サクサク読めて、アプリ限定の機能も多数!
トップへ戻る
ノーベル賞
security-tracker.debian.org
This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved a
Heap-based buffer overflow in the __nss_hostname_digits_dots function in glibc 2.2, and other 2.x versions before 2.18, allows context-dependent attackers to execute arbitrary code via vectors related to the (1) gethostbyname or (2) gethostbyname2 function, aka "GHOST."
PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote attackers to cause a denial of service (CPU consumption) by sending many crafted parameters.
The data in this tracker comes solely from the bug database maintained by Debian's security team located in the security-tracker Git repository. The data represented here is derived from: DSAs issued by the Security Team; issues tracked in the CVE database, issues tracked in the National Vulnerability Database (NVD), maintained by NIST; and security issues discovered in Debian packages as reported
このページを最初にブックマークしてみませんか?
『security-tracker.debian.org』の新着エントリーを見る
j次のブックマーク
k前のブックマーク
lあとで読む
eコメント一覧を開く
oページを開く