Pirch IRC 98 Client - Malformed Link Buffer Overrun

Pirch IRC 98 Client - Malformed Link Buffer Overrun source: https://www.securityfocus.com/bid/5079/info Pirch is subject to a buffer overflow condition. The overrun occurs if a user receives on a maliciously constructed link. It is not confirmed whether the user must first click on the link or no...

[DER ADV#8] - Local off by one in CVSD

Local off by one overflow in CVSD. intro: the family of scanf functions scanf, sscanf, fscanf are generally insecure in usage and steps have been taken to make them more...secure you might say like adding bounds checking sscanfhey, ".4096s d", buffer, int but the function still remains quite...

Youngzsoft CMailServer 3.30/4.0 - Remote Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/4789/info CMailServer is vulnerable to a buffer overflow condition. It has been reported that the CMailServer does not perform proper bounds checking on the USER argument. It is possible for a remote malicious attacker to craft a request that will resu...

[NEWS] Lotus Domino Bindsock Notes_ExecDirectory Buffer Overflow Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion When was the last time you checked your server's security? How about a monthly report? http://www.AutomatedScanning.com - Know that you're...

IRIX nsd symlink vulnerability

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: IRIX nsd symlink vulnerability Number: 20020501-01-I Date: May 1, 2002 Reference: CAN-2002-0174 - ----------------------- - --- Issue Specifics --- - ----------------------- It has been reported that nsd was not checking the...

[NEWS] Lotus Domino Bindsock PATH Buffer Overflow Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion When was the last time you checked your server's security? How about a monthly report? http://www.AutomatedScanning.com - Know that you're...

Melange Chat System 2.0.2 Beta 2 - yell Remote Buffer Overflow

Melange Chat System 2.0.2 Beta 2 - yell Remote Buffer Overflow source: https://www.securityfocus.com/bid/4508/info Melange Chat System is a chat server program developed by Christian Walter. Currently support for this application is no longer available. Due to inadequate bounds checking in Melang...

Melange Chat System 2.0.2 Beta 2 - '/yell' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/4508/info Melange Chat System is a chat server program developed by Christian Walter. Currently support for this application is no longer available. Due to inadequate bounds checking in Melange, it is possible for users to initiate a buffer overflow...

File existance checking in Microsoft Internet Explorer

It's possible to check file existance with dynsrc property or with file:// URL in conjunction with javascript...

Icecast 1.x - AVLLib Buffer Overflow

Icecast 1.x - AVLLib Buffer Overflow // source: https://www.securityfocus.com/bid/4415/info Icecast is a freely available, open source streaming audio server. Icecast is available for the Unix, Linux, and Microsoft Windows platforms. Icecast does not properly check bounds on data sent from client...

Sambar Server 5.1 - Sample Script Denial of Service

Sambar Server 5.1 - Sample Script Denial of Service // source: https://www.securityfocus.com/bid/3885/info Sambar Server is a multi-threaded web server which will run on Microsoft Windows 9x/ME/NT/2000 operating systems. It is possible to cause a denial of service to Sambar Server by sending...

DNRD 1.x2.x - DNS RequestReply Denial of Service

DNRD 1.x2.x - DNS RequestReply Denial of Service source: https://www.securityfocus.com/bid/3928/info dnrd Domain Name Relay Daemon is a freely available, open-source proxy name server. It will run on a number of Unix and Linux distributions. There is a lack of sufficient bounds checking in DNS...

DNRD 1.x/2.x - DNS Request/Reply Denial of Service

source: https://www.securityfocus.com/bid/3928/info dnrd Domain Name Relay Daemon is a freely available, open-source proxy name server. It will run on a number of Unix and Linux distributions. There is a lack of sufficient bounds checking in DNS request and reply functions. As a result, it is...

Символьные линки в CDE dtlogin (symbolic links)

Создается файл /var/dt/Xerrors без проверки симваольных линков...

Microsoft Windows XP - HCP URI Buffer Overflow

Microsoft Windows XP - HCP URI Buffer Overflow source: https://www.securityfocus.com/bid/6802/info A buffer overrun vulnerability was reported for helpctr.exe. The vulnerability exists due to insufficient bounds checking on input supplied via the HCP URI parameter. An attacker can exploit this...

Microsoft Windows XP - HCP URI Buffer Overflow

source: https://www.securityfocus.com/bid/6802/info A buffer overrun vulnerability was reported for helpctr.exe. The vulnerability exists due to insufficient bounds checking on input supplied via the HCP URI parameter. An attacker can exploit this vulnerability by making a HCP request with an...

Обход проверки адреса IP в OpenSSH (protection bypass)

При определенной последовательности ключей в йале конфигурации не устанавливаются отдельные опции конфигурации на доступ с данным ключем...

CVE-2001-0338

Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List CRL checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."...

CVE-1999-1434

Slackware Linux 3.2–3.5 is affected by CVE-1999-1434: the login process does not properly handle the error when /etc/group is missing, failing to drop privileges and potentially assigning root privileges to any local user who logs in. The connected documents confirm the affected OS versions and t...

NetBSD Security Advisory 2001-015: Insufficient checking of lengths passed to kernel

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2001-015 ================================= Topic: Insufficient checking of lengths passed from userland to kernel Version: NetBSD-current: source prior to August 5, 2001 NetBSD-1.5.1: affected NetBSD-1.5: affected NetBSD-1.4.: affected...