -0400 Received: from
1999 Dec 06
2
Pam errors in Solaris
regarding the segfault that shows up when calling pam_open_session in sshd under solaris-- In the dec 1 Solaris 7 patch report update, there is one mention of pam: Patch-ID# 107285-01 Synopsis: SunOS 5.7: passwd & pam_unix.so.1 patch BugId's fixed with this patch: 4172457 Changes incorporated in this version: Date: Aug/17/99 but it doesn't seem to be freely available -- when looking
2008 Sep 04
2
isoMDS and dist
I am starting with a matrix in which rows are vegetation plots and columns are various characteristics including ID# and elevation. I removed elevation and ID columns to avoid having those characteristics influence the distances between points which I calculated using the "dist" command. The resulting distance file was then used in isoMDS. What I want to know is whether I can
2002 Oct 14
2
Another newbie question: curve of normal distribution
I would like to get a curve of normal distrubtion over the histogram. Something like the following (which obviously doesn't work; see attached example). maluj <- function() { vrhy=read.csv("pennies.csv",head=TRUE) hf=table(vrhy$HEADS) postscript("heads.eps",onefile=FALSE,width=4.134,height=3.445,pointsize=12) plot(hf,main="Frequency distribution of
2013 Aug 14
1
SA54438
http://secunia.com/advisories/54438/ Since I already got 3 private mails about this, here's the same reply for everyone (actually updated, now that I looked at the code): This was a v2.2-only bug. And it isn't really a DoS.. It only caused the one pop3 process to crash in assert, which was handling only the connection that had already disconnected. (Unless you were running a