Displaying 20 results from an estimated 1000 matches similar to: "CVE-2008-1105 - Boundary failure when parsing SMB responses"
2008 May 28
0
[SAMBA] CVE-2008-1105 - Boundary failure when parsing SMB responses
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Boundary failure when parsing SMB responses
== can result in a buffer overrun
==
== CVE ID#: CVE-2008-1105
==
== Versions: Samba 3.0.0 - 3.0.29 (inclusive)
==
== Summary: Specifically crafted SMB responses can result
== in a heap overflow
2007 Dec 10
1
[SECURITY] Buffer overrun in send_mailslot()
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Boundary failure in GETDC mailslot
== processing can result in a buffer overrun
==
== CVE ID#: CVE-2007-6015
==
== Versions: Samba 3.0.0 - 3.0.27a (inclusive)
==
== Summary: Specifically crafted GETDC mailslot requests
== can trigger a
2009 Sep 19
3
sieve security problem
hi , anybody knows more about this ?
http://secunia.com/advisories/36698/
http://secunia.com/advisories/36629/
http://secunia.com/advisories/36713/
--
Best Regards
MfG Robert Schetterer
Germany/Munich/Bavaria
2006 Jul 10
5
[SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Memory exhaustion DoS against smbd
== CVE ID#: CAN-2006-1059
==
== Versions: Samba Samba 3.0.1 - 3.0.22 (inclusive)
==
== Summary: smbd may allow internal structures
== maintaining state for share connections
== to grow unbounded.
==
2006 Jul 10
5
[SECURITY] Samba 3.0.1 - 3.0.22: memory exhaustion DoS against smbd
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Memory exhaustion DoS against smbd
== CVE ID#: CAN-2006-1059
==
== Versions: Samba Samba 3.0.1 - 3.0.22 (inclusive)
==
== Summary: smbd may allow internal structures
== maintaining state for share connections
== to grow unbounded.
==
2006 Nov 28
1
GNU Tar vulnerability
Please, note: http://secunia.com/advisories/23115/
A port maintainer CC'ed.
--
Dixi.
Sem.
2007 Oct 08
5
3.1.1 RC4?
Keir,
I noticed that a Shadow patch went into the 3.1.1 staging tree today.
Does this mean that we should expect a 4th release candidate before the
3.1.1 release tag is official?
If so - how much testing time are you going to give that release
candidate before deciding whether a release tag, or another RC round is
appropriate?
Ben Guthro
_______________________________________________
2006 Mar 19
2
Functional Testing
Hey all,
I have a many-to-many relationship (Questions
has_and_belongs_to_many Answers), and when I destroy
the Question (the one) I also destroy all the Answers
(the many).
Since the following doesn''t seem to work for
has_and_belongs_to_many:
class Question < AR::Base...
has_and_belongs_to_many :answers, :dependent =>
:destroy
end
I have this embedded in a transaction block
2005 Apr 05
1
Secunia / Firefox Javascript "Arbitrary Memory Exposure" test
I just confirmed the following bug on my firefox.
http://secunia.com/advisories/14820/
Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050219 Firefox/1.0
(I think my firefox is a month or two behind, from ports, but the
advisary indicates both 1.0.1 and 1.0.2 are effected.)
FreeBSD localhost 5.3-RELEASE FreeBSD 5.3-RELEASE #0: Fri Nov 5 04:19:18 UTC 2004
2006 Oct 21
4
CentOS 3.8 Kernel Update with NVIDIA Video Card
I need some advice. I updated the kernel but when I restarted my
computer I got the following error message:
--
I cannot start the X server (your graphical interface). It is likely
that it is not set up correctly. ... Failed to load the NVIDIA kernel
module!
--
I've started my computer using the old kernel. I found out that there's
a new nvidia driver so I will also update it.
2007 Nov 15
0
[SECURITY] CVE-2007-5398 - Remote Code Execution in Samba's nmbd
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Remote code execution in Samba's WINS
== server daemon (nmbd) when processing name
== registration followed name query requests.
==
== CVE ID#: CVE-2007-5398
==
== Versions: Samba 3.0.0 - 3.0.26a (inclusive)
==
== Summary: When nmbd
2007 Dec 10
0
[SECURITY] Buffer overrun in send_mailslot()
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Boundary failure in GETDC mailslot
== processing can result in a buffer overrun
==
== CVE ID#: CVE-2007-6015
==
== Versions: Samba 3.0.0 - 3.0.27a (inclusive)
==
== Summary: Specifically crafted GETDC mailslot requests
== can trigger a
2007 Nov 15
0
[SECURITY] CVE-2007-5398 - Remote Code Execution in Samba's nmbd
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Remote code execution in Samba's WINS
== server daemon (nmbd) when processing name
== registration followed name query requests.
==
== CVE ID#: CVE-2007-5398
==
== Versions: Samba 3.0.0 - 3.0.26a (inclusive)
==
== Summary: When nmbd
2005 Apr 21
6
Information disclosure?
Hello,
For some reason, I thought little about the "clear" command today..
Let's say a privileged user (root) logs on, edit a sensitive file (e.g,
a file containing a password, running vipw, etc) .. then runs clear and
logout. Then anyone can press the scroll-lock command, scroll back up
and read the sensitive information.. Isn't "clear" ment to clear the
2006 Jul 28
2
Ruby vulnerability?
Hi,
FYI, Red Hat released an advisory today about a vulnerability in Ruby. So
far it doesn't appear in the VuXML, but am I correct in presuming it will
soon?
https://rhn.redhat.com/errata/RHSA-2006-0604.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3694
cheers,
-- Joel Hatton --
Infrastructure Manager | Hotline: +61 7 3365 4417
AusCERT - Australia's national
2003 Oct 19
23
Notification
************* eManager Notification **************
Recipient, Content filter has detected a sensitive e-mail.
Destination mailbox(es): "samba@samba.org"
******************* End of message *******************
-------------- next part --------------
Received: from 208.8.92.167 by jupiter.INSIDEAI.COM (InterScan E-Mail VirusWall NT); Sun, 19 Oct 2003 14:55:27 -0400
Received: from
1999 Dec 06
2
Pam errors in Solaris
regarding the segfault that shows up when calling
pam_open_session in sshd under solaris--
In the dec 1 Solaris 7 patch report update, there is one mention
of pam:
Patch-ID# 107285-01
Synopsis: SunOS 5.7: passwd & pam_unix.so.1 patch
BugId's fixed with this patch: 4172457
Changes incorporated in this version:
Date: Aug/17/99
but it doesn't seem to be freely available -- when looking
2008 Sep 04
2
isoMDS and dist
I am starting with a matrix in which rows are vegetation plots and
columns are various characteristics including ID# and elevation. I
removed elevation and ID columns to avoid having those characteristics
influence the distances between points which I calculated using the
"dist" command. The resulting distance file was then used in isoMDS.
What I want to know is whether I can
2002 Oct 14
2
Another newbie question: curve of normal distribution
I would like to get a curve of normal distrubtion over the
histogram. Something like the following (which obviously doesn't
work; see attached example).
maluj <- function() {
vrhy=read.csv("pennies.csv",head=TRUE)
hf=table(vrhy$HEADS)
postscript("heads.eps",onefile=FALSE,width=4.134,height=3.445,pointsize=12)
plot(hf,main="Frequency distribution of
2013 Aug 14
1
SA54438
http://secunia.com/advisories/54438/
Since I already got 3 private mails about this, here's the same reply for everyone (actually updated, now that I looked at the code):
This was a v2.2-only bug. And it isn't really a DoS.. It only caused the one pop3 process to crash in assert, which was handling only the connection that had already disconnected. (Unless you were running a