Lucene search
K

1428 matches found

Tenable Nessus
Tenable Nessus
added 2004/08/30 12:0 a.m.32 views

GLSA-200402-02 : XFree86 Font Information File Buffer Overflow

The remote host is affected by the vulnerability described in GLSA-200402-02 XFree86 Font Information File Buffer Overflow Exploitation of a buffer overflow in The XFree86 Window System discovered by iDefence allows local attackers to gain root privileges. The problem exists in the parsing of the...

10CVSS6.4AI score0.21175EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2004/08/18 12:0 a.m.15 views

Sendmail 'decode' Alias Arbitrary File Overwrite

Binary data 2026.prm...

5CVSS7.3AI score0.01284EPSS
Exploits0References1
securityvulns
securityvulns
added 2004/08/02 12:0 a.m.59 views

OpenServer 5.0.6 OpenServer 5.0.7 : Xsco contains a buffer overflow that could be exploited to gain root privileges.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: OpenServer 5.0.6 OpenServer 5.0.7 : Xsco contains a buffer overflow that could be exploited to gain root privileges. Advisory number: SCOSA-2004.3 Issue date: 2004 July 29 Cross reference: sr889371 fz528866 erg712547...

10CVSS1AI score0.24863EPSS
Exploits2
NVD
NVD
added 2004/03/03 5:0 a.m.25 views

CVE-2004-0084

Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias font.alias file, a different vulnerability than CVE-2004-0083 and...

10CVSS7.1AI score0.24863EPSS
Exploits1References18
UbuntuCve
UbuntuCve
added 2004/03/03 5:0 a.m.26 views

CVE-2004-0084

Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias font.alias file, a different vulnerability than CVE-2004-0083 and...

10CVSS6.3AI score0.24863EPSS
Exploits1References1
Cvelist
Cvelist
added 2004/02/14 5:0 a.m.36 views

CVE-2004-0083

Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file font.alias with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106...

7.3AI score0.21175EPSS
Exploits1References21
RedHat Linux
RedHat Linux
added 2004/02/13 11:44 p.m.6 views

security flaw

Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file font.alias with a long token, a different vulnerability than CVE-2004-0084 and CVE-2004-0106...

10CVSS6.3AI score0.21175EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2004/02/13 11:44 p.m.5 views

security flaw

Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias font.alias file, a different vulnerability than CVE-2004-0083 and...

10CVSS6.3AI score0.24863EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2004/02/13 8:51 a.m.7 views

Important: Red Hat Security Advisory: : Updated XFree86 packages fix privilege escalation vulnerability

Updated XFree86 packages that fix a privilege escalation vulnerability are now available. XFree86 is an implementation of the X Window System, providing the core graphical user interface and video drivers. iDefense discovered two buffer overflows in the parsing of the 'font.alias' file. A local...

10CVSS6AI score0.24863EPSS
Exploits2References3
exploitpack
exploitpack
added 2004/02/12 12:0 a.m.7 views

XFree86 4.x - CopyISOLatin1Lowered Font_Name Buffer Overflow

XFree86 4.x - CopyISOLatin1Lowered FontName Buffer Overflow source: https://www.securityfocus.com/bid/9652/info It has been reported that the XFree86 X Windows system is prone to a local buffer overflow vulnerability. The issue arises from improper bounds checking when parsing the 'font.alias'...

1AI score
Exploits0
securityvulns
securityvulns
added 2004/02/11 12:0 a.m.37 views

XFree font.alias buffer overflow

buffer overflow on oversized font name...

4.3AI score
Exploits0References1Affected Software1
FreeBSD
FreeBSD
added 2004/02/10 12:0 a.m.28 views

Buffer overflows in XFree86 servers

A number of buffer overflows were recently discovered in XFree86, prompted by initial discoveries by iDEFENSE. These buffer overflows are present in the font alias handling. An attacker with authenticated access to a running X server may exploit these vulnerabilities to obtain root privileges on...

6.6AI score
Exploits0References2
NVD
NVD
added 2002/12/31 5:0 a.m.10 views

CVE-2002-2344

Ensim WEBppliance 3.0 and 3.1 allows remote attackers to read mail intended for other users by defining an alias that is the target's email address...

5CVSS6.6AI score0.01205EPSS
Exploits0References3
OSV
OSV
added 2002/12/31 5:0 a.m.2 views

DEBIAN-CVE-2002-1827

Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the 1 alias, 2 map, 3 statistics, and 4 pid files...

2.1CVSS6.4AI score0.00928EPSS
Exploits1References1
CERT
CERT
added 2002/02/27 12:0 a.m.16 views

Oracle 9iAS allows access to CGI script source code within CGI-BIN directory

Overview Oracle 9i Application Server 9iAS allows remote anonymous users to view source code in CGI scripts stored in the Apache cgi-bin. Attackers may analyze these scripts to discover usernames, passwords, or other proprietary data or methods. Description The default Apache configuration file i...

6.5AI score
Exploits0References2
NVD
NVD
added 2001/12/31 5:0 a.m.13 views

CVE-2001-1211

Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify user alias and mailing list information for other domains hosted by the same server via the 1 aliasadmin or 2 listadm1 CGI programs, which do not properly verify that an administrator is the...

7.5CVSS6.2AI score0.02999EPSS
Exploits0References5
NVD
NVD
added 2001/05/03 4:0 a.m.17 views

CVE-2001-0301

Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings...

10CVSS7.9AI score0.04398EPSS
Exploits0References7
Apache Httpd
Apache Httpd
added 2000/10/13 12:0 a.m.27 views

Apache Httpd < 1.3.14 : Mass virtual hosting can display CGI source

A security problem for users of the mass virtual hosting module, modvhostalias, causes the source to a CGI to be sent if the cgi-bin directory is under the document root. However, it is not normal to have your cgi-bin directory under a document root...

5CVSS2.2AI score0.10515EPSS
Exploits1Affected Software1
CVE
CVE
added 2000/02/04 5:0 a.m.36 views

CVE-1999-0565

CVE-1999-0565 affects Sendmail: a mail alias can cause input to be piped to an external program, enabling potential command execution. Documents confirm the issue but do not specify affected versions or a fix; one PT-security entry notes no information about a newer version containing a patch. No...

10CVSS6.9AI score0.01904EPSS
Exploits0References1
Debian
Debian
added 1999/12/07 5:2 p.m.1 views

[SECURITY] New version of sendmail-wide released

The version of sendmail-wide that was distributed with Debian GNU/Linux 2.1 has a slight problem in the code to regenerate the aliases database. Sendmail allowed any user to run sendmail with the -bi option to reinitialize the aliases database. The user could then interrupt sendmail and leave the...

5.9AI score
Exploits0
Rows per page
Query Builder