CVE-2001-0191

gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length...

CVE-2001-0050

CVE-2001-0050 correlates to two bugs in the BitchX IRC client reported in MDKSA-2000:079. A stack overflow can occur when processing a malformed DNS answer, potentially enabling remote denial of service or arbitrary code execution, and a second bug allows embedding a malformed DNS record in a val...

CVE-2000-0854

When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document...

CVE-2001-0111

Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument...

cgiCentral WebStore 400 - Administrator Authentication Bypass

cgiCentral WebStore 400 - Administrator Authentication Bypass source: https://www.securityfocus.com/bid/2860/info cgiCentral's Webstore is an shopping cart application which processes and manages online purchases. A vulnerability exists in Webstore which may allow attackers to obtain administrati...

cgiCentral WebStore 400 - Arbitrary Command Execution

cgiCentral WebStore 400 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2861/info cgiCentral's Webstore is an shopping cart application which processes and manages online purchases. Wsmail.cgi calls system with user-supplied data in the command string. Because it does not...

cgiCentral WebStore 400 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2861/info cgiCentral's Webstore is an shopping cart application which processes and manages online purchases. Wsmail.cgi calls system with user-supplied data in the command string. Because it does not filter metacharacters out of the user-supplied data, i...

WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite (3)

WU-FTPD 2.4.22.5 .02.6.0 - Remote Format String Stack Overwrite 3 source: https://www.securityfocus.com/bid/1387/info Washington University ftp daemon wu-ftpd is a very popular unix ftp server shipped with many distributions of Linux and other UNIX operating systems. Wu-ftpd is vulnerable to a ve...

CVE-2001-0298

Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request...

IRIX /usr/lib/print/netprint local root symbols exploit.

i haven't audited anything in some time. well, i just noticed this because i am doing a project with a name similar to "netprint" and i was wondering if it was at all related to what i was doing. it wasn't. but, i noticed it was setuid root and had a little bug. this bug takes advantage of the -n...

Sendfile 1.x/2.1 - Local Privileged Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2645/info Sendfile is an implementation of the SAFT simple asynchronous file transfer protocol for UNIX systems. Due to a problem dropping privileges completely before running user-specified post-processing commands in the Sendfile daemon, it may be...

Trend Micro InterScan VirusWall catinfo CGI Overflow

The remote cgi /catinfo seems to be vulnerable to a buffer overflow when it receives a too long input strings, allowing any user to execute arbitrary commands as root. This CGI usually comes with the VirusWall suite. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

mkpasswd: acutally its worse than just not many passwords

due to a fault in expect the interpreter that runs the mkpasswd script it is trivially easy to cause arbitrary commands to be executed by someone else. under RH7.0 anyway the search path for libs for it includes /var/tmp/ check out http://bugzilla.redhat.com/bugzilla/showbug.cgi?id=28224 for...

CVE-2001-0302

Pi3Web 1.0.1 is vulnerable via the ISAPI extension tstisapi.dll. A buffer overflow triggered by a long URL allows remote attackers to cause denial of service and potentially execute arbitrary commands; the CGI runs with the HTTP service privileges and can disclose the web-root path. Remediation m...

CVE-2001-0296

Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command...

CVE-2001-0256

FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long username...

MAILNEWS mailnews.cgi Arbitrary Command Execution

mailnews.cgi is being hosted on the remote web server. Input to the 'address' parameter is not properly sanitized. A remote attacker could exploit this to execute arbitrary commands with the privileges of the web server. Please note Nessus only checked for the presence of this CGI, and did not...

CVE-2001-0172

CVE-2001-0172 describes a buffer overflow in ReiserFS 3.5.28 on SuSE Linux that allows local users to trigger a denial of service and potentially execute arbitrary commands by supplying a long directory name. The vulnerability is local (attack vector: LOCAL) with low complexity and authentication...

PHP < 4.0.4 IMAP Module imap_open() Function Overflow

A version of PHP that is older than 4.0.4 is installed on this host. There is a buffer overflow condition in the IMAP module of this version that could allow an attacker to execute arbitrary commands with the privileges of the web server, if this server is serving a webmail interface. %NASLMINLEV...

Joe Text Editor 2.8 - .joerc Arbitrary Command Execution

Joe Text Editor 2.8 - .joerc Arbitrary Command Execution source: https://www.securityfocus.com/bid/2437/info Joe is a text editor originally written by Joseph Allen. Joe offers a user-friendly interface, with key binding and configuration familiar to many users of Microsoft Word Processing tools....