Security Advisory: FreeBSD-SA-00:24.libedit

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:24 Security Advisory FreeBSD, Inc. Topic: libedit reads config file from current directory Category: core Module: libedit Announced: 2000-07-05 Affects: All versions of...

FreeBSD-SA-00:24.libedit

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:24 Security Advisory FreeBSD, Inc. Topic: libedit reads config file from current directory Category: core Module: libedit Announced: 2000-07-05 Affects: All versions of...

CVE-2000-0401

PDGSoft Shopping Cart vulnerability (CVE-2000-0401) affects redirect.exe and changepw.exe. The issue is remote buffer overflows that allow an attacker to execute arbitrary commands via a long query string, potentially leading to data disclosure or privilege escalation on the web server. Exploitat...

FreeBSD-SA-00:22.apsfilter

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:22 Security Advisory FreeBSD, Inc. Topic: apsfilter allows users to execute arbitrary commands as user lpd Category: ports Module: apsfilter Announced: 2000-06-07 Credits...

CVE-2000-0523

Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command...

CVE-2000-0493

Buffer overflow in Simple Network Time Sync SMTS daemon allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long string...

Gauntlet CyberPatrol Content Monitoring System Overflow

The remote host is running Network Associated Gauntlet firewall. The installed version of the software is vulnerable to a buffer overflow. An attacker could exploit this flaw in order to remotely execute arbitrary commands on the affected host. C Tenable Network Security, Inc. include"compat.inc"...

CVE-2000-0438

Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter...

S.u.S.E Linux 4.x5.x6.x7.0 Slackware 3.x4.0 Turbolinux 6 OpenLinux 7.0 - fdmount Local Buffer Overflow (1)

S.u.S.E Linux 4.x5.x6.x7.0 Slackware 3.x4.0 Turbolinux 6 OpenLinux 7.0 - fdmount Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/1239/info A buffer overflow exists in the 0.8 version of the fdmount program, distributed with a number of popular versions of Linux. By supplying ...

CVE-2000-0450

Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands...

CVE-2000-0432

The calender.pl and the calendaradmin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters...

Vulnerability in CGI counter 4.0.7 by George Burgyan

I've found no mention of this vulnerability in Bugtraq or in the CVE nor have I been able to contact the author, so I'm posting here to give everyone the opportunity to protect themselves. This vulnerability is being actively exploited and has been reported to CERT. The popular CGI web page acces...

Matt Kruse Calendar Script 2.2 - Arbitrary Command Execution

Matt Kruse Calendar Script 2.2 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/1215/info Matt Kruse's Calendar script is a popular, free perl cgi-script used by many websites on the Internet. It allows a website administrator to easily setup and customize a calendar on the...

Matt Kruse Calendar Script 2.2 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/1215/info Matt Kruse's Calendar script is a popular, free perl cgi-script used by many websites on the Internet. It allows a website administrator to easily setup and customize a calendar on their website. There are two components of this package,...

CVE-2000-0407

Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option...

Mozilla Bugzilla 2.4/2.6/2.8/2.10 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/1199/info Bugzilla is a web-based bug-tracking system based on Perl and MySQL. It allows people to submit bugs and catalogs them. Bugzilla is prone to a vulnerability which may allow remote users to execute arbitrary commands on the target webserver. When...

Cart32 Backdoor Password Arbitrary Command Execution

The Cart32 e-commerce shopping cart is installed. This software contains multiple security flaws. There is a backdoor password of 'wemilo' in cart32.exe. This backdoor allows a remote attacker to run arbitrary commands in the context of the web server, and access credit card information...

spin_client.cgi Remote Overflow

There is a buffer overrun in the 'spinclient.cgi' CGI program, which will allow anyone to execute arbitrary commands with the same privileges as the web server root or nobody. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Thanks to Tollef Fog Heen for his help include 'compat.inc' ;...

CVE-1999-0781

KDE allows local users to execute arbitrary commands by setting the KDEDIR environmental variable to modify the search path that KDE uses to locate its executables...

Solaris 2.6/7.0 - 'lpset -r' Local Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/1138/info A vulnerability exists in the handling of the -r option to the lpset program, as included in Solaris 7 from Sun Microsystems. The -r option is undocumented. As such, its use in unknown. However, when supplied a well crafted buffer containing...