Mandrake 7/8/9 / RedHat 6.x/7 Bonobo EFSTool - Commandline Argument Buffer Overflow (2)

source: https://www.securityfocus.com/bid/5125/info Bonobo is a set of tools and CORBA interfaces included as part of the Gnome infrastructure. It is designed for use on the Linux and Unix operating systems. A boundry condition error has been discovered in the efstool program. Due to improper...

Interbase 6.0 - GDS_Drop Interbase Environment Variable Buffer Overflow (2)

Interbase 6.0 - GDSDrop Interbase Environment Variable Buffer Overflow 2 // source: https://www.securityfocus.com/bid/5044/info Interbase is a database distributed and maintained by Borland. It is available for Unix and Linux operating systems. A buffer overflow has been discovered in the gdsdrop...

Microsoft Remote Access Service API contains additional buffer overflow vulnerability via phonebook entries

Overview The Microsoft Remote Access Service API contains a vulnerability that allows local attackers to execute arbitrary code with system privileges. Description The Microsoft Remote Access Service RAS Application Programming Interface API allows Windows programs to make dial-up connections to...

CVE-2002-0219

Buffer overflow in 1 sastcpd in SAS/Base 8.0 and 8.1 or 2 objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via large command line argument...

CVE-2002-0239

Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the 1 -fn, 2 -hfb, or 3 -hfn argument...

CVE-2002-1602

Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVEBRAILLE is defined, allows local users to execute arbitrary code...

CVE-2002-0132

Buffer overflow in Chinput 3.0 allows local users to execute arbitrary code via a long HOME environment variable...

AZL-36938 CVE-2002-0130 affecting package efax 0.9a-34

Buffer overflow in efax 0.9 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -x argument...

Webmin 0.x - Code Input Validation

Webmin 0.x - Code Input Validation source: https://www.securityfocus.com/bid/4329/info Webmin is a web-based interface for system administration of Unix and Linux operating systems. Webmin does not filter script code from output that may be displayed by the web interface, such as log files, etc...

CVE-2001-1164

CVE-2001-1164 affects UnixWare 7, specifically the uucp utilities (uucp, uux, bnuconvert, uucico, uuxcmd, uuxqt). The issue is a buffer overflow triggered by long command-line arguments, allowing a local attacker to run arbitrary code. CVSS v2 base score is 7.2 (HIGH) with LOCAL attack vector, LO...

CVE-2002-0125

Buffer overflow in ClanLib library 0.5 may allow local users to execute arbitrary code in games that use the library, such as 1 Super Methane Brothers, 2 Star War, 3 Kwirk, 4 Clankanoid, and others, via a long HOME environment variable...

CVE-2001-0551

Buffer overflow in CDE Print Viewer dtprintinfo allows local users to execute arbitrary code by copying text from the clipboard into the Help window...

CVE-2001-1034

CVE-2001-1034 describes format-string vulnerabilities in HylaFAX. HylaFAX components affected include faxrm, faxalter, faxgetty, faxwatch, and hfaxd; the root cause is unchecked input used as a format string, enabling local privilege escalation or denial of service in some configurations. Debian ...

CVE-2001-1553

Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options 1 socksserver, 2 socksuser, and 3 sockspasswd. NOTE: since the default configuration of setiathome is not setuid, perhaps this issue should not be...

CVE-2001-1561

Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long 1 -name and 2 -T arguments...

CVE-2001-1576

Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument...

CVE-2001-1582

Buffer overflow in the LDAP naming services library libsldap in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAPOPTIONS environment variable to a privileged program that uses libsldap...

CDE dtprintinfo contains local buffer overflow in Help window via clipboard copy

Overview The CDE Print Viewer program dtprintinfo provides a graphical interface display the status of print queues and print jobs. By using the clipboard to overflow the search field in the Help window of dtprintinfo, a local attacker can execute arbitrary code on the system as root. Description...

CVE-2001-0920

Format string vulnerability in auto nice daemon AND 1.0.4 and earlier allows a local user to possibly execute arbitrary code via a process name containing a format string...

DEBIAN-CVE-2001-0735

Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOWLINEPARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file...