Linux kernel integer types conversion problems.
Published:		05.08.2004
Source:		BUGTRAQ
SecurityVulns ID:		3891
Type:		local
Level:		5/10
Description:		It's possible to access kernel memory because of inters conversion bug in 64bit file API (for example llseek).

Affected:		LINUX : kernel 2.4
		LINUX : kernel 2.6

Original document

Paul Starzetz, Linux kernel file offset pointer races (05.08.2004)

Files:		/proc ppos kernel memory read (semaphore method)
Discuss:		Read or add your comments to this news (0 comments)

PUTTY/PSCP buffer overflows updated since 04.08.2004
Published:		05.08.2004
Source:		FULL-DISCLOSURE
SecurityVulns ID:		3888
Type:		client
Level:		5/10
Description:		Few buffer overflows.

Affected:

PUTTY : PuTTY 0.54

Original document

CORE Security Technologies Advisories, CORE-2004-0705: Vulnerabilities in PuTTY and PSCP (05.08.2004)

Discuss:

Read or add your comments to this news (0 comments)

Multiple libpng bugs updated since 05.08.2004
Published:		22.10.2004
Source:		CERT
SecurityVulns ID:		3892
Type:		library
Level:		7/10
Description:		Stack overflow, NULL pointer dereference, integer overflows.

Affected:		libpng : libpng 1.2
		libpng : libpng 1.0
		MOZILLA : Mozilla 1.7
		MOZILLA : Firefox 0.9
		MOZILLA : Thunderbird 0.7

Original document		DEBIAN, [SECURITY] [DSA 570-1] New libpng packages fix several vulnerabilities (22.10.2004)
		GENTOO, [ GLSA 200408-22 ] Mozilla, Firefox, Thunderbird: New releases fix vulnerabilities (25.08.2004)
		Chris Evans, CESA-2004-001: libpng (05.08.2004)
		CERT, US-CERT Technical Cyber Security Alert TA04-217A -- Multiple Vulnerabilities in libpng (05.08.2004)

Files:		PNG crashes both mozilla and konqueror
		exploit for libpng, tested on version 1.2.5
Discuss:		Read or add your comments to this news (0 comments)