Computer Security
[EN] securityvulns.ru no-pyccku


collectd DoS
Published:14.12.2010
Source:
SecurityVulns ID:11296
Type:remote
Threat Level:
5/10
Description:Crash on network packet parsing.
Affected:COLLECTD : collectd 4.4
CVE:CVE-2010-4336 (The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10.2 allow remote attackers to cause a denial of service (assertion failure) via a packet with a timestamp whose value is 10 or less, as demonstrated by creating RRD files using the (1) RRDtool and (2) RRDCacheD plugins.)
Original documentdocumentDEBIAN, [SECURITY] [DSA-2133-1] New collectd packages fix denial of service (14.12.2010)

LiteSpeed Web Server buffer overflow
Published:14.12.2010
Source:
SecurityVulns ID:11297
Type:remote
Threat Level:
5/10
Description:Buffer overflow if PHP library is used.
Affected:LITESPEED : LiteSpeed Web Server 4.0
Original documentdocumentHI-TECH ., LiteSpeed Web Server 4.0.17 w/ PHP Remote Exploit for FreeBSD (14.12.2010)
Files:LiteSpeed Web Server 4.0.17 w/ PHP Remote Exploit for FreeBSD

Real Player multiple security vulnerabilities
updated since 14.12.2010
Published:21.12.2010
Source:
SecurityVulns ID:11295
Type:client
Threat Level:
8/10
Description:Buffer overflows on RA5, RealMedia, AAC etc.
Affected:REAL : RealPlayer 11.0
 REAL : RealPlayer SP 1.1
 REAL : RealPlayer 12.0
CVE:CVE-2010-4387 (The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Mac RealPlayer 11.0 through 12.0.0.1444, and Linux RealPlayer 11.0.2.1744 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted audio stream in a RealMedia file.)
 CVE-2010-4386 (RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Linux RealPlayer 11.0.2.1744, and possibly HelixPlayer 1.0.6 and other versions, allow remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted RealMedia video file.)
Original documentdocumentSECUNIA, Secunia Research: RealPlayer "cook" Arbitrary Free Vulnerability (20.12.2010)
 documentSECUNIA, Secunia Research: RealPlayer AAC Spectral Data Parsing Vulnerability (20.12.2010)
 documentSECUNIA, Secunia Research: RealPlayer "cook" Uninitialised Memory Vulnerability (20.12.2010)
 documentIDEFENSE, iDefense Security Advisory 12.10.10: RealNetworks RealPlayer Memory Corruption Vulnerability (14.12.2010)
 documentVUPEN Security Research, VUPEN Security Research - RealPlayer Sound Data Handling Buffer Overflow Vulnerability (VUPEN-SR-2010-004) (14.12.2010)
 documentVUPEN Security Research, VUPEN Security Research - RealPlayer Audio Data Handling Buffer Overflow Vulnerability (VUPEN-SR-2010-003) (14.12.2010)
 documentVUPEN Security Research, VUPEN Security Research - RealPlayer AAC Data Handling Buffer Overflow Vulnerability (VUPEN-SR-2010-005) (14.12.2010)
 documentVUPEN Security Research, VUPEN Security Research - RealPlayer RealMedia Data Handling Heap Overflow Vulnerabilities (VUPEN-SR-2010-28, VUPEN-SR-2010-29, VUPEN-SR-2010-30) (14.12.2010)
 documentVUPEN Security Research, VUPEN Security Research - RealPlayer RA5 Data Handling Heap Overflow Vulnerability (VUPEN-SR-2010-31) (14.12.2010)
 documentIDEFENSE, iDefense Security Advisory 12.10.10: RealNetworks RealPlayer RealAudio Codec Memory Corruption Vulnerability (14.12.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod