428 matches found
newsfetch -- server response buffer overflow vulnerability
The newsfetch program uses the sscanf function to read information from server responses into static memory buffers. Unfortunately this is done without any proper bounds checking. As a result long server responses may cause an overflow when a newsgroup listing is requested from an NNTP server...
CVE-2004-2277
Buffer overflow in aGSM Half-Life client allows remote Half-Life servers to cause a denial of service crash and possibly execute arbitrary code via a long server response...
ProZilla -- server response buffer overflow vulnerabilities
Buffer overflow vulnerabilities have been reported to exist in this software package. The vulnerabilities can be triggered by a remote server and can be used to inject malicious code in the ProZilla process...
BNC: Buffer overflow vulnerability
Background BNC BouNCe is an IRC proxy server. Description Leon Juranic discovered that BNC fails to do proper bounds checking when checking server response. Impact An attacker could exploit this to cause a Denial of Service and potentially execute arbitary code with the permissions of the user...
BNC < 2.9.1 getnickuserhost IRC Server Response Buffer Overflow
Binary data 2403.prm...
BNC buffer overflow
Buffer overflow on server response parsing...
Debian DSA-209-1 : wget - directory traversal
Two problems have been found in the wget package as distributed in Debian GNU/Linux : - Stefano Zacchiroli found a buffer overrun in the urlfilename function, which would make wget segfault on very long URLs - Steven M. Christey discovered that wget did not verify the FTP server response to a NLS...
CVE-2002-1219
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records RR...
CVE-2002-1219
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records RR...
BGP Keep Alive Message Detection (Server Response)
Binary data 1199.prm...
RHEL 2.1 : xchat (RHSA-2002:124)
A security issue in XChat allows a malicious server to execute arbitrary commands. XChat is a popular cross-platform IRC client. Versions of XChat prior to 1.8.9 do not filter the response from an IRC server when a /dns query is executed. Because XChat resolves hostnames by passing the configured...
EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability
Internet Security Systems PAM ICQ Server Response Processing Vulnerability Release Date: March 18, 2004 Date Reported: March 8, 2004 Severity: High Remote Code Execution Vendor: Internet Security Systems Systems Affected: RealSecure Network 7.0, XPU 22.11 and before RealSecure Server Sensor 7.0 X...
FTP Desktop 3.5 - FTP 331 Server Response Buffer Overflow
FTP Desktop 3.5 - FTP 331 Server Response Buffer Overflow source: https://www.securityfocus.com/bid/8560/info A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 331 server responses from remote FTP servers. When FTP Desktop...
FTP Desktop 3.5 - FTP 331 Server Response Buffer Overflow
source: https://www.securityfocus.com/bid/8560/info A buffer overflow vulnerability has been reported in FTP Desktop. The vulnerability occurs when FTP Desktop is parsing 331 server responses from remote FTP servers. When FTP Desktop receives an FTP 331 response exceeding a certain length, it wil...
CVE-2003-0685
Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response...
ypserv DoS
Server awaits response from the client without processing new reqests...
DEBIAN-CVE-2002-1090
Buffer overflow in readsmtpresponse of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to 1 execute arbitrary code via a certain response or 2 cause a denial of service via long server responses...
CVE-2002-0419
Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which 2 in certain configurations, the server IP address is provided as the realm for Basic authentication, which...
Traffic amplifying via Unreal Tournament
In reply to single UDP packet server will send multiple UDP packet with payload...
CVE-2002-0419
The CVE-2002-0419 entry describes information leaks in Microsoft IIS versions 4 through 5.1 where remote attackers can learn sensitive details via server responses. Specifically, when Basic authentication is used, the server may reveal its IP address as the realm, potentially exposing NAT-obscure...