Secunia Security Advisory - Debian has issued an update for openswan. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service).
b0dfdc798a5c9dccb21e03e20faf64ada3a91aae607a956c6991127856f5fc86Secunia Security Advisory - A vulnerability has been reported in AirOS, which can be exploited by malicious people to bypass certain security features.
13ccb23946e03420bb12718ff2bd98f6dafb4049ce6affb6dc4a973e65302c8bSecunia Security Advisory - Debian has issued an update for krb5 and krb5-appl. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
7d83aa6c255db315344a341862eb0c3d82513e47db652e0e8ba8145e7563e3dcSecunia Security Advisory - A vulnerability has been reported in AirOS, which can be exploited by malicious people to bypass certain security features.
8279c69737b4f8fae1c664728d54eb21e6679334bad5d43630e2c56349cd3f66Secunia Security Advisory - Francois Harvey has discovered a vulnerability in vtiger CRM, which can be exploited by malicious people to bypass certain security restrictions.
9e2160a497daaa7c509714a388c2909ccc36e0786d8ca689bc24b6574c52a8e9FreeBSD Security Advisory - When an encryption key is supplied via the TELNET protocol, its length is not validated before the key is copied into a fixed-size buffer. An attacker who can connect to the telnetd daemon can execute arbitrary code with the privileges of the daemon (which is usually the "root" superuser).
c92e3537ea4a9d4333d9b238da051a9f86ab6782c92ea9627150610dbec5e756FreeBSD Security Advisory - The nsdispatch API has no mechanism to alert it to whether it is operating within a chroot environment in which the standard paths for configuration files and shared libraries may be untrustworthy. The FreeBSD ftpd daemon can be configured to use chroot, and also uses the nsdispatch API.
de56ea16374f3970ce64ad7bfe09f78855a3865a7491e05a50722e5299b402deFreeBSD Security Advisory - A remote attacker could cause the BIND resolver to cache an invalid record, which could cause the BIND daemon to crash when that record is being queried.
913e895f321d484a5440d6ec9ea44d1a471f516fda6b68d698117be493718a87Red Hat Security Advisory 2011-1852-02 - The krb5-appl packages provide Kerberos-aware telnet, ftp, rcp, rsh, and rlogin clients and servers. Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third-party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root.
611b0465bb7429b56ae4ca7c0441b264da38bb0f332f78625ca03d057ffe1604Red Hat Security Advisory 2011-1851-01 - Kerberos is a network authentication system which allows clients and servers to authenticate to each other using symmetric encryption and a trusted third- party, the Key Distribution Center. A buffer overflow flaw was found in the MIT krb5 telnet daemon. A remote attacker who can access the telnet port of a target machine could use this flaw to execute arbitrary code as root. Note that the krb5 telnet daemon is not enabled by default in any version of Red Hat Enterprise Linux. In addition, the default firewall rules block remote access to the telnet port. This flaw does not affect the telnet daemon distributed in the telnet-server package.
fcc05a1144325e7cb4e0faa7cb26db554864cc40f11c6e788b4e245114f681e2Mandriva Linux Security Advisory 2011-194 - A stack-based buffer overflow flaw was found in the way ICU performed variant canonicalization for some locale identifiers. If a specially-crafted locale representation was opened in an application linked against ICU, it could cause the application to crash or, possibly, execute arbitrary code with the privileges of the user running the application. The updated packages have been patched to correct this issue.
80870225471be4dbbc36d3279c7f2721a9e9b3ac1652fc70a93c9453a26b3f68Mandriva Linux Security Advisory 2011-193 - The idnsGrokReply function in Squid before 3.1.16 does not properly free memory, which allows remote attackers to cause a denial of service via a DNS reply containing a CNAME record that references another CNAME record that contains an empty A record. The updated packages have been patched to correct this issue.
7cc994dd5dc1c1d61d6b7854d62ddbed4330325a505629aa1262a3dfcded25f0Debian Linux Security Advisory 2375-1 - It was discovered that the encryption support for BSD telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet port to execute arbitrary code with root privileges.
fd73e5b12a6d4591dd69cdba1166f1b643a3602a7b0d79942b9bf522a6bf82a2Debian Linux Security Advisory 2374-1 - The information security group at ETH Zurich discovered a denial of service vulnerability in the crypto helper handler of the IKE daemon pluto.
2e3b194b94bdc4f7f0091e298a2cc51c679c239928c746db286a6f2f132d600bDebian Linux Security Advisory 2373-1 - It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges.
717b70e7a6ef1a328de1d72ba01af5596d2d4e3fae9640dc08a8d53c699a0229Debian Linux Security Advisory 2372-1 - It was discovered that the Kerberos support for telnetd contains a pre-authentication buffer overflow, which may enable remote attackers who can connect to the Telnet to execute arbitrary code with root privileges.
f0f6583e9e986815a366da7745916c14e72d8839169dad71c5322effd109c4f6Secunia Security Advisory - FreeBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
805e11221d0425e28be43e4da38ed6862f251741395d35404b4fe80c6d3f5cfeSecunia Security Advisory - A vulnerability has been reported in PukiWiki Plus!, which can be exploited by malicious people to conduct cross-site scripting attacks.
d3251d2dd93f7148e18669fa0f35664c23a19f47f3f77f5da4bda745d0c660c5Secunia Security Advisory - Debian has issued an update for jasper. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library.
28ab8d93f1409d5501182c1b1c75462ab8083ce3a06d311891b66b2b1206675dSecunia Security Advisory - A security issue has been reported in FreeBSD, which can be exploited by malicious people to bypass certain security restrictions.
d313127919790fc7977dce2c5ce4956a77420edf77a85d79f53d9715cf77ba8bSecunia Security Advisory - A vulnerability has been reported in Heimdal, which can be exploited by malicious people to compromise a vulnerable system.
de71ca2a8ea24dafdc1a57e7ab07c06b75b25bf81db8f57d1bddbee632f6c95bSecunia Security Advisory - A vulnerability has been discovered in GNU inetutils, which can be exploited by malicious people to compromise a vulnerable system.
caa1d2427111e5d8ed36f6b8cc613797bc04cc45d9a6f1bb8801ab96b0d33298Secunia Security Advisory - Debian has issued an update for heimdal. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
a2ebc46d3000793cf059ddcfda602a2be3ccf1c3fc8adab653da5b5c4629aaa9Secunia Security Advisory - FreeBSD has acknowledged a vulnerability in telnetd, which can be exploited by malicious people to compromise a vulnerable system.
216286f9074ec3da24abb06c04384888a6ea4fe08fe36b870a2a624119e454afSecunia Security Advisory - Debian has issued an update for inetutils. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system.
597888135993d423afcca806e81d66232a0d5a9e479902dd90d110a289d25dbb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed