7614 matches found
Solaris /usr/bin/write Vulnerability
I have written an exploit for the /usr/bin/write command , this is not a new vulnerability but it has not been fixed at least till Solaris 7 patchs dont know about Solaris 8. This command contains a buffer overflow in the second argument. If this data exceeds predefined length, inserting two valu...
CVE-2000-1085
The xppeekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine MSDE does not properly restrict the length of a buffer before calling the srvparaminfo function in the SQL Server API for Extended Stored Procedures XP, which allows an attacker to cause a denial of service or...
CVE-2000-1183
Buffer overflow in socks5 server on Linux allows attackers to execute arbitrary commands via a long connection request...
CVE-2000-1123
Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands...
CVE-2000-1086
The xpprintstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine MSDE does not properly restrict the length of a buffer before calling the srvparaminfo function in the SQL Server API for Extended Stored Procedures XP, which allows an attacker to cause a denial of service ...
CVE-2000-1175
Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command line argument...
CVE-2000-1147
Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers to execute arbitrary commands via a long string to the "LANGUAGE" argument in a script tag...
CVE-2000-1082
The xpenumresultset function in SQL Server and Microsoft SQL Server Desktop Engine MSDE does not properly restrict the length of a buffer before calling the srvparaminfo function in the SQL Server API for Extended Stored Procedures XP, which allows an attacker to cause a denial of service or...
CVE-2000-1087
The xpproxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine MSDE does not properly restrict the length of a buffer before calling the srvparaminfo function in the SQL Server API for Extended Stored Procedures XP, which allows an attacker to cause a denial of service ...
CVE-2000-1084
The xpupdatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine MSDE does not properly restrict the length of a buffer before calling the srvparaminfo function in the SQL Server API for Extended Stored Procedures XP, which allows an attacker to cause a denial of service or execu...
eXtropia bbs_forum.cgi 1.0 - Arbitrary Command Execution
source: https://www.securityfocus.com/bid/2177/info bbsforum.cgi is a popular Perl cgi script from eXtropia.com. It supports the creation and maintenance of web-based threaded discussion forums. Version 1.0 of bbsforum.cgi fails to properly validate user-supplied, URL-encoded input to the read...
eXtropia bbs_forum.cgi 1.0 - Arbitrary Command Execution
eXtropia bbsforum.cgi 1.0 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2177/info bbsforum.cgi is a popular Perl cgi script from eXtropia.com. It supports the creation and maintenance of web-based threaded discussion forums. Version 1.0 of bbsforum.cgi fails to properly...
CVE-2000-1126
CVE-2000-1126 affects HP-UX 11.00 and earlier. The vulnerability is in the auto_parms and set_parms components and, per the sources, allows remote attackers to execute arbitrary commands or cause a denial of service. The connected documents confirm the affected software and the underlying impact ...
CVE-2000-0941
Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter...
CVE-2000-1083
The xpshowcolv function in SQL Server and Microsoft SQL Server Desktop Engine MSDE does not properly restrict the length of a buffer before calling the srvparaminfo function in the SQL Server API for Extended Stored Procedures XP, which allows an attacker to cause a denial of service or execute...
CVE-2000-0961
Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command...
CVE-2000-1085
The vulnerability CVE-2000-1085 affects Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE). It concerns the xp_peekqueue function, where the length of a buffer is not properly restricted before invoking srv_paraminfo in the SQL Server API for Extended Stored Procedures (XP). This coul...
CVE-2000-1183
CVE-2000-1183 concerns a buffer overflow in a Socks5 server running on Linux. The vulnerability arises in the Socks5 server’s handling of long connection requests, which can overflow a buffer and allow an attacker to execute arbitrary commands. The available connected documents confirm the vulner...
CVE-2000-0967
PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs...
CVE-2000-1084
The CVE-2000-1084 issue affects Microsoft SQL Server and SQL Server Desktop Engine (MSDE) via Extended Stored Procedures. The vulnerable component is xp_updatecolvbm, which does not properly restrict buffer length before calling srv_paraminfo in the XP API, enabling a potential denial of service ...