1923 matches found
DEBIAN-CVE-2003-0128
The tryuudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a malicious uuencoded UUE header, possibly triggering a heap-based buffer overflow...
CVE-2003-0128
The CVE-2003-0128 family affects Ximian Evolution Mail User Agent (MUA) prior to version 1.2.3, via the try_uudecoding function in mail-format.c that decodes UUEncoded headers. The vulnerability can cause a denial of service (crash) and may allow arbitrary code execution through crafted UUE heade...
CVE-2003-0129
CVE-2003-0129 affects Ximian Evolution Mail User Agent up to version 1.2.2, allowing remote attackers to cause memory exhaustion/DoS by uuencoding a mail message multiple times. Related issues CAN-2003-0128 and CAN-2003-0130 are addressed in the same advisory. Vendor patch: Evolution 1.2.3 releas...
CVE-2003-0130
The CVE-2003-0130 issue affects Ximian Evolution Mail User Agent (Evolution 1.2.2 and earlier). The vulnerability lies in the handle_image() function in mail-format.c, which does not escape HTML characters in the Content-ID-derived string, enabling remote attackers to inject arbitrary data and HT...
CVE-2003-0129
Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service memory consumption via a mail message that is uuencoded multiple times...
CORE-20030304-02: Vulnerability in Mutt Mail User Agent
Core Security Technologies Advisory http://www.coresecurity.com Vulnerability in Mutt Mail User Agent Date Published: 2003-03-20 Last Update: 2003-03-19 Advisory ID: CORE-20030304-02 Bugtraq ID: 7120 CVE CAN: None currently assigned Title: Mutt Controlled IMAP server buffer overflow Class: Bounda...
Ximian Evolution 1.x - UUEncoding Denial of Service
source: https://www.securityfocus.com/bid/7118/info A vulnerability has been discovered in the Ximian Evolution Mail User Agent MUA. The problem occurs when the mailer attempts to process a maliciously encoded e-mail message. When attempting to decode the message, the MUA will repeatedly attempt ...
[NEWS] DeleGate Pointer Array Overflow May Let Remote Users Execute Arbitrary Code
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion In the US? Contact Beyond Security at our new California office housewarming rates on automated network vulnerability scanning. We also...
[SNS Advisory No.63] DeleGate Pointer Array Overflow May Let Remote Users Execute Arbitrary Code
---------------------------------------------------------------------- SNS Advisory No.63 DeleGate Pointer Array Overflow May Let Remote Users Execute Arbitrary Code Problem first discovered on: Sun, 02 Mar 2003 Published on: Mon, 10 Mar 2003...
DeleGate array index overflow
Array index overflow on large number of User-Agent in robots.txt...
CVE-2002-2295
Buffer overflow in Pico Server pServ 2.0 beta 1 through beta 5 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via 1 a 1024-byte TCP stream message, which triggers an off-by-one buffer overflow, or 2 a long method name in an HTTP request, 3 a long...
Pserv 2.0 - User-Agent HTTP Header Buffer Overflow (2)
Pserv 2.0 - User-Agent HTTP Header Buffer Overflow 2 // source: https://www.securityfocus.com/bid/6286/info A buffer overflow vulnerability has been reported in Pserv. The buffer overflow condition is due to the way Pserv handles data streams from remote connections. An attacker can exploit this...
Pserv 2.0 - User-Agent HTTP Header Buffer Overflow (1)
Pserv 2.0 - User-Agent HTTP Header Buffer Overflow 1 source: https://www.securityfocus.com/bid/6286/info A buffer overflow vulnerability has been reported in Pserv. The buffer overflow condition is due to the way Pserv handles data streams from remote connections. An attacker can exploit this...
Pserv 2.0 - User-Agent HTTP Header Buffer Overflow (1)
source: https://www.securityfocus.com/bid/6286/info A buffer overflow vulnerability has been reported in Pserv. The buffer overflow condition is due to the way Pserv handles data streams from remote connections. An attacker can exploit this vulnerability by issuing a HTTP request with an overly...
Pserv 2.0 - User-Agent HTTP Header Buffer Overflow (2)
// source: https://www.securityfocus.com/bid/6286/info A buffer overflow vulnerability has been reported in Pserv. The buffer overflow condition is due to the way Pserv handles data streams from remote connections. An attacker can exploit this vulnerability by issuing a HTTP request with an overl...
CVE-2002-0944
Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03–6.2.1 allows remote attackers to execute arbitrary script as the LiveStats user via the (1) user-agent or (2) referrer, which are not filtered by the stats program. Affected: DeepMetrix LiveStats versions 5.03 through 6.2.1. Impact: ...
Web Server HTTP User-Agent Header Handling Remote Overflow
It was possible to kill the web server by sending an invalid GET request with a long User-Agent field. A remote attacker may exploit this vulnerability to make the web server crash continually or possibly execute arbitrary code. C Tenable Network Security, Inc. Script audit and contributions from...
Apple QuickTime 5.0 - Content-Type Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/4064/info Apple QuickTime is a freely available media player. It runs on a number of platforms including MacOS and Windows 9x/ME/NT/2000/XP operating systems. Apple QuickTime For Windows does not perform sufficient bounds checking of the "Content-Type"...
CVE-2001-0904
Internet Explorer 5.5 and 6 with the Q312461 MS01-055 patch modifies the HTTPUSERAGENT UserAgent information that indicates that the patch has been installed, which could allow remote malicious web sites to more easily identify and exploit vulnerable clients...
SHOUTcast Server User-Agent / Host Header DoS
The remote host is running SHOUTcast Server, a streaming audio server from Nullsoft. According to its banner, the installed version of SHOUTcast server will reportedly crash when it receives several HTTP requests with overly long User-Agent and/or Host request headers. %NASLMINLEVEL 70300 C Tenab...