DELTA 397115 0 16427 SVN!x v-N pvbab05188-5d4b-11e5-9ad8-14dae9d210b8"> optipng -- use after free optipng 0.6.5Gustavo Grieco reports:

We found a use-after-free causing an invalid/double free in optipng 0.6.4url>http://seclists.org/oss-sec/2015/q3/556D&^[;ϳc|>cM:eE9[Tw|[bѧ*rbJ$";ȀTː@w!h#C.3 mI5 ,tH sՉ1FU#<ȳ鐣/! Oa'FE GAXMr Q]@t!bc7an attack that uses Elasticsearch to modify files read and executed by certain other applications.

Remediation Summary: Users should upgrade to 1.6.0. Alternately, ensure that other applications are not present on the system, or that Elasticsearch cannot write into areas where these applications would read5-4165 ports/201008

Fix buffer overflow vulnerability in LDAP KDB back end. [CVE-2014-4345]

Fix multiple vulnerabilities in the LDAP KDC back end. [CVE-2014-5354 9421 CVE-2014-9422 CVE-2014-9423]url>http://web.mit.edu/kerberos/krb5-1.11/README-1.11.6.txt 2015-02-25 2015-02-25

A malformed packet can cause the nmbd server to loop the CPU and prevent any further NetBIOS name service.

Valid unicode path names stored on disk can cause smbd to crash if an authenticated client attempts to read them using a non-unicode reques0244 CVE-2014-3493 https://www.sam qG9Gx^JA S*(H/"X]l֍ .}{3UW,^:@|_~듴p,N˧ۛUz|vz[KݬW72r b 5gr4@Y@7Y Zl}z:8P=#kk;VAH-[zELєl5а'-Mc:KУզ̃ bFebmIj dvͲA ()dƋ;:jaPd63ef;55xw=+Qv[%Nr`=}_F]>,`qpQ&L4sI:Bߠ G9Gx^eOO0 S&M4T +Rw?UڷnvS8~v)>onkz_q.4F6z R,[|ZkqÝ2!AL F{F^G#4Tּ'0ᐸ 9"6`ptfD،e &}* > TN#1d 6+mc_.X^Fb bo1gES7bcVXU0<# - IaQI,1H@HBo᥋p 3~Y}L&QR{tX빃z'E Zvg\zN:!y `%kGBVJ6vN9E1968 2013-05-31 2013-05-31 irc/bitchxBitchX 1.2.*,1bannedit reports:

Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a lG^tF }6 CVE-2013-1664 CVE-2013-1665 CVE-2013-0305 CVE-2013-0306 58022 58061 =9Qx^Qn0 ˲];M@L?Yr%9Tyq$ =b U9i,X"]HLDa<*]tUMCʶa\!KJI'):,t! F}cZwkJ@v@"~mote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command. CVE-2011-3341 http://security.openttd.org/en/CVE-2011-3341 quaggaquagga 0.99.19O 6)9)x^]N0 Mq۴;p&v㴝RrOc>{\c8v0cÁuԂڛϏ3\yG.*bx!E]C^TE;c!`M4 nb {ȉ}"G d)zs寜wd`LhҍXJfGf# z0vCi"_QqmٍA6+)T]U+f.1]Mt- X̵]gq "c" Ħ~8b;N-1IbMJN!qݪak[~%6(._ G9Gx^o0Ɵ_qC(YƭJSi *ŗjb[g{.LL}"Qtwl"D^΋| *"%!DcV4|Btgoկ]B(ؐ~| JVWmzH˗k?$gb c\2mOPa#H 8;TG7bd>:W+!lgspY l/φڥ_^'U4S67 gTn^6|=£"޹jiLQVCG?7aʖؾJJy>qV `bTN6d8K1[ !{Cc"JŢ Z#MmP0s{Wx y QKU6NzZ^_Õ|Rv@@9Qx^MN0VmJ#qVeq&$6Ӑ gN!$?|3odTcBAnSC޻8`wZ0R;Wĸ#44j{Tw4`Lp>CNcn>) Kn+s7Y3%+,hN/}0E被Z apache+mod_ssl+mod_accel+mod_deflate+ipv6 apache+mod_ssl+mod_deflate apache+mod_ssl+mod_deflate+ipv6 apache+mod_ssl+mod_snmp apache+mod_ssl+mod_snmp+mod_accel apache+mod_ssl+mod_snmp+mod_accel+ipv6 apache+mod_ssl+mod_snmp+mod_deflate apache+mod_ssl+mod_snmp+mod_deflate+ipv6 apache+mod_ssl+mod_snmp+mod_accel+mod_deflate+ipv6 1.3.41+2.8.27_1.3.uwv?Z9Qx^]QMO0 =o"Ma(TBaHH >($蒒דvCDd?/ycZpr izFsxhkBYs6MR6VS% RB=+Opu=` p qZWKIg;>pg u"^[cA=sN1k."Z}1Q<3.449I4O') \+e) D i Mp&Nm) Jc@*>22;[v^D.Eyrguy}gw#uR`U7VzWYχ~נ`I|մ;w@Hxh9x^]Po >bZ0;oɒ]v[lPv+__AFb'd>ZCpI[:omY՟>~Y%lRjx w:iHMKn/MX8Gق\R 6b=DU?ndiMAT5-sS"Ϛ/\uJ 7Vv߶%n4 ֓A9(2(cbzVAabXBDmi? N(+n[g;L$pnoޫ08,V]M6u|Tq$H' I*wQvFi%aρb_@$@@"?x^mQA0 ]7ЛMWv ZbldE- !M&A<̣#8QęONs㇡sIr{ http://www.fetchmail.info/fetchmail-SA-2008-01.txt 2008-06-13 2008-06-20 xorgxorg-server 1.4.une/036026.html">

Several vulnerabilities have been found in the server-side code of some extensiol_?U9hx^J,1EWF #oz&jJg{+= E+["}ZϚӡl6.~/$O㈐h$ġD fa.!R} \]0P) +T%Xv_~N0P!5oQ*t"SsﻩQkY^C]cJςK%sIxІ;G0HvgJ4-]ʠlڛPԐme=Na3f}E5 {>9WNV

A Input passed in the URL to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.http://secunia.com/advisories/262488 2007-08-01 bbK@n> 'Px^UMn S7`;`M.Pti0X-v(^}{#E!yfGߔT;+f@(B1L-`C\q҆;p/FώWLo3'P$2n(ೌ K`/2"C}=E]sHLQ0H3Usnkr2҅"yCXw8PtRǪFit9yϜ+UWIݹMy@\;rU0 WmJ)u9Zcd_oF6A M.~@{po_y=t"R.wJ7쁨zN?_9yx^?O0g)Nq-mPȂX`(BH%'l'%;Bݻ&QRP[ҘT-rZ?|=(F xeg r|\),_kφ UB hx @YU' 3XiP@1LQ‹6oRi|q?=*ݢ)ě^cDȎ.uFs=Jm]3V5xk4%-:͋8 KI读pظ?,$QLHH쑫9rhߩ&_R clamav -- Freshclam HTTP Header Buffer Overflow Vulnerability clamav 0.800.88.2ge>200408262006050880/">

A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise  ~gRCVE-2003-1167 8915 http://www.securityfocus.com/archive/1/342736 http://www.henschelsoft.de/kpopup_en.html 2003-10-28 2006-02-07 cpio -- multiple vulnerabilities }S@D=MxddU sslConnectTimeout">

After certain slightly odd requests Squid crashes with a segmentation fault in sslConnectTimeout4731 CVE-2005-2796 sslConnectTimeout http://www.squid-cache.org/bugs/show_bug.cgi?id=1355 http://secunia.com/advisories/16674/ 2005-07-21QTX>W@,9x^uOk1)Ej!BK6tɚ}'k[(@&7<^gzeYg I1&^"N glF)k T֐iѲ!{$kHPIsB1A^&O"g␯g7_Ȁ  H@8Π+j"[) .*name>mozilla-gtk1 0\x~Vcgx^]R]N0|X\n(j+p$+N"8- 4άw3 'aN`udtP"U&D+yq@ P(\XFr\y:8АK0&߿,&'6&a2ťKpsL垗q/vørkwbKTs2ơ!FiG*OXf^ҞӹKdB$8 q̊o:?]|kZN^[ʷi'Ň~WaE{y<ŘA̳8E RZͫęlI3>ffc2PɫZΖWھZu 1tΗm$âOlzzRxVpU<#=257314 TA04-261A 4142402004-09-30 mozilla -- multiple heap buffer overflows thunderbird 0.7.3_1 1.8.a,21.8.a3_1nh G= 9x^5Mo0EWTCG E݁Rʞ3GG:_d=xcf%iP:\\`A +wK!m ~&fԋ; ɼT†JK9,I2ia#䪕Q2 zAn;MV289!NK-Qh ]