CVE-2003-0212

handleAccept in rinetd before 0.62 does not properly resize the connection list when it becomes full and sets an array index incorrectly, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large number of connections...

CVE-2002-0765

sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password...

Important: Red Hat Security Advisory: vim security update

Updated VIM packages are available for Red Hat Linux Advanced Server. These updates resolve a security issue when opening a specially-crafted text file. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1 VIM VIsual editor iMproved is a version of the vi editor. VIM allows a use...

CVE-2003-0031

Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service crash...

CVE-2002-1342

Unknown vulnerability in smb2www 980804-16 and earlier allows remote attackers to execute arbitrary commands...

[SNS Advisory No.53] Webmin/Usermin Session ID Spoofing Vulnerability

---------------------------------------------------------------------- SNS Advisory No.53 Webmin/Usermin Session ID Spoofing Vulnerability Problem first discovered: Sat, 4 May 2002 Published: Tue, 7 May 2002 ---------------------------------------------------------------------- Overview: --------...

CVE-2000-0006

strace allows local users to read arbitrary files via memory mapped file names...

security/cfs -- buffer overflow

Debian reports: Zorgon found several buffer overflows in cfsd, a daemon that pushes encryption services into the Unixtm file system. We are not yet sure if these overflows can successfully be exploited to gain root access to the machine running the CFS daemon. However, since cfsd can easily be...

Pine update fixes insecure URL-handling

Pine 4.44 packages are now available to fix a problem with insecure URL handling. Here's the information from the Slackware 8.0 ChangeLog: Sat Jan 12 13:05:33 PST 2002 patches/packages/pine.tgz: Fix a security problem with pine by upgrading to pine4.44. More details from the Pine Announcement Lis...

cgiCentral WebStore 400 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2861/info cgiCentral's Webstore is an shopping cart application which processes and manages online purchases. Wsmail.cgi calls system with user-supplied data in the command string. Because it does not filter metacharacters out of the user-supplied data, i...

ASPSeek.txt

Hi comrades: I'dont speak write wery good English by this reason a go to pass to describe the information that I have and I could test about this vulnerability: I know some servers whit this bug, I only test it in this type of servers but should run in others whitout problems. Tested in Server:...

Bajie 0.78 - Arbitrary Shell Command Execution

Bajie 0.78 - Arbitrary Shell Command Execution source: https://www.securityfocus.com/bid/2389/info Requesting a specailly crafted URL containg arbitrary code, can be exected on a Unix system running Bajie Webserver. Any arbitrary commands appended to a malicious URL after the ';' will be executed...

Bajie 0.78 - Arbitrary Shell Command Execution

source: https://www.securityfocus.com/bid/2389/info Requesting a specailly crafted URL containg arbitrary code, can be exected on a Unix system running Bajie Webserver. Any arbitrary commands appended to a malicious URL after the ';' will be executed as an independent job...

Linux news 25.08.00

Linux 2.2.17pre20 Вышла новая pre-версия следующего стабильного ядра Linux: 2.2.17pre20. Список изменений пока не попался мне на глаза. Подробнее: ftp://ftp.kernel.org/pub/linux/kernel/people/alan/2.2.17pre/ Linux-2.4.0-test7 Вышло новое "нестабильное" ядро Linux: Linux-2.4.0-test7. Подробнее:...

[Security] ntop remote file exploitability

re.Match object; span=1718, 2705, match=!--X-Head-of-Message--\nul\nliemTo/em:...

Intel Corporation NetStructure 7110 - Undocumented Password

Intel Corporation NetStructure 7110 - Undocumented Password source: https://www.securityfocus.com/bid/1182/info NetStructure formerly known as Ipivot Commerce Accelerator is a multi-site traffic director. This internet equipment is designed for businesses with multiple Web site locations, routing...

Intel Corporation NetStructure 7110 - Undocumented Password

source: https://www.securityfocus.com/bid/1182/info NetStructure formerly known as Ipivot Commerce Accelerator is a multi-site traffic director. This internet equipment is designed for businesses with multiple Web site locations, routing traffic to the best available site from a single URL. Certa...

iplanet.dos.txt

Hello, I could find out the denial of service effected to iPlanet Web Server, Enterprise Edition 4.1 on Linux 2.2.5Redhat6.1J; Kernel 2.2.12. When I tried to send the request "GET" of seven hundred times your product consumed all memory resouce and karnel paniced. The size of GET command to your...

CVE-1999-0559

Technical details for CVE-1999-0559 are not publicly available in the provided documents; monitor for updates.

CVE-1999-0515

CVE-1999-0515 relates to an unrestricted remote trust relationship in Unix/Linux environments (eg, using + in /etc/hosts.equiv/.rhosts via rsh). Root access can be gained if a trusted host is compromised. Remediation described in sources: remove the wildcard (+) from /etc/hosts.equiv and the root...