4509 matches found
Sendmail 8.118.12 Debugger - Arbitrary Code Execution (1)
Sendmail 8.118.12 Debugger - Arbitrary Code Execution 1 // source: https://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for...
Sendmail 8.118.12 Debugger - Arbitrary Code Execution (3)
Sendmail 8.118.12 Debugger - Arbitrary Code Execution 3 source: https://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for...
Sendmail 8.118.12 Debugger - Arbitrary Code Execution (4)
Sendmail 8.118.12 Debugger - Arbitrary Code Execution 4 source: https://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for...
glFTPd 1.x - LIST Denial of Service
glFTPd 1.x - LIST Denial of Service source: https://www.securityfocus.com/bid/3201/info glFtpD contains an input validation error that may allow a malicious user to cause a denial of service against a host running the daemon. The problem occurs when a specially crafted 'LIST' command is received ...
Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (2)
// source: https://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for processing arguments supplied from the command line wit...
Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (4)
source: https://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for processing arguments supplied from the command line with t...
Sendmail 8.11/8.12 Debugger - Arbitrary Code Execution (1)
// source: https://www.securityfocus.com/bid/3163/info An input validation error exists in Sendmail's debugging functionality. The problem is the result of the use of signed integers in the program's tTflag function, which is responsible for processing arguments supplied from the command line wit...
SuSE 6.36.47.0 sdb - Arbitrary Command Execution
SuSE 6.36.47.0 sdb - Arbitrary Command Execution source: https://www.securityfocus.com/bid/3208/info An input validation error exists in sdb, the SuSE Support Data Base. The problem exists in the sdbsearch.cgi script, which uses data directly from the 'Referer' header field from a HTTP request as...
phpBB 1.x - Page Header Arbitrary Command Execution
phpBB 1.x - Page Header Arbitrary Command Execution source: https://www.securityfocus.com/bid/3167/info An input validation error exists in phpBB, a freely available WWW forums package. The problem is due to improper validation of some variables in phpBB. It is possible for users registered with...
phpBB 1.x - Page Header Arbitrary Command Execution
source: https://www.securityfocus.com/bid/3167/info An input validation error exists in phpBB, a freely available WWW forums package. The problem is due to improper validation of some variables in phpBB. It is possible for users registered with the phpBB system to submit values for certain...
SSH2 3.0 - Short Password Login
SSH2 3.0 - Short Password Login source: https://www.securityfocus.com/bid/3078/info An input validation error exists in version 3.0.0 of the SSH daemon sshd running on Unix platforms. It may be possible for remote users to log in to accounts for which there are two or less characters in the...
eperl -- Remote code execution
David Madison reports: ePerl is a multipurpose Perl filter and interpreter program for Unix systems. The ePerl preprocessor contains an input validation error. The preprocessor allows foreign data to be "safely" included using the 'sinclude' directive. The problem occurs when a file referenced by...
Microburst uDirectory 2.0 - Remote Command Execution
Microburst uDirectory 2.0 - Remote Command Execution source: https://www.securityfocus.com/bid/2884/info uDirectory is an online directory and listing management system. An input validation error exists in uDirectory that may allow remote users to execute arbitrary commands on a host running the...
Microburst uDirectory 2.0 - Remote Command Execution
source: https://www.securityfocus.com/bid/2884/info uDirectory is an online directory and listing management system. An input validation error exists in uDirectory that may allow remote users to execute arbitrary commands on a host running the software. !/usr/bin/perl -w management, e-commerce...
new advisory
---=== UkR security team - Advisory ===--- uStorekeepertm Online Shopping System - Runtime Script - 'arbitrary file retreival' vulnerability Date: 03.04.2001 Problem: input validation error. Vulnerable products: ustorekeeper.pl version 1.61 probably others, but not tested Product vendor: Microbur...
advisory
---=== UkR security team - Advisory no. 11 ===--- Anaconda Clipper - 'arbitrary file retreival' vulnerability Date: 27.03.2001 Problem: input validation error. Vulnerable products: Anaconda Clipper ver. 3.3 probably others, but not tested Product vendor: Anaconda / http://www.anaconda.net Comment...
IBM NetCommerce Security
hola friends, while i was participating on the openhack contest i found a couple of serious security-holes within ibm s so called "netcommerce" thing which seems to be a mixture of websphere, net.data, servlets, jsp s and db2? however..summary: class: input validation error remote: yes local: yes...
ISC BIND 4 contains input validation error in nslookupComplain()
Overview The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS by the Internet Software Consortium ISC. There is a format string vulnerability in BIND 4.9.4 that may allow remote intruders to gain access to systems running BIND. Although BIND 4.9.x is no longer...
Input validation error in quikstore.cgi allows attackers to execute commands
Overview The quikstore shopping cart script contains an input validation error that allows attackers to execute commands on affected web servers. Description The quikstore.cgi script is written in Perl and provides its users with shopping cart software for e-commerce transactions. In November 200...
gbook.cgi.txt
Bug Report 1. Name: gbook.cgi remote command execution vulnerability 2. Release Date: 2000.11.10 3. Affected Application: GBook - A web site guestbook By Bill Kendrick [email protected] http://zippy.sonoma.edu/kendrick/ 4. Author: [email protected] 5. Type: Input validation Error 6...