95 matches found
lighttpd -- DOS when access files with mtime 0
Lighttpd SA: Lighttpd caches the rendered string for mtime. The cache key has as a default value 0. At that point the pointer to the string are still NULL. If a file with an mtime of 0 is requested it tries to access the pointer and crashes. The bug requires that a malicious user can either uploa...
Debian DSA-975-1 : nfs-user-server - buffer overflow
Marcus Meissner discovered that attackers can trigger a buffer overflow in the path handling code by creating or abusing existing symlinks, which may lead to the execution of arbitrary code. This vulnerability isn't present in the kernel NFS server. This update includes a bugfix for attribute...
[SECURITY] [DSA 1106-1] New ppp packages fix privilege escalation
-------------------------------------------------------------------------- Debian Security Advisory DSA 1106-1 [email protected] http://www.debian.org/security/ Martin Schulze July 10th, 2006 http://www.debian.org/security/faq -...
DSA-1106 ppp - programming error
Bulletin has no description...
USN-278-1: gdm vulnerability
Marcus Meissner discovered a race condition in gdm's handling of the /.ICEauthority file permissions. A local attacker could exploit this to become the owner of an arbitrary file in the system. When getting control over automatically executed scripts like cron jobs, the attacker could eventually...
DSA-1023-1 kaffeine - buffer overflow
Bulletin has no description...
DSA-975-1 nfs-user-server - buffer overflow
Bulletin has no description...
DSA-806-1 gcvs - insecure temporary files
Bulletin has no description...
DSA-802-1 cvs - insecure temporary files
Bulletin has no description...
imlib2 -- BMP decoder buffer overflow
Marcus Meissner discovered that imlib2's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. There appears to be both a stack-based and a heap-based buffer overflow that are believed to be exploitable for arbitrary code executio...
imlib -- BMP decoder heap buffer overflow
Marcus Meissner discovered that imlib's BMP decoder would crash when loading the test BMP file created by Chris Evans for testing the previous Qt vulnerability. It is believed that this bug could be exploited for arbitrary code execution...
CVE-2002-0434
The CVE-2002-0434 issue centers on the directory.php script by Marcus S. Xenakis, which allows remote attackers to execute arbitrary commands via shell metacharacters in the dir parameter. Connected sources (OpenVAS NASL and Tenable plugin) confirm a remote command-execution vulnerability in the ...
Marcus Xenakis directory.php Execute Arbitrary Commands
The 'directory.php' file is installed. 1. This tool allows anybody to read any directory. 2. It is possible to execute arbitrary code with the rights of the HTTP server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; ifdescription...
CVE-2001-1214
CVE-2001-1214 : The Unix Manual PHP script (manual.php) from Marcus S. Xenakis Unix Manual 1.0 allows remote code execution by supplying a URL with shell metacharacters. The CERT/CC entry confirms that manual.php does not adequately validate input before passing it to the shell, enabling remote c...
Marcus S. Xenakis "directory.php" allows arbitrary code execution
------------------------------------------------------------ itcp advisory 3 [email protected] http://www.it-checkpoint.net/advisory/3.html March 10th, 2002 ------------------------------------------------------------ Marcus S. Xenakis "directory.php" allows arbitrary code execution...