Computer Security
[EN] securityvulns.ru no-pyccku


D-Bus DoS
Published:19.01.2011
Source:
SecurityVulns ID:11357
Type:local
Threat Level:
5/10
Description:Crash on message processing.
Affected:DBUS : D-Bus 1.4
CVE:CVE-2010-4352 (Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denial of service (daemon crash) via a message containing many nested variants.)
Original documentdocumentUBUNTU, [USN-1044-1] D-Bus vulnerability (19.01.2011)

Asterisk buffer overflow
Published:19.01.2011
Source:
SecurityVulns ID:11358
Type:remote
Threat Level:
7/10
Description:Buffer overflow in SIP Caller ID.
Affected:ASTERISK : Asterisk 1.2
 DIGIUM : Asterisk 1.4
 ASTERISK : Asterisk 1.6
 ASTERISK : Asterisk 1.8
 ASTERISK : AsteriskNOW 1.5
Original documentdocumentASTERISK, AST-2011-001: Stack buffer overflow in SIP channel driver (19.01.2011)

Kingsoft AntiVirus DoS
Published:19.01.2011
Source:
SecurityVulns ID:11360
Type:local
Threat Level:
4/10
Description:Crash on hoocked KiFastCallEntry kernel function procesing.
Affected:KINGSOFT : KingSoft AntiVirus 2011
Original documentdocumentth_decoder_(at)_126.com, Kingsoft AntiVirus 2011 SP5.2 KisKrnl.sys <= 2011.1.13.89 Local Kernel Mode D.O.S Exploit(3 lines of code) (19.01.2011)

Xfig multiple security vulnerabilities
Published:19.01.2011
Source:
SecurityVulns ID:11361
Type:library
Threat Level:
5/10
Description:Multiple vulnerabilities on .fig files processing.
Affected:XFIG : Xfig 3.2
CVE:CVE-2010-4262 (Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a FIG image with a crafted color definition.)
 CVE-2009-4228 (Stack consumption vulnerability in u_bound.c in Xfig 3.2.5b and earlier allows remote attackers to cause a denial of service (application crash) via a long string in a malformed .fig file that uses the 1.3 file format, possibly related to the readfp_fig function in f_read.c.)
 CVE-2009-4227 (Stack-based buffer overflow in the read_1_3_textobject function in f_readold.c in Xfig 3.2.5b and earlier, and in the read_textobject function in read1_3.c in fig2dev in Transfig 3.2.5a and earlier, allows remote attackers to execute arbitrary code via a long string in a malformed .fig file that uses the 1.3 file format. NOTE: some of these details are obtained from third party information.)
Original documentdocumentMANDRIVA, [ MDVSA-2011:010 ] xfig (19.01.2011)

OpenAFS security vulnerabilities
Published:19.01.2011
Source:
SecurityVulns ID:11362
Type:remote
Threat Level:
6/10
Description:Buffer overflow, uninitialized pointer dereference.
Affected:OPENAFS : OpenAFS 1.5
CVE:CVE-2009-1251 (Heap-based buffer overflow in the cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Unix platforms allows remote attackers to cause a denial of service (system crash) or possibly execute arbitrary code via an RX response containing more data than specified in a request, related to use of XDR arrays.)
 CVE-2009-1250 (The cache manager in the client in OpenAFS 1.0 through 1.4.8 and 1.5.0 through 1.5.58 on Linux allows remote attackers to cause a denial of service (system crash) via an RX response with a large error-code value that is interpreted as a pointer and dereferenced, related to use of the ERR_PTR macro.)
Original documentdocumentGENTOO, [ GLSA 201101-05 ] OpenAFS: Arbitrary code execution (19.01.2011)

pimd symbolic links vulnerability
Published:19.01.2011
Source:
SecurityVulns ID:11363
Type:local
Threat Level:
4/10
Description:Symbolic links vulnerability on signals processing.
CVE:CVE-2011-0007 (pimd 2.1.5 and possibly earlier versions allows user-assisted local users to overwrite arbitrary files via a symlink attack on (1) pimd.dump when a USR1 signal is sent, or (2) pimd.cache when USR2 is sent.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2147-1] Security update for pimd (19.01.2011)

gif2png buffer overflow
Published:19.01.2011
Source:
SecurityVulns ID:11365
Type:library
Threat Level:
5/10
Description:Buffer overflow on GIF processing.
Affected:GIF2PNG : gif2png 2.5
CVE:CVE-2010-4694 (Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to cause a denial of service (application crash) or have unspecified other impact via a GIF file that contains many images, leading to long extensions such as .p100 for PNG output files, as demonstrated by a CGI program that launches gif2png, a different vulnerability than CVE-2009-5018.)
 CVE-2009-5018 (Stack-based buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to execute arbitrary code via a long command-line argument, as demonstrated by a CGI program that launches gif2png.)
Original documentdocumentMANDRIVA, [ MDVSA-2011:009 ] gif2png (19.01.2011)

OpenSC / PCSC-Lite library buffer overflow
updated since 19.01.2011
Published:24.01.2011
Source:
SecurityVulns ID:11364
Type:library
Threat Level:
6/10
Description:Buffer overflow on oversized smart card serial number.
Affected:OPENSC : OpenSC 0.11
 PCSCLITE : PCSC-Lite 1.5
CVE:CVE-2010-4531 (Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrhandler.c) for pcscd in PCSC-Lite 1.5.3, and possibly other 1.5.x and 1.6.x versions, allows physically proximate attackers to cause a denial of service (crash) and possibly execute arbitrary code via a smart card with an ATR message containing a long attribute value.)
 CVE-2010-4530 (Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) driver, as used in pcscd in PCSC-Lite 1.5.3 and possibly other products, allows physically proximate attackers to execute arbitrary code via a smart card with a crafted serial number that causes a negative value to be used in a memcpy operation, which triggers a buffer overflow. NOTE: some sources refer to this issue as an integer overflow.)
 CVE-2010-4523 (Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically proximate attackers to execute arbitrary code via a long serial-number field on a smart card, related to (1) card-acos5.c, (2) card-atrust-acos.c, and (3) card-starcos.c.)
Original documentdocumentMANDRIVA, [ MDVSA-2011:015 ] pcsc-lite (24.01.2011)
 documentMANDRIVA, [ MDVSA-2011:014 ] ccid (24.01.2011)
 documentMANDRIVA, [ MDVSA-2011:011 ] opensc (19.01.2011)

tor multiple security vulnerabilities
updated since 19.01.2011
Published:24.10.2011
Source:
SecurityVulns ID:11359
Type:remote
Threat Level:
7/10
Description:Heap buffer overflow, DoS, key information leak.
Affected:TOR : tor 0.2
CVE:CVE-2011-1924 (Buffer overflow in the policy_summarize function in or/policies.c in Tor before 0.2.1.30 allows remote attackers to cause a denial of service (directory authority crash) via a crafted policy that triggers creation of a long port list.)
 CVE-2011-0493 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha might allow remote attackers to cause a denial of service (assertion failure and daemon exit) via vectors related to malformed router caches and improper handling of integer values.)
 CVE-2011-0492 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (assertion failure and daemon exit) via blobs that trigger a certain file size, as demonstrated by the cached-descriptors.new file.)
 CVE-2011-0491 (The tor_realloc function in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not validate a certain size value during memory allocation, which might allow remote attackers to cause a denial of service (daemon crash) via unspecified vectors, related to "underflow errors.")
 CVE-2011-0490 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha makes calls to Libevent within Libevent log handlers, which might allow remote attackers to cause a denial of service (daemon crash) via vectors that trigger certain log messages.)
 CVE-2011-0427 (Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unspecified vectors.)
 CVE-2011-0016 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, which might allow local users to obtain sensitive information by leveraging the ability to read memory that was previously used by a different process.)
 CVE-2011-0015 (Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly check the amount of compression in zlib-compressed data, which allows remote attackers to cause a denial of service via a large compression factor.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2148-1] Security update for tor (19.01.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod