136 matches found
WS_FTP FTPD "STAT"command overflow parsing-vulnerability warning-the black bar safety net
The following analysis is based on the WSFTP Server 4.0.1. EVAL 4 7 1 5 6 3 1 4version, only the analysis of the“STAT”command overflow . In fact, WSFTP in processing STAT command, many places are length of the judgment, however, there is a place he has been missed, Well, our chance came.:...
DEBIAN-CVE-2009-1759
Stack-based buffer overflow in the btFiles::BuildFromMI function trunk/btfiles.cpp in Enhanced CTorrent aka dTorrent 3.3.2 and probably earlier, and CTorrent 1.3.4, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a Torrent file containing a long...
LHA Buffer Overflow Vulnerability with lack of Path Length Validation
Overview LHA is vulnerable to buffer overflow due to improper handling of a pathname in the LHarc Format 2 header for an .LHZ archive. Impact An remote attacker coulf execute arbitrary code. Solution Please refer to the 'Vendor Information' section for official remediation and take appropriate...
Fedora 8 : krb5-1.6.2-14.fc8 (2008-2647)
This update incorporates fixes included in MITKRB5-SA-2008-001 use of uninitialized pointer / double-free in the KDC when v4 compatibility is enabled and MITKRB5-SA-2008-002 incorrect handling of high-numbered descriptors in the RPC library. This update also incorporates less-critical fixes for a...
DEBIAN-CVE-2006-4262
Multiple buffer overflows in cscope 15.5 and earlier allow user-assisted attackers to cause a denial of service crash and possibly execute arbitrary code via multiple vectors including 1 a long pathname that is not properly handled during file list parsing, 2 long pathnames that result from path...
TFTP Packet Buffer Overflow
libcurl uses the given file part of a TFTP URL in a manner that allows a malicious user to overflow a heap-based memory buffer due to the lack of boundary check. This overflow happens if you pass in a URL with a TFTP protocol prefix "tftp://", using a valid host and a path part that is longer tha...
DSA-624-1 zip - buffer overflow
Bulletin has no description...
smallftpd buffer overflow
Buffer overflow on large number of / in the path...
SECURITY.NNOV: Far buffer overflow
Title: Buffer overflow in Far Manager Affected: Far Manager 1.70beta1 and prior saved EIP overflow 1.70beta4 off-by-one frame pointer overflow Vendor: RARSoft Risk: Average local code execution Exploitable: Yes Remote: No Vendor Notified: January, 30 2003 I. Introduction: FAR is most convinient...
Buffer overflow in Far Manager
Title: Buffer overflow in Far Manager Author: ZARAZA Affected: Far Manager 1.70beta1 and prior saved EIP overflow 1.70beta4 off-by-one frame pointer overflow Vendor: RARSoft Risk: Average local code execution Exploitable: Yes Remote: No Vendor Notified: January, 30 2003 I. Introduction: FAR is mo...
Microsoft Windows NT 4.02000 - NTFS File Hiding
Microsoft Windows NT 4.02000 - NTFS File Hiding source: https://www.securityfocus.com/bid/3989/info There exists a condition in Microsoft Windows operating systems using NTFS that may allow for files to be hidden. Though the NTFS filesystem allows for a 32000 character path, Microsoft Windows...
Apache 1.3.61.3.91.3.111.3.121.3.20 - Root Directory Access
Apache 1.3.61.3.91.3.111.3.121.3.20 - Root Directory Access source: https://www.securityfocus.com/bid/1284/info Apache HTTP Server 1.3.x win32 allows people to get a directory listing of a directory, if it is enabled in the config, even if an index file is present that would normally be displayed...
ProFTPd 1.2 pre1pre2pre3pre4pre5 - Remote Buffer Overflow (2)
ProFTPd 1.2 pre1pre2pre3pre4pre5 - Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/612/info The vulnerability in 1.2pre1, 1.2pre3 and 1.2pre3 is a remotely exploitable buffer overflow, the result of a sprintf in the logxfer routine in src/log.c. The vulnerability in 1.2pre4 ...
windows98.bof.txt
Date: Mon, 15 Feb 1999 17:59:13 -0500 From: Ervin Fried To: [email protected] Subject: Re: Win98 Buffer Overflow File attached my .02$: Explorer has bugs in handling files with pathname longer than or equal to the documented max and files with components that exceed other maximums. CreateFile...
activeperl.516.dos.txt
Date: Mon, 31 May 1999 07:16:53 -0700 From: Michael Smith To: [email protected] Subject: ActiveState Security Advisory Problem -------- PerlScript and Perl-ISAPI that come with ActivePerl 516 and earlier versions, inadequately check the length of path information sent to open. Due ...
ProFTPd 1.2 pre1pre2pre3pre4pre5 - Remote Buffer Overflow (1)
ProFTPd 1.2 pre1pre2pre3pre4pre5 - Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/612/info The vulnerability in 1.2pre1, 1.2pre3 and 1.2pre3 is a remotely exploitable buffer overflow, the result of a sprintf in the logxfer routine in src/log.c. The vulnerability in 1.2pre4 ...