Lucene search
+L

374 matches found

NVD
NVD
added 2002/06/18 4:0 a.m.30 views

CVE-2002-0575

Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges...

7.5CVSS6.9AI score0.04212EPSS
Exploits1References10
CERT
CERT
added 2002/06/07 12:0 a.m.30 views

tcpdump vulnerable to buffer overflow via improper decoding of AFS RPC (Rx) packets

Overview A vulnerability exists in tcpdump that could allow an attacker to execute arbitrary code with the privileges of tcpdump, typically root. Description tcpdump is a widely-used network sniffer that is capable of decoding AFS traffic. A buffer overflow vulnerability has been discovered in...

7.5CVSS7.9AI score0.04784EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2002/05/12 12:0 a.m.151 views

OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow

You are running a version of OpenSSH older than OpenSSH 3.2.1. A buffer overflow exists in the daemon if AFS is enabled on your system, or if the options KerberosTgtPassing or AFSTokenPassing are enabled. Even in this scenario, the vulnerability may be avoided by enabling UsePrivilegeSeparation...

7.5CVSS7.8AI score0.04212EPSS
Exploits1References1
securityvulns
securityvulns
added 2001/07/19 12:0 a.m.50 views

Ошибки в tcpdump (remote root)

Ошибки в утилите tcpdump FreeBSD 4.x при использовании обработчика пакетов AFS RPC позволяют получить удаленный root в результате срыва стека...

0.9AI score
Exploits0References1Affected Software1
CERT
CERT
added 2001/06/22 12:0 a.m.40 views

tcpdump vulnerable to buffer overflow via parsing of AFS ACL packets

Overview Tcpdump version 3.5 contains a buffer overflow vulnerability permitting unauthorized remote root access. Description Tcpdump version 3.5 added support for handling AFS packets. Unfortunately the code responsible for printing AFS access control lists contains an unchecked buffer that can ...

10CVSS7.7AI score0.05979EPSS
Exploits0References2
CVE
CVE
added 2001/05/07 4:0 a.m.54 views

CVE-2000-1174

CVE-2000-1174 affects Ethereal (now Wireshark) up to version 0.8.13 and earlier, where multiple buffer overflows in the AFS ACL parser allow remote attackers to execute arbitrary commands by sending a crafted packet with a long username. The flaw is in the parser’s handling of AFS ACL data, enabl...

7.5CVSS8.2AI score0.05824EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2001/05/07 4:0 a.m.25 views

CVE-2000-1174

Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username...

7.8AI score0.05824EPSS
Exploits1References7
securityvulns
securityvulns
added 2001/01/13 12:0 a.m.30 views

Дырка в tcpdump

Переполнение буфера при декодировании AFS...

0.8AI score
Exploits0References1Affected Software1
NVD
NVD
added 2001/01/09 5:0 a.m.23 views

CVE-2000-1174

Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username...

7.5CVSS7.8AI score0.05824EPSS
Exploits1References7
exploitpack
exploitpack
added 2001/01/02 12:0 a.m.27 views

tcpdump 3.43.5 - AFS ACL Packet Buffer Overflow

tcpdump 3.43.5 - AFS ACL Packet Buffer Overflow / source: https://www.securityfocus.com/bid/1870/info tcpdump is a popular network monitoring tool used for watching network traffic written by the Lawrence Berkeley Laboratory. It must at least begin execution as root since it opens and reads from...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2001/01/02 12:0 a.m.44 views

tcpdump 3.4/3.5 - AFS ACL Packet Buffer Overflow

/ source: https://www.securityfocus.com/bid/1870/info tcpdump is a popular network monitoring tool used for watching network traffic written by the Lawrence Berkeley Laboratory. It must at least begin execution as root since it opens and reads from the link layer interface through pcap. It is...

7AI score
Exploits0
exploitpack
exploitpack
added 2000/11/18 12:0 a.m.33 views

Ethereal - AFS Buffer Overflow

Ethereal - AFS Buffer Overflow / source: https://www.securityfocus.com/bid/1972/info Ethereal is a network auditing utility originally written by Gerald Combs. A problem exists in the Ethereal package which can allow a remote user to execute code. The problem exists in the AFS packet parsing...

0.8AI score
Exploits0
Exploit DB
Exploit DB
added 2000/11/18 12:0 a.m.37 views

Ethereal - AFS Buffer Overflow

/ source: https://www.securityfocus.com/bid/1972/info Ethereal is a network auditing utility originally written by Gerald Combs. A problem exists in the Ethereal package which can allow a remote user to execute code. The problem exists in the AFS packet parsing routine. An algorithm string scans...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/06/14 12:0 a.m.31 views

AFS Client Version Detection

This detects the AFS client version by connecting to the AFS callback port and processing the buffer received. The client version gives potential attackers additional information about the system they are attacking. Versions and types should be ommited where possible. This script was written by...

5.8AI score
Exploits0References1
Rows per page
Query Builder