CVE-2010-0935

Perforce Server 2009.2 and earlier, when the protection table is empty, allows remote authenticated users to obtain super privileges via a "p4 protect" command...

CVE-2010-0933

Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to create arbitrary files via a .. dot dot in the argument to the "p4 add" command...

CVE-2010-0931

The Perforce service p4s.exe in Perforce Server 2008.1 allows remote attackers to cause a denial of service daemon crash via crafted data, possibly involving a large sndbuf value...

CVE-2010-0935

Perforce Server 2009.2 and earlier allows remote authenticated users to obtain super privileges via a “p4 protect” command when the protection table is empty. Root cause: empty protection table enables privilege escalation. Impact: potential full administrative access. No remediation or patch det...

CVE-2010-0934

CVE-2010-0934 affects Perforce Server 2008.1, where the triggers functionality can be abused by remote authenticated users with super privileges to execute arbitrary operating-system commands via a p4 client invocation combined with the form-in trigger script. The Red Hat, NVD, and OpenVAS record...

CVE-2010-0933

The vulnerability CVE-2010-0933 affects Perforce Server 2008.1 and is a directory traversal flaw that allows remote authenticated users to create arbitrary files by supplying a .. (dot dot) sequence in the argument to the p4 add command. Core details consistently reported across sources (NVD, Red...

CVE-2010-0932

The CVE-2010-0932 entry concerns Perforce Server 2008.1, where the FTP server component is vulnerable to a denial of service via a crafted MKD command that triggers a NULL pointer dereference and daemon crash. The cited Red Hat and NVD records confirm the same description and indicate the impact ...

CVE-2010-0931

CVE-2010-0931 affects Perforce Server 2008.1 (p4s.exe) and causes a denial of service (daemon crash) when processing crafted data, possibly involving a large sndbuf value. No explicit fixes or mitigation are provided in the documents; exploitation details are not described.

CVE-2010-0930

The vulnerability CVE-2010-0930 affects Perforce Server 2008.1 (p4s.exe). A crafted data sequence containing 0xDC 0xFF 0xFF 0xFF immediately before the client protocol version number can cause a denial of service (infinite loop). Connected sources consistently describe this as a DoS caused by tha...

CVE-2010-0929

CVE-2010-0929 affects Perforce Server 2008.1 (p4s.exe) and is a remote denial-of-service vulnerability triggered by crafted data beginning with the byte sequence 0x4C, 0xB3, 0xFF, 0xFF, 0xFF. The Perforce service may crash a daemon when processing such input, per multiple sources. The available d...

CVE-2010-0934

The triggers functionality in Perforce Server 2008.1 allows remote authenticated users with super privileges to execute arbitrary operating-system commands by using a "p4 client" command in conjunction with the form-in trigger script...

Perforce Multiple Unspecified Remote Security Vulnerabilities

Perforce Server is prone to multiple unspecified remote security vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if descriptio...

Perforce Multiple Unspecified Remote Security Vulnerabilities

Perforce Server is prone to multiple unspecified remote security vulnerabilities, including: - Multiple unspecified denial-of-service vulnerabilities. - An unspecified vulnerability. An attacker can exploit these issues to crash the affected application, denying service to legitimate users. Other...

Perforce Detection

This host is running an Perforce Server. The Perforce Server, P4D, manages access to versioned files, tracks user operations and records all activity in a centralized database. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

CVE-2008-1338

The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a server-DiffFile command with an integer value within a certain range, which causes a loop until all memory is exhausted...

Command injection

The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a server-DiffFile command with an integer value within a certain range, which causes a loop until all memory is exhausted...

CVE-2008-1338

The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a server-DiffFile command with an integer value within a certain range, which causes a loop until all memory is exhausted...

CVE-2008-1338

CVE-2008-1338 concerns the Perforce Server (p4s.exe) in versions 2007.3/143793 and earlier. A remote attacker can trigger a denial of service (daemon crash) by issuing a server-DiffFile command with an integer value in a certain range, which causes a loop that exhausts memory. The available sourc...

CVE-2008-1303

The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a missing parameter to the 1 dm-FaultFile, 2 dm-LazyCheck, 3 dm-ResolvedFile, 4 dm-OpenFile, 5 crypto, and possibly unspecified other commands, which...

CVE-2008-1302

The Perforce service p4s.exe in Perforce Server 2007.3/143793 and earlier allows remote attackers to cause a denial of service daemon crash via a 1 server-DiffFile or 2 server-ReleaseFile command with a large integer value, which is used in an array initialization calculation, and leads to invali...