Previous
Samba Flaw Opens Up Root Access Attack
News A buffer overflow in the SMB/CIFS packet fragment re-assembly code used by smbd. Mitre vulnerability candidate number CAN-2003-0085 describes the flaw as "a buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in...
[April 7, 2003, 9:49]
ISA Server 2000 - Vulnerability In H.323 Filter Can Cause Remote Code Execution (816458)
Downloads A critical security vulnerability exists in the H.323 filter for Microsoft ISA Server 2000 that could allow an attacker to overflow a buffer on the Microsoft Firewall Service in Microsoft ISA Server 2000.
[September 14, 2007, 7:38]
Buffer Overflow Flaw Found In Open Source MP3 Player
News A buffer overrun attack injects more data into a particular memory location than a program can accommodate, and by carefully crafting the data that overflows into other parts of memory, attackers can run programs to take over the computer.
[January 12, 2005, 7:50]
Patch Now Or Be Sorry Later
News Thus, a hacker can feed IIS 4.0 servers gigantic wads of useless data until the buffer space takes over all available memory for the buffer. Unlike the situation with classic buffer security problems, in the case of IIS 4.0, data can't overrun the...
[March 24, 2000, 11:09]
New Memory Chips Get Closer, Faster And Smarter
News FB-DIMM adds a buffer chip which takes over this duty, letting the individual memory chips -- identical to those used in DDR -- run much faster. The buffer uses similar techniques to PCI Express to combine the signals from all the chips onto a...
[September 9, 2004, 10:30]
New Windows Flaw Similar To MSBlast Bug
News The first two flaws are buffer overruns, which allow a hacker to take over a computer by swamping it with data. An attacker who successfully exploited either of the buffer overrun vulnerabilities could gain complete control over a remote computer...
[September 11, 2003, 10:57]
Microsoft Is Forced To Issue SSL Patch For IE
News Buffer Overrun in Gopher Protocol Handler (CAN-2002-0646) (Note: Details on this candidate hadn't been posted on the CVE list at the time of this writing.Buffer Overrun in Legacy Text Formatting ActiveX Control (CAN-2002-0647)XML File Reading via...
[September 9, 2002, 16:59]
Experts: Carnivore Review Had No Teeth
News Another problem -- which was pointed out in the Iitri analysis but not investigated -- is the possibility that one or more buffer overflow exists in the code, the security experts reported. A buffer overflow refers to a situation where data put...
[December 5, 2000, 8:52]
Firefox Flaw Made Public
News The security vulnerability is a buffer overflow flaw that "allows for an attacker to remotely execute arbitrary code" on a vulnerable PC, Ferris said. Buffer overflows are a commonly exploited security problem.
[September 9, 2005, 12:55]
Oracle Software Vulnerability Exposed
News The attack works by sending more information than the software expects, a process called a "buffer overrun". In a buffer overrun attack, the extra characters are written into the computer's memory. Researchers have found a security hole in Oracle's...
[July 6, 2001, 9:21]
Microsoft Warns Of New Server Vulnerabilities
News The attack can cause a buffer overrun in the system memory, allowing a skilled attacker to run code in the server's security context. The company said that Exchange is vulnerable to a buffer overflow attack when responding to an SMTP client's EHLO...
[July 25, 2002, 16:17]
Libsafe Guards Against Linux Hijackers
News In a buffer overflow, a section of memory corresponding to a variable used by a program is overwritten. Let's consider an example of a buffer overflow. If a particular variable that resides in the stack is susceptible to a buffer overflow, a hacker...
[August 7, 2002, 8:52]
Mozilla Testing Point Updates
News A computer can be made to execute potentially malicious code by feeding in extra data that is designed to flood over the buffer. Even with the fix that disables IDN installed, a buffer overflow vulnerability exists in Firefox 1.5 beta 1, Ferris...
[September 15, 2005, 9:40]
Perl Warnings Toned Down
News The sprintf bug fixes the problem that could cause a buffer overflow and unlock a vulnerable system for an attacker. Typically in Perl you don't have to worry about buffer overruns. Perl is a popular open source programming language that's widely...
[December 16, 2005, 9:10]
Spat Over MS 'flaw' Gets Heated
News At least they are putting run-time checking for buffer overruns, which you don't find in other (Windows) compilers," said Chris Wysopal, director of research and development for digital security firm @Stake.
[February 18, 2002, 13:03]
IDF: Intel Unveils Banias Secrets
News Although it has a desktop-equivalent data rate, it uses much lower voltage swings, and the buffer circuits that convert these voltages to those used on the chip are tightly managed. Buffer circuits are traditionally one of the major power hogs in a...
[September 11, 2002, 13:57]
Symantec Sees Pay-per-use Future For Software
News Berryman said using a built-in hypervisor would allow Symantec to set up a buffer to screen and intercept code before it is run on the virtual machine on a user's computer. Virtualised or streaming applications, where software is run on a central...
[October 9, 2008, 10:30]
Software To Blame For Security Problems
News And so we see this same problem come up over and over again, like buffer overflows, for example. Buffer overflow The idea is that I can't anticipate every kind of program that might want to run on my phone, so I create an extensible system and...
[December 3, 2001, 10:39]
Music File Flaws Could Threaten Traders
News Known as a buffer overflow, such problems are a common software security concern. The flaw in Windows XP can force the operating system to run code when a music file is played by Windows Explorer, the operating system's file-browsing application.
[December 19, 2002, 7:51]
California Graphics Plans New Year Voodoo 2 Card
News Aimed at the serious gamer market, the 3D Wizard includes one Pixel/fx and two Texel/fx processors and is planned to ship with12Mb of graphics RAM: 4Mb of frame buffer and 4Mb for each of the two texture processors.
[December 15, 1997, 14:46]
