8682 matches found
CVE-2001-0244
Buffer overflow in Microsoft Index Server 2.0 allows remote attackers to execute arbitrary commands via a long search parameter...
CVE-2001-0449
Buffer overflow in WinZip 8.0 allows attackers to execute arbitrary commands via a long file name that is processed by the /zipandemail command line option...
GNU groff 1.1x - xploitation Via LPD
GNU groff 1.1x - xploitation Via LPD // source: https://www.securityfocus.com/bid/3103/info lpd is the print spooling daemon. It is used to support network printing on a variety of unix platforms. The version of lpd that ships with linux systems invokes groff to process documents that are to be...
Hewlett Packard OpenView and Tivoli NetView do not adequately validate SNMP trap arguments
Overview Hewlett Packard's HP OpenView and Tivoli NetView are system management software packages. There is a vulnerability a component of these packages, ovactiond, that allows intruders to execute arbitrary commands as user bin. This may subsequently lead to a root compromise. Description HP...
CVE-2001-0408
vim aka gvim processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes...
Microburst uDirectory 2.0 - Remote Command Execution
source: https://www.securityfocus.com/bid/2884/info uDirectory is an online directory and listing management system. An input validation error exists in uDirectory that may allow remote users to execute arbitrary commands on a host running the software. !/usr/bin/perl -w management, e-commerce...
CVE-2001-0318
Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory cwd...
CVE-2001-0216
PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter...
CVE-2001-0436
The vulnerability CVE-2001-0436 affects DCForum 2000, specifically the dcboard.cgi CGI: remote attackers can execute arbitrary commands by uploading a Perl program to the server and referencing it via a .. in the AZ parameter. This is documented in the NVD entry for DCForum 2000 1.0 with a base s...
CVE-2001-0447
CVE-2001-0447 affects the Web configuration server component of 602Pro LAN SUITE. A crafted long HTTP request containing %2e (dot dot) characters can trigger a denial of service and may allow arbitrary command execution. This is documented across NVD and CVE records; no explicit exploit code or i...
CVE-2001-0397
CVE-2001-0397 describes a buffer overflow in Silent Runner Collector (SRC) 1.6.1 that can be triggered by a long SMTP HELO command. The vulnerability allows remote attackers to cause a denial of service and, potentially, execute arbitrary commands. CVSS v2 base metrics are provided: AV:N/AC:L/Au:...
Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution (7)
Microsoft IIS 3.04.05.0 - PWS Escaped Characters Decoding Command Execution 7 source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, i...
Microsoft IIS 3.0/4.0/5.0 - PWS Escaped Characters Decoding Command Execution (3)
source: https://www.securityfocus.com/bid/2708/info Due to a flaw in the handling of CGI filename program requests, remote users can execute arbitrary commands on an IIS host. When IIS receives a CGI filename request, it automatically performs two actions before completing the request: 1. IIS...
def-2001-25: Carello E-Commerce Arbitrary Command Execution
====================================================================== Defcom Labs Advisory def-2001-25 Carello E-Commerce Arbitrary Command Execution Author: Peter Grьndl [email protected] Release Date: 2001-05-14 ======================================================================...
CVE-2000-0693
The CVE affects pgxconfig in the Raptor GFX configuration tool, where a relative path is used for a system call to the cp program. This enables local users to execute arbitrary commands by manipulating their PATH to point to a malicious cp replacement. Root cause: path-based command execution via...
CVE-2001-0005
Buffer overflow in the parsing mechanism of the file loader in Microsoft PowerPoint 2000 allows attackers to execute arbitrary commands...
CVE-2000-0816
Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters...
CVE-2001-0299
Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL...
CVE-2000-1121
Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument...
CVE-2001-0191
gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length...