[security bulletin] HPSBMA02348 SSRT080033 rev.2 – HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code, Denial of Service (DoS) <!– Envelope-to: email@address Delivery-date: Mon, 11 May 2009 21:12:43 +0100 Received: from outgoing.securityfocus.com ([205.206.231.26] helo=outgoing2.securityfocus.com) by lt.network5.net with esmtp (Exim 4.43) id 1M3brf-0003tO-Hk for email@address; Mon, 11 May 2009 21:12:43 +0100 Received: from [...]
Posts Tagged ‘Arbitrary Code’
[SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution
Bugtraq: [SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution [SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution URL: http://www.securityfocus.com/archive/1/503397
New pango1.0 packages fix arbitrary code execution
[SECURITY] [DSA 1798-1] New pango1.0 packages fix arbitrary code execution Posted by Steffen Joeris on May 10 ———————————————————————— Debian Security Advisory DSA-1798-1 security_at_debian.org www.debian.org/security/ Steffen Joeris May 10, 2009 www.debian.org/security/faq … URL: http://seclists.org/fulldisclosure/2009/May/0089.html
[SECURITY] [DSA 1795-1] New ldns packages fix arbitrary code execution
Bugtraq: [SECURITY] [DSA 1795-1] New ldns packages fix arbitrary code execution [SECURITY] [DSA 1795-1] New ldns packages fix arbitrary code execution URL: http://www.securityfocus.com/archive/1/503320
New ldns packages fix arbitrary code execution
[SECURITY] [DSA 1795-1] New ldns packages fix arbitrary code execution Posted by Devin Carraway on May 07 ———————————————————————— Debian Security Advisory DSA-1795 security_at_debian.org www.debian.org/security/ Devin Carraway May 07, 2009 … URL: http://seclists.org/fulldisclosure/2009/May/0054.html
Gone With the WINS, (Wed, May 6th)
Follow The Bouncing Malware: Gone With the WINS, (Wed, May 6th) Isn’t it kind of noisy, his wife shouted over the roar of the new server’s cooling fans. It just needs to warm up, he replied, It’ll quiet down in a bit. His wife pointed at her ears, and shrugged as if to say I [...]
1490 (sendmail)
CVE-2009-1490 (sendmail) Heap-based buffer overflow in Sendmail before 8.13.2 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via a long X- header, as demonstrated by an X-Testing header. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1490
1520 (tivoli_storage_manager_client, tivoli_storage_manager_express)
CVE-2009-1520 (tivoli_storage_manager_client, tivoli_storage_manager_express) Buffer overflow in the Web GUI in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8.2, 5.2.0.0 through 5.2.5.3, 5.3.0.0 through 5.3.6.4, 5.4.0.0 through 5.4.2.6, and 5.5.0.0 through 5.5.1.17 allows attackers to cause a denial of service (application crash) or execute arbitrary code via unspecified vectors. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-1520
0720 (openview_network_node_manager)
CVE-2009-0720 (openview_network_node_manager) Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via unknown vectors. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0720
4828 (tivoli_storage_manager_client, tivoli_storage_manager_express)
CVE-2008-4828 (tivoli_storage_manager_client, tivoli_storage_manager_express) Multiple stack-based buffer overflows in dsmagent.exe in the Remote Agent Service in the IBM Tivoli Storage Manager (TSM) client 5.1.0.0 through 5.1.8.2, 5.2.0.0 through 5.2.5.3, 5.3.0.0 through 5.3.6.4, and 5.4.0.0 through 5.4.1.96, and the TSM Express client 5.3.3.0 through 5.3.6.4, allow remote attackers to execute arbitrary code via (1) a request packet [...]
0148 (cscope)
CVE-2009-0148 (cscope) Multiple buffer overflows in Cscope before 15.7a allow remote attackers to execute arbitrary code via (1) long pathnames, (2) long source-code strings, and other vectors. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0148
New freetype packages fix arbitrary code execution
[SECURITY] [DSA 1784-1] New freetype packages fix arbitrary code execution Posted by Nico Golde on Apr 30 ————————————————————————– Debian Security Advisory DSA-1784-1 security_at_debian.org www.debian.org/security/ Nico Golde April 30th, 2009 … URL: http://seclists.org/fulldisclosure/2009/May/0001.html
1291 (enterprise_message_service, rtworks, smartsockets_rtserver)
CVE-2009-1291 (enterprise_message_service, rtworks, smartsockets_rtserver) Stack-based buffer overflow in TIBCO SmartSockets before 6.8.2, SmartSockets Product Family (aka RTworks) before 4.0.5, and Enterprise Message Service (EMS) 4.0.0 through 5.1.1, as used in SmartSockets Server and RTworks Server (aka RTserver), SmartSockets client libraries and add-on products, RTworks libraries and components, EMS Server (aka tibemsd), SmartMQ, iProcess Engine, ActiveMatrix [...]
0663 (dbd::pg)
CVE-2009-0663 (dbd::pg) Heap-based buffer overflow in the DBD::Pg (aka DBD-Pg or libdbd-pg-perl) module 1.49 for Perl might allow context-dependent attackers to execute arbitrary code via unspecified input to an application that uses the getline and pg_getline functions to read database rows. URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0663
[security bulletin] HPSBMA02400 SSRT080144 rev.2 – HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
Bugtraq: [security bulletin] HPSBMA02400 SSRT080144 rev.2 – HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code [security bulletin] HPSBMA02400 SSRT080144 rev.2 – HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code URL: http://www.securityfocus.com/archive/1/503083
