[CLA-2001:427] Conectiva Linux Security Announcement - mod_auth_pgsql
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CONECTIVA LINUX SECURITY ANNOUNCEMENT PACKAGE : mod_auth_pgsql SUMMARY : Remote vulnerability allows an attacker to bypass authentication DATE : 2001-09-28 11:26:00 ID : CLA-2001:427 RELEVANT RELEASES : 4.0, 4.0es, 4.1, 4.2, 5.0,...
AI Score
[ASGUARD-LABS] glFTPD v1.23 DOS Attack
-00 ASGUARD LABS ADVISORY 00- :Summary: Release Date : 2001-08-17 Affected : glFTPD for Linux v1.23 / glFTPD BSD v1.23 bins Not Affected : glFTPD for Linux v1.24 / glFTPD BSD v1.24 bins Attack Type : Denial Of Service Credits to ...
0.7AI Score
AI Score
7.4AI Score
EPSS
-0.3AI Score
Netscape 4.76 gif comment flaw
Product: Netscape Navigator/Communicator Tested on: 4.76 (on Linux and Win98/NT) Vendor Contact: Reported 2001-03-22 { Problem }-------------------------------------------------------- Overview: The Netscape browser does not escape the gif file comment in the image information page. This...
-0.3AI Score
Here is a possible bug in rcp; since I think it calls system(). I haven't had much time to play with this, because exama are coming up. It is negated because system() calls /bin/cp which with the newer versions of bash, it drops it's effective credientals... $ ls -alF which rcp -rwsr-xr-x 1 ...
1.5AI Score
On Wed, Nov 22, 2000 at 09:11:20AM +1100, Andrew Griffiths wrote: > Here is a possible bug in rcp; since I think it calls system(). I > haven't had much time to play with this, because exama are coming up. > > It is negated because system() calls /bin/cp which with the newer > versio...
1.4AI Score
Microsoft Internet Explorer 5.5 ASCII equivalent of "%01" security vulnerability....
The following security vulnerability has been found in Microsoft Internet Explorer version 5.5 When "" (an undisplayable character, which is eaqual to the 1st caharacter in ASCII table - after the 0th...) inserted in some strategic position in Javascript code ,it is possible to access to...
AI Score
IE5.5 window.externalNavigateAndFind security vulnerability....
Multiple security vulnerabilities found in window.external.NavigateAndFind function in IE5.5... After the most recent patches applied the vulnerabilities seem to persist.. Actually there is no current issues discussed at microsft website... Microsoft has been notified about the problem via ...
-0.4AI Score
WuFTPD: Providing *remote* root since at least1994
/ - wuftpd2600.c * VERY PRIVATE VERSION. DO NOT DISTRIBUTE. 15-10-1999 * * WUFTPD 2.6.0 REMOTE ROOT EXPLOIT * by tf8 * * NOTE: For ethical reasons, only an exploit for 2.6.0 will be * released (2.6.0 is the most popular version nowadays), and it * should suffice to proof this...
0.1AI Score
Problem Splitvt 1.6.3 contains a buffer overflow, if you have installed splitvt suid root (like Debian/Redhat/etc, btw not slackware) you should upgrade to 1.6.4. Solution Debian users: see http://www.debian.org/security/2000/20000605a Redhat: Redhat did respond with a "that package comes from our....
-0.5AI Score
Sam Lantinga splitvt 1.6.3 - Local Buffer Overflow
Sam Lantinga splitvt 1.6.3 - Local Buffer...
AI Score
7.4AI Score
EPSS
I searched the archives and did not find this one. Program : fdmount Version : 0.8 OS : linux Slackware 7.0 (maybe others) This program is normally only executable by members of group 'floppy' and installed suid-root by default. Bug Details: void msg(char *text,...) { char buff[80]; ...
1.8AI Score
Re: Denial of Service in Xitami webserver all versions...
Xitami also has an overflow in one of the default example CGI programs that it comes with. http://server.com/cgi-bin/TESTCGI.EXE bla bla bla overflow argv fun. Signed, Marc eEye Digital Security http://www.eEye.com "Its a bullshit, three ring, circus sideshow. The only way to fix it is to flush it....
0.8AI Score
7.4AI Score
EPSS
WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite (1)
WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite...
0.3AI Score
-0.1AI Score
-0.4AI Score
-0.3AI Score
Microsoft Internet Explorer 5.0.1 - Invalid Byte Cross-Frame Access
Microsoft Internet Explorer 5.0.1 - Invalid Byte Cross-Frame...
0.1AI Score
7.4AI Score
EPSS
7.4AI Score
EPSS
1AI Score