981 matches found
CVE-2004-1377
The 1 fixps aka fixps.in and 2 psmandup aka psmandup.in scripts in a2ps before 4.13 allow local users to overwrite arbitrary files via a symlink attack on temporary files...
CVE-2004-1289
Multiple buffer overflows in 1 the getline function in pcalutil.c and 2 the getholiday function in readfile.c for pcal 4.7.1 allow remote attackers to execute arbitrary code via a crafted calendar file...
iDEFENSE Security Advisory 12.16.04: MPlayer Bitmap Parsing Remote Heap Overflow Vulnerability
MPlayer Bitmap Parsing Remote Heap Overflow Vulnerability iDEFENSE Security Advisory 12.16.04 http://www.idefense.com/application/poi/display?id=168 December 16, 2004 I. BACKGROUND MPlayer is a movie player for Linux that also runs on many other Unices, and non- x86 CPUs. It plays most MPEG, VOB,...
CUPS 1.1.x - '.HPGL' File Processor Buffer Overflow
source: https://www.securityfocus.com/bid/11968/info CUPS is reported prone to a remote buffer overflow vulnerability. The issue is reported to exist in the 'hpgl-input.c' source file and is because of a lack of sufficient boundary checks performed on data contained in HPGL files. A remote attack...
CVE-2004-1161
Removed by vendor...
CVE-2004-0745
LHA 1.14 and earlier allows attackers to execute arbitrary commands via a directory with shell metacharacters in its name...
CVE-2004-0880
Removed by vendor...
powerdns -- DoS vulnerability
PowerDNS is vulnerable to a temporary denial-of-service vulnerability that can be triggered using a random stream of bytes...
CVE-2003-0068
The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker t...
Open Security Group Advisory #6
List, In May, Open Security Group started a media player security audit to drive out defects in popular media player code with the hope of helping secure our networks, machines and users from malicious attackers. As the second stage of this project, I released an advisory on August 8th, 2004,...
sharutils -- buffer overflows
From Gentoo advisory GLSA 200410-01: sharutils contains two buffer overflows. Ulf Harnhammar discovered a buffer overflow in shar.c, where the length of data returned by the wc command is not checked. Florian Schilhabel discovered another buffer overflow in unshar.c. An attacker could exploit the...
CVE-2004-0426
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path...
lha buffer overflows and path traversal issues
Ulf Härnhammar discovered several vulnerabilities in LHa for UNIX's path name handling code. Specially constructed archive files may cause LHa to overwrite files or execute arbitrary code with the privileges of the user invoking LHa. This could be particularly harmful for automated systems that...
CVE-2004-0104
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code...
Buffer overflow in INN control message handling
A small, fixed-size stack buffer is used to construct a filename based on a received control message. This could result in a stack buffer overflow...
CVE-2003-0850
...
CVE-2003-0625
...
CVE-2003-0649
...
CVE-2003-0462
...
CVE-2003-0596
FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time...