similar to: ERRATA: Potential Arbitrary File Access (CAN-2004-0815)

Displaying 20 results from an estimated 1000 matches similar to: "ERRATA: Potential Arbitrary File Access (CAN-2004-0815)"

2004 Oct 05
0
ERRATA: Potential Arbitrary File Access (CAN-2004-0815)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ERRATA - ------ The original announcement for the Samba vulnerability identified by CAN-2004-0815 reported that Samba versions 3.0.0 - 3.0.5 inclusive were subject the remote file access bug. Later research has confirmed that *only* Samba 3.0.x <= 3.0.2a contains the exploitable code. The Samba Team expresses sincere apologies for any confusion
2004 Sep 30
0
Samba Security Announcement -- Potential Arbitrary File Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Potential Arbitrary File Access Affected Versions: Samba 2.2.x <= 2.2.11 and Samba 3.0.x <= 3.0.5 Summary: A remote attacker may be able to gain access to files which exist outside of the share's defined path. Such files must still be readable by the account used for the connection. Patch Availability - ------------------
2004 Sep 30
0
Samba Security Announcement -- Potential Arbitrary File Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Potential Arbitrary File Access Affected Versions: Samba 2.2.x <= 2.2.11 and Samba 3.0.x <= 3.0.5 Summary: A remote attacker may be able to gain access to files which exist outside of the share's defined path. Such files must still be readable by the account used for the connection. Patch Availability - ------------------
2004 Nov 08
0
[SECURITY] CAN-2004-0930: Potential Remote Denial of Service Vulnerability in Samba 3.0.x <= 3.0.7
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Potential Remote Denial of Service CVE #: CAN-2004-0930 Affected Versions: Samba 3.0.x <= 3.0.7 Summary: A remote attacker could cause and smbd process to consume abnormal amounts of system resources due to an input validation error when matching filenames containing wildcard characters. Patch Availability - ------------------ A
2004 Sep 30
0
SECURITY: Samba 2.2.12 Available for Download
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ######################## SECURITY RELEASE ######################## Summary: Potential Arbitrary File Access Summary: A remote attacker may be able to gain to files which exist outside of the share's defined path. Such files must still be readable by the account used for the connection. CVE ID: CAN-2004-0815
2004 Sep 30
0
SECURITY: Samba 2.2.12 Available for Download
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ######################## SECURITY RELEASE ######################## Summary: Potential Arbitrary File Access Summary: A remote attacker may be able to gain to files which exist outside of the share's defined path. Such files must still be readable by the account used for the connection. CVE ID: CAN-2004-0815
2004 Sep 13
0
Samba 3.0 DoS Vulberabilities (CAN-2004-0807 & CAN-2004-0808)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Samba 3.0.x Denial of Service Flaw Summary: (i) A DoS bug in smbd may allow an unauthenticated user to cause smbd to spawn new processes each one entering an infinite loop. After sending a sufficient amount of packets it is possible to exhaust the memory resources on the server. (ii) A DoS bug in nmbd may allow an attacker to
2004 Sep 13
0
Samba 3.0 DoS Vulberabilities (CAN-2004-0807 & CAN-2004-0808)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Samba 3.0.x Denial of Service Flaw Summary: (i) A DoS bug in smbd may allow an unauthenticated user to cause smbd to spawn new processes each one entering an infinite loop. After sending a sufficient amount of packets it is possible to exhaust the memory resources on the server. (ii) A DoS bug in nmbd may allow an attacker to
2004 Dec 16
1
CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Possible remote code execution == CVE ID#: CAN-2004-1154 == == Versions: Samba 2.x & 3.0.x <= 3.0.9 == == Summary: A potential integer overflow when == unmarshalling specific MS-RPC requests == from clients could lead to heap == corruption and remote code execution.
2004 Dec 16
0
CAN-2004-1154 : Integer overflow could lead to remote code execution in Samba 2.x, 3.0.x <= 3.0.9
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Possible remote code execution == CVE ID#: CAN-2004-1154 == == Versions: Samba 2.x & 3.0.x <= 3.0.9 == == Summary: A potential integer overflow when == unmarshalling specific MS-RPC requests == from clients could lead to heap == corruption and remote code execution.
2007 May 14
0
[SAMBA-SECURITY] CVE-2007-2447: Remote Command Injection Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ========================================================== == == Subject: Remote Command Injection Vulnerability == CVE ID#: CVE-2007-2447 == == Versions: Samba 3.0.0 - 3.0.25rc3 (inclusive) == == Summary: Unescaped user input parameters are passed == as arguments to /bin/sh allowing for remote == command execution
2004 Feb 18
2
is this mbuf problem real?
BM_207650 MEDIUM Vulnerability Version: 1 2/18/2004@03:47:29 GMT Initial report <https://ialert.idefense.com/KODetails.jhtml?irId=207650> ID#207650: FreeBSD Memory Buffer Exhaustion Denial of Service Vulnerability (iDEFENSE Exclusive): Remote exploitation of a denial of service (DoS) vulnerability in FreeBSD's memory buffers (mbufs) could allow attackers to launch a DoS attack.
2003 Apr 08
0
[labs@idefense.com: iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP Server 2.x]
FYI -------------- next part -------------- An embedded message was scrubbed... From: "iDEFENSE Labs" <labs@idefense.com> Subject: iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP Server 2.x Date: Tue, 8 Apr 2003 12:44:39 -0400 Size: 4554 Url: http://lists.freebsd.org/pipermail/freebsd-security/attachments/20030408/43598086/attachment.eml
2007 Apr 17
0
VuXML entry for CVE-2007-1870: ClamAV CAB File Unstore Buffer Overflow
Good day. Spotted the CVE-2007-1870: the clamav 0.90.2 is already in the ports, but no sign of the issue in the VuXML. The entry is attached. One thing that is a bit strange is that the ChangeLog for the ClamAV (http://svn.clamav.net/svn/clamav-devel/trunk/ChangeLog) says about CVE-2007-1997 as the libclamav/cab.c log entry, but I think they are messed the numbers -- there is no such CVE, at
2004 Nov 15
0
[SECURITY] CAN-2004-0882: Possible Buffer Overrun in smbd
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Subject: Possible Buffer Overrun in smbd CVE #: CAN-2004-0882 Affected Versions: Samba 3.0.x <= 3.0.7 Summary: A possible buffer overrun in smbd could lead to code execution by a remote user Patch Availability - ------------------ A patch for Samba 3.0.7 (samba-3.0.7-CAN-2004-0882.patch) is available from
2005 Mar 28
0
FreeBSD Security Advisory FreeBSD-SA-05:01.telnet
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:01.telnet Security Advisory The FreeBSD Project Topic: telnet client buffer overflows Category: contrib Module: contrib/telnet Announced:
2004 Sep 20
0
FreeBSD Security Advisory FreeBSD-SA-04:14.cvs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:14.cvs.asc Security Advisory The FreeBSD Project Topic: CVS Category: contrib Module: cvs Announced: 2004-09-19 Credits: Stefan
2004 Sep 20
0
FreeBSD Security Advisory FreeBSD-SA-04:14.cvs
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:14.cvs.asc Security Advisory The FreeBSD Project Topic: CVS Category: contrib Module: cvs Announced: 2004-09-19 Credits: Stefan
2004 Mar 02
0
FreeBSD Security Advisory FreeBSD-SA-04:04.tcp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:04.tcp Security Advisory The FreeBSD Project Topic: many out-of-sequence TCP packets denial-of-service Category: core Module: kernel
2004 Mar 02
7
FreeBSD Security Advisory FreeBSD-SA-04:04.tcp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-04:04.tcp Security Advisory The FreeBSD Project Topic: many out-of-sequence TCP packets denial-of-service Category: core Module: kernel