Lucene search
K

428 matches found

FreeBSD
FreeBSD
added 2005/01/18 12:0 a.m.15 views

newsfetch -- server response buffer overflow vulnerability

The newsfetch program uses the sscanf function to read information from server responses into static memory buffers. Unfortunately this is done without any proper bounds checking. As a result long server responses may cause an overflow when a newsgroup listing is requested from an NNTP server...

2.3AI score
Exploits0References1
NVD
NVD
added 2004/12/31 5:0 a.m.17 views

CVE-2004-2277

Buffer overflow in aGSM Half-Life client allows remote Half-Life servers to cause a denial of service crash and possibly execute arbitrary code via a long server response...

5CVSS7.9AI score0.05745EPSS
Exploits1References6
FreeBSD
FreeBSD
added 2004/11/23 12:0 a.m.11 views

ProZilla -- server response buffer overflow vulnerabilities

Buffer overflow vulnerabilities have been reported to exist in this software package. The vulnerabilities can be triggered by a remote server and can be used to inject malicious code in the ProZilla process...

10CVSS3.7AI score0.14638EPSS
Exploits1References3
Gentoo Linux
Gentoo Linux
added 2004/11/16 12:0 a.m.15 views

BNC: Buffer overflow vulnerability

Background BNC BouNCe is an IRC proxy server. Description Leon Juranic discovered that BNC fails to do proper bounds checking when checking server response. Impact An attacker could exploit this to cause a Denial of Service and potentially execute arbitary code with the permissions of the user...

4.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/11/11 12:0 a.m.11 views

BNC < 2.9.1 getnickuserhost IRC Server Response Buffer Overflow

Binary data 2403.prm...

10CVSS7.3AI score0.03577EPSS
Exploits0References1
securityvulns
securityvulns
added 2004/11/11 12:0 a.m.28 views

BNC buffer overflow

Buffer overflow on server response parsing...

4.8AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.40 views

Debian DSA-209-1 : wget - directory traversal

Two problems have been found in the wget package as distributed in Debian GNU/Linux : - Stefano Zacchiroli found a buffer overrun in the urlfilename function, which would make wget segfault on very long URLs - Steven M. Christey discovered that wget did not verify the FTP server response to a NLS...

7.5CVSS5.9AI score0.04249EPSS
Exploits0References3
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.28 views

CVE-2002-1219

Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records RR...

7.5AI score0.12322EPSS
Exploits0References18
Debian CVE
Debian CVE
added 2004/09/01 4:0 a.m.36 views

CVE-2002-1219

Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records RR...

7.5CVSS7.5AI score0.12322EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.17 views

BGP Keep Alive Message Detection (Server Response)

Binary data 1199.prm...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/07/06 12:0 a.m.26 views

RHEL 2.1 : xchat (RHSA-2002:124)

A security issue in XChat allows a malicious server to execute arbitrary commands. XChat is a popular cross-platform IRC client. Versions of XChat prior to 1.8.9 do not filter the response from an IRC server when a /dns query is executed. Because XChat resolves hostnames by passing the configured...

7.5CVSS5.8AI score0.02391EPSS
Exploits0References3
securityvulns
securityvulns
added 2004/03/19 12:0 a.m.50 views

EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability

Internet Security Systems PAM ICQ Server Response Processing Vulnerability Release Date: March 18, 2004 Date Reported: March 8, 2004 Severity: High Remote Code Execution Vendor: Internet Security Systems Systems Affected: RealSecure Network 7.0, XPU 22.11 and before RealSecure Server Sensor 7.0 X...

Exploits0
exploitpack
exploitpack
added 2003/09/08 12:0 a.m.22 views

FTP Desktop 3.5 - FTP 331 Server Response Buffer Overflow

FTP Desktop 3.5 - FTP 331 Server Response Buffer Overflow source: https://www.securityfocus.com/bid/8560/info A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 331 server responses from remote FTP servers. When FTP Desktop...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2003/09/08 12:0 a.m.20 views

FTP Desktop 3.5 - FTP 331 Server Response Buffer Overflow

source: https://www.securityfocus.com/bid/8560/info A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 331 server responses from remote FTP servers. When FTP Desktop receives an FTP 331 response exceeding a certain length, it wil...

7AI score
Exploits0
NVD
NVD
added 2003/08/27 4:0 a.m.19 views

CVE-2003-0685

Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response...

7.5CVSS7.7AI score0.02421EPSS
Exploits1References2
securityvulns
securityvulns
added 2003/06/28 12:0 a.m.43 views

ypserv DoS

Server awaits response from the client without processing new reqests...

2.4AI score
Exploits0References1Affected Software1
OSV
OSV
added 2002/10/04 4:0 a.m.5 views

DEBIAN-CVE-2002-1090

Buffer overflow in readsmtpresponse of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to 1 execute arbitrary code via a certain response or 2 cause a denial of service via long server responses...

7.5CVSS7.8AI score0.01964EPSS
Exploits0References1
NVD
NVD
added 2002/08/12 4:0 a.m.20 views

CVE-2002-0419

Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which 2 in certain configurations, the server IP address is provided as the realm for Basic authentication, which...

5CVSS6.5AI score0.3624EPSS
Exploits1References3
securityvulns
securityvulns
added 2002/07/04 12:0 a.m.33 views

Traffic amplifying via Unreal Tournament

In reply to single UDP packet server will send multiple UDP packet with payload...

3.7AI score
Exploits0References1Affected Software1
CVE
CVE
added 2002/06/11 4:0 a.m.141 views

CVE-2002-0419

The CVE-2002-0419 entry describes information leaks in Microsoft IIS versions 4 through 5.1 where remote attackers can learn sensitive details via server responses. Specifically, when Basic authentication is used, the server may reveal its IP address as the realm, potentially exposing NAT-obscure...

5CVSS6.5AI score0.3624EPSS
Exploits1References3Affected Software2
Rows per page
Query Builder