Lucene search
K

95 matches found

FreeBSD
FreeBSD
added 2007/01/14 12:0 a.m.21 views

lighttpd -- DOS when access files with mtime 0

Lighttpd SA: Lighttpd caches the rendered string for mtime. The cache key has as a default value 0. At that point the pointer to the string are still NULL. If a file with an mtime of 0 is requested it tries to access the pointer and crashes. The bug requires that a malicious user can either uploa...

7.8CVSS6.5AI score0.02716EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2006/10/14 12:0 a.m.31 views

Debian DSA-975-1 : nfs-user-server - buffer overflow

Marcus Meissner discovered that attackers can trigger a buffer overflow in the path handling code by creating or abusing existing symlinks, which may lead to the execution of arbitrary code. This vulnerability isn't present in the kernel NFS server. This update includes a bugfix for attribute...

4.6CVSS6AI score0.00492EPSS
Exploits0References3
Debian
Debian
added 2006/07/10 6:21 a.m.65 views

[SECURITY] [DSA 1106-1] New ppp packages fix privilege escalation

-------------------------------------------------------------------------- Debian Security Advisory DSA 1106-1 [email protected] http://www.debian.org/security/ Martin Schulze July 10th, 2006 http://www.debian.org/security/faq -...

7.2CVSS5.9AI score0.00398EPSS
Exploits1
OSV
OSV
added 2006/07/10 12:0 a.m.13 views

DSA-1106 ppp - programming error

Bulletin has no description...

7.2CVSS6.3AI score0.00398EPSS
Exploits1
Ubuntu
Ubuntu
added 2006/05/04 1:35 a.m.49 views

USN-278-1: gdm vulnerability

Marcus Meissner discovered a race condition in gdm's handling of the /.ICEauthority file permissions. A local attacker could exploit this to become the owner of an arbitrary file in the system. When getting control over automatically executed scripts like cron jobs, the attacker could eventually...

3.7CVSS5.6AI score0.00272EPSS
Exploits0
OSV
OSV
added 2006/04/05 12:0 a.m.14 views

DSA-1023-1 kaffeine - buffer overflow

Bulletin has no description...

5.1CVSS6AI score0.03493EPSS
Exploits0
OSV
OSV
added 2006/02/15 12:0 a.m.21 views

DSA-975-1 nfs-user-server - buffer overflow

Bulletin has no description...

4.6CVSS6.7AI score0.00492EPSS
Exploits0
OSV
OSV
added 2005/09/09 12:0 a.m.19 views

DSA-806-1 gcvs - insecure temporary files

Bulletin has no description...

4.6CVSS6AI score0.00443EPSS
Exploits0
OSV
OSV
added 2005/09/07 12:0 a.m.16 views

DSA-802-1 cvs - insecure temporary files

Bulletin has no description...

4.6CVSS6AI score0.00443EPSS
Exploits0
FreeBSD
FreeBSD
added 2004/08/31 12:0 a.m.32 views

imlib2 -- BMP decoder buffer overflow

Marcus Meissner discovered that imlib2's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. There appears to be both a stack-based and a heap-based buffer overflow that are believed to be exploitable for arbitrary code executio...

5.1CVSS7.3AI score0.0343EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2004/08/25 12:0 a.m.28 views

imlib -- BMP decoder heap buffer overflow

Marcus Meissner discovered that imlib's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. It is believed that this bug could be exploited for arbitrary code execution...

7.5CVSS7AI score0.04871EPSS
Exploits0References1
CVE
CVE
added 2002/06/11 4:0 a.m.43 views

CVE-2002-0434

The CVE-2002-0434 issue centers on the directory.php script by Marcus S. Xenakis, which allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter. Connected sources (OpenVAS NASL and Tenable plugin) confirm a remote command-execution vulnerability in the ...

10CVSS7.6AI score0.03354EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2002/06/07 12:0 a.m.24 views

Marcus Xenakis directory.php Execute Arbitrary Commands

The 'directory.php' file is installed. 1. This tool allows anybody to read any directory. 2. It is possible to execute arbitrary code with the rights of the HTTP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...

10CVSS6AI score0.03354EPSS
Exploits0References1
CVE
CVE
added 2002/03/15 5:0 a.m.43 views

CVE-2001-1214

CVE-2001-1214 : The Unix Manual PHP script (manual.php) from Marcus S. Xenakis Unix Manual 1.0 allows remote code execution by supplying a URL with shell metacharacters. The CERT/CC entry confirms that manual.php does not adequately validate input before passing it to the shell, enabling remote c...

7.5CVSS7.7AI score0.03646EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2002/03/13 12:0 a.m.202 views

Marcus S. Xenakis "directory.php" allows arbitrary code execution

------------------------------------------------------------ itcp advisory 3 [email protected] http://www.it-checkpoint.net/advisory/3.html March 10th, 2002 ------------------------------------------------------------ Marcus S. Xenakis "directory.php" allows arbitrary code execution...

2AI score
Exploits0
Rows per page
Query Builder