Unixware/Open Unix rcp DoS

rcp of /prog causes system to hang...

CVE-2002-1016

CVE-2002-1016 concerns the Adobe eBook Reader. Local users can bypass DRM restrictions on copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the originals. The root cause is how the DRM-enabled workflow handles key data files, enabling ci...

CVE-2002-1016

Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files...

UoW IMAPd Server 10.23412.264 - Remote Buffer Overflow

UoW IMAPd Server 10.23412.264 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/1110/info A buffer overflow exists in imapd. The vulnerability exists in the list command. By supplying a long, well-crafted string as the second argument to the list command, it becomes possible t...

CVE-2002-0773

The CVE-2002-0773 entry describes a vulnerability in imp_rootdir.asp for Hosting Controller that enables remote attackers to copy or delete arbitrary files and directories by issuing a direct request to imp_rootdir.asp and altering parameters (1) ftp, (2) owwwPath, and (3) oftpPath). Affected sof...

Microsoft SQL Server 2000 - Password Encrypt procedure Buffer Overflow

Microsoft SQL Server 2000 - Password Encrypt procedure Buffer Overflow source: https://www.securityfocus.com/bid/5014/info A buffer overflow vulnerability has been reported in SQL Server 2000. The vunerability is a result of an unchecked buffer when using the password encrypt procedure. This...

Microsoft SQL Server 2000 - Password Encrypt procedure Buffer Overflow

source: https://www.securityfocus.com/bid/5014/info A buffer overflow vulnerability has been reported in SQL Server 2000. The vunerability is a result of an unchecked buffer when using the password encrypt procedure. This procedure is used by administrators to provides support for the storage of...

QNX RTOS 6.1 - 'PKG-Installer' Local Buffer Overflow

/ source: https://www.securityfocus.com/bid/4918/info It has been reported that the pkg-installer utility for QNX is vulnerable to a buffer overflow condition. The vulnerability is a result of an unbounded string copy of the argument to the "-U" commandline option of pkg-installer to a local...

CVE-2001-1541

Buffer overflow in Unix-to-Unix Copy Protocol UUCP in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument...

ActivePerl 5.6.1 - perlIIS.dll Remote Buffer Overflow (1)

ActivePerl 5.6.1 - perlIIS.dll Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/3526/info ActivePerl is an implementation of the Perl scripting language for Microsoft Windows systems developed by Activestate. ActivePerl allows for high-performance integration with IIS using a...

Progress Database vulnerabilities

strcpy and pstcopy dbutpstcopy are BAD!@@!$! you need to make use of strncpy or invent pstncopy This is straight from the unix man pages for strcpy NAME strcpy, strncpy - copy a string SYNOPSIS include string.h char strcpychar dest, const char src; BUGS If the destination string of a strcpy is no...

FreeBSD 4.2-stable - FTPd 'glob()' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/2548/info The BSD ftp daemon and derivatives such as IRIX ftpd or the ftp daemon shipped with Kerberos 5 contain a number of buffer overflows that may lead to a compromise of root access to malicious users. During parsing operations, the ftp daemon assume...

CVE-2000-1178

Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes...

PT-2001-1011 · Joe · Joe

Name of the Vulnerable Software and Affected Versions: joe affected versions not specified Description: The issue allows local users to overwrite the files of other users whose joe session crashes, due to the joe text editor following symbolic links when creating a rescue copy called DEADJOE duri...

DEBIAN-CVE-2000-0992

Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. dot dot attack...

PT-2000-1902 · Openssh +1 · Sshd +1

Name of the Vulnerable Software and Affected Versions: sshd versions 1.2.xx Description: A directory traversal issue in the scp component of sshd allows a remote malicious scp server to overwrite arbitrary files using a .. dot dot attack. Recommendations: For sshd versions 1.2.xx, consider...

AOL Instant Messenger 3.5.1856/4.0/4.1.2010/4.2.1193 - 'aim://' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/2118/info AOL Instant Messenger AIM is a real time messaging service for users that are on line. When AOL Instant Messenger is installed, by default it configures the system so that the aim: URL protocol connects aim:// urls to the AIM client. There exist...

Microsoft SQL Server 7.02000 Data Engine 1.02000 - xp_showcolv Buffer Overflow

Microsoft SQL Server 7.02000 Data Engine 1.02000 - xpshowcolv Buffer Overflow // source: https://www.securityfocus.com/bid/2038/info The API Srvparaminfo, which is implemented by Extended Stored Procedures XPs in Microsoft SQL Server and Data Engine, is susceptible to a buffer overflow...

Microsoft SQL Server 7.02000 Data Engine 1.02000 - xp_peekqueue Buffer Overflow

Microsoft SQL Server 7.02000 Data Engine 1.02000 - xppeekqueue Buffer Overflow // source: https://www.securityfocus.com/bid/2040/info The API Srvparaminfo, which is implemented by Extended Stored Procedures XPs in Microsoft SQL Server and Data Engine, is susceptible to a buffer overflow...

Microsoft SQL Server 7.0/2000 / Data Engine 1.0/2000 - xp_displayparamstmt Buffer Overflow

// source: https://www.securityfocus.com/bid/2030/info The API Srvparaminfo, which is implemented by Extended Stored Procedures XPs in Microsoft SQL Server and Data Engine, is susceptible to a buffer overflow vulnerability which may cause the application to fail or arbitrary code to be executed o...