CVE-2009-0839

Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action...

CVE-2009-0841

Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. dot dot in the id parameter...

Fedora Update for mapserver FEDORA-2007-2018

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

Fedora Update for mapserver FEDORA-2007-2018

Check for the Version of mapserver OpenVAS Vulnerability Test Fedora Update for mapserver FEDORA-2007-2018 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under th...

Debian: Security Advisory (DSA-1539-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian Security Advisory DSA 1539-1 (mapserver)

The remote host is missing an update to mapserver announced via advisory DSA 1539-1. OpenVAS Vulnerability Test $Id: deb15391.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 1539-1 mapserver Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Debian DSA-1539-1 : mapserver - several vulnerabilities

Chris Schmidt and Daniel Morissette discovered two vulnerabilities in mapserver, a development environment for spatial and mapping applications. The Common Vulnerabilities and Exposures project identifies the following two problems : - CVE-2007-4542 Lack of input sanitizing and output escaping in...

[SECURITY] [DSA 1539-1] New mapserver packages fix multiple vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1539-1 [email protected] http://www.debian.org/security/ Devin Carraway April 04, 2008 http://www.debian.org/security/faq -...

DSA-1539-1 mapserver - multiple vulnerabilities

Bulletin has no description...

Fedora 7 : mapserver-4.10.3-2.fc7 (2007-2018)

Thu Aug 30 2007 Oliver Falk 4.10.3-2 - Add fix to include libmapserver in some places, instead of libmap, that doesn't exist anymore - Thu Aug 30 2007 Oliver Falk 4.10.3-1 - Update to fix bz256561, CVE-2007-4542 Note that Tenable Network Security has extracted the preceding description block...

MapServer远程栈溢出及跨站脚本漏洞

BUGTRAQ ID: 25582 CVECAN ID: CVE-2007-4542,CVE-2007-4629 MapServer是一个开源的开发环境，是基于CGI的通过万维网来传输动态GIS与图像的应用程序。 MapServer处理用户数据时存在多个安全漏洞，远程攻击者可能利用此漏洞导致缓冲区溢出或跨站脚本执行。 MapServer的maptemplate.c文件中的processLine函数及mapserv.c文件中的writeError函数没有正确验证某些参数便返回给了用户，这允许远程攻击者通过跨站脚本攻击注入并执行任意HTML和脚本代码。...

MapServer Multiple Remote Vulnerabilities

The remote host is running MapServer, an open source internet map server. The installed version of MapServer is affected by multiple cross-site scripting vulnerabilities and to a buffer overflow vulnerability. To exploit those flaws an attacker needs to send specially crafted requests to the...

[SECURITY] Fedora 7 Update: mapserver-4.10.3-2.fc7

Mapserver is an internet mapping program that converts GIS data to map images in real time. With appropriate interface pages, Mapserver can provide an interactive internet map based on custom GIS data...

CVE-2007-4629

Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name...

DEBIAN-CVE-2007-4629

Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name...

CVE-2007-4629

Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name...

Buffer overflow

Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name...

CVE-2007-4629

CVE-2007-4629 describes a stack-based buffer overrun in MapServer’s template handling (processLine in maptemplate.c) that can be triggered by a mapfile with long layer/group/metadata entry names. It affects MapServer before 4.10.3 and can allow a remote attacker to execute arbitrary code with the...

CVE-2007-4629

Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name...

CVE-2007-4629

Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name...