CVE-2000-1085

The vulnerability CVE-2000-1085 affects Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE). It concerns the xp_peekqueue function, where the length of a buffer is not properly restricted before invoking srv_paraminfo in the SQL Server API for Extended Stored Procedures (XP). This coul...

CVE-2000-0961

Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command...

CVE-2000-1183

CVE-2000-1183 concerns a buffer overflow in a Socks5 server running on Linux. The vulnerability arises in the Socks5 server’s handling of long connection requests, which can overflow a buffer and allow an attacker to execute arbitrary commands. The available connected documents confirm the vulner...

CVE-2000-0967

PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs...

CVE-2000-1084

The CVE-2000-1084 issue affects Microsoft SQL Server and SQL Server Desktop Engine (MSDE) via Extended Stored Procedures. The vulnerable component is xp_updatecolvbm, which does not properly restrict buffer length before calling srv_paraminfo in the XP API, enabling a potential denial of service ...

CVE-2000-1175

Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command line argument...

CVE-2000-0949

Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option...

CVE-2000-1088

CVE-2000-1088 affects Microsoft SQL Server 2000 and MSDE via the Extended Stored Procedures API. The vulnerability lies in xp_SetSQLSecurity not properly restricting the buffer length before calling srv_paraminfo, enabling a attacker to cause a denial of service or execute arbitrary commands. The...

CVE-2000-1082

The xpenumresultset function in SQL Server and Microsoft SQL Server Desktop Engine MSDE does not properly restrict the length of a buffer before calling the srvparaminfo function in the SQL Server API for Extended Stored Procedures XP, which allows an attacker to cause a denial of service or...

Itetris 1.6.1/1.6.2 - Privileged Arbitrary Command Execution

// source: https://www.securityfocus.com/bid/2139/info Itetris, or "Intelligent Tetris", is a clone of the popular Tetris puzzle game for linux systems. The svgalib version of Itetris is installed setuid root so that it may access video hardware when run by a regular user. Itetris contains a...

ezmlm-cgi/ezmlm-idx-0.40 security advisory

Summary: ezmlm-cgi is part of the ezmlm-idx-0.40.tar.gz package and allows web access to mailing list archives. When ezmlm-cgi is installed SUID user other than root, it can be used to execute arbitrary commands with the effective uid of the SUID user. Scope: Default installations of ezmlm-idx-0....

CVE-2000-1021

Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL...

CVE-2000-1024

eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands...

Leif M. Wright everythingform.cgi 2.0 - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2101/info An input validation vulnerability exists in Leif M. Wright's everything.cgi, a Perl-based form design tool. The script fails to properly filter shell commands from user-supplied input to the 'config' field. As a result, the script can be made to...

CSA-200012.txt

CHINANSL Security AdvisoryCSA-200012 Topic: Ultraseek Server 3.0 Vulnerability Release Date£º Dec 6, 2000 Affected system: ============ Ultraseek Server 3.0 ¡¡¡¡- SunOS Impact: ====== CHINANLS security team has found a security problem in Ultraseek Server 3.0 . Exploitation of this vulnerability,...

Endymion MailMan 3.0.x - Arbitrary Command Execution

source: https://www.securityfocus.com/bid/2063/info A vulnerability exists in 3.x versions of Endymion MailMan Webmail prior to release 3.0.26. The widely-used Perl script provides a web-email interface. Affected versions make insecure use of the perl open function. Attackers can control the way...

Microsoft IIS Phone Book Service /pbserver/pbserver.dll Remote Overflow

The CGI /pbserver/pbserver.dll is subject to a buffer overflow attack that may allow an attacker to execute arbitrary commands on this host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid10564; scriptversion"1.43...

CVE-2000-1021

Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL...

Security problems with TWIG webmail system

Twig is a popular webmail system written in PHP, once called Muppet. Author: Christopher Heschong Homepage: http://twig.screwdriver.net Version: 2.5.1 latest Problem: The possibility of processing our own php file , can leed to arbitrary command execution on the server as the httpd user. Status:...

Security problems with Phorum php message board

Author: Brian Moon Homepage: www.phorum.org Version: 3.2.6 Problem: Any user can parse a choosed php script file using the Phorum sustem. It is also possibel, under certain circunstances, to execute arbitrary commands on the server as the httpd user. Status: Fixed in version 3.2.7 released...