3640 matches found
Buffer Overflow in version .14
IC Radius version .14, and possibly earlier versions, contain a buffer overflow that occurs when trying to authenticate with a valid username longer than 24 characters. The culprit is in mysql.c, in the function sqlgetvpdata. This function is normally run 4 times during authentication. The second...
Jgaa WarFTPd 1.66 x4s1.67-3 - CWDMKD Denial of Service
Jgaa WarFTPd 1.66 x4s1.67-3 - CWDMKD Denial of Service // source: https://www.securityfocus.com/bid/966/info War-FTPd 1.67 and possibly previous versions are susceptible to a buffer overflow DoS attack. Due to improper bounds checking in the code that handles MKD and CWD commands, it is possible ...
unixware.su.txt
-----Original Message----- Date: Fri, 26 Nov 1999 04:16:41 +0300 MSK From: Matt Conover To: [email protected] cc: [email protected] Subject: w00giving '99 5 and w00news: UnixWare 7's su Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII w00w00 Security Developmen...
unixware.xlock.txt
-----Original Message----- Date: Fri, 26 Nov 1999 04:29:42 +0300 MSK From: Matt Conover To: [email protected] Subject: w00giving '99 7: UnixWare 7's xlock Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII w00w00 Security Development WSD...
imail.txt
w00w00 Security Development WSD See http://www.datasurge.net/www.w00w00.org until relocation of w00w00.org is complete. Discovered by: Interrupt [email protected] Due to improper bounds checking in Ipswitch's IMAIL POP3 server, a buffer overflow occurs when a lengthy username is sent via "USER ". It...
WFTPD 2.342.403.0 - Remote Buffer Overflow
WFTPD 2.342.403.0 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/747/info WFTPD is reported prone to a remote buffer overflow vulnerability. The issue exists due to a lack of sufficient bounds checking performed on MKD and CWD arguments. It is reported that superfluous data...
WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow
source: https://www.securityfocus.com/bid/747/info WFTPD is reported prone to a remote buffer overflow vulnerability. The issue exists due to a lack of sufficient bounds checking performed on MKD and CWD arguments. It is reported that superfluous data passed to MKD first and then to CWD results i...
WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (PoC)
source: https://www.securityfocus.com/bid/747/info WFTPD is reported prone to a remote buffer overflow vulnerability. The issue exists due to a lack of sufficient bounds checking performed on MKD and CWD arguments. It is reported that superfluous data passed to MKD first and then to CWD results i...
Omnicron OmniHTTPd 1.12.4 Pro - Remote Buffer Overflow
Omnicron OmniHTTPd 1.12.4 Pro - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/739/info There is a remotely exploitable buffer overflow vulnerability in the CGI program "imagemap", which is distributed with Omnicron's OmniHTTPD. During operations made on arguments passed to t...
Omnicron OmniHTTPd 1.1/2.4 Pro - Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/739/info There is a remotely exploitable buffer overflow vulnerability in the CGI program "imagemap", which is distributed with Omnicron's OmniHTTPD. During operations made on arguments passed to the program, a lack of bounds checking on a strcpy call...
Xi Graphics Accelerated X 4.0.x/5.0 - Local Buffer Overflow
// source: https://www.securityfocus.com/bid/488/info Accelerated-X, also known as Accel-X, is a popular commercial X server available from Xi Graphics. The servers are normally installed setuid root, and contain multiple buffer overflow vulnerabilities. These vulnerabilities were found in the...
John OFallon Responder.cgi 1.0 - Denial of Service
John OFallon Responder.cgi 1.0 - Denial of Service source: https://www.securityfocus.com/bid/3155/info responder.cgi' is a free CGI shell script, written in C, for MacHTTP Server and other MacOS webserver products. It is possible to cause a denial of service to MacHTTP webserver due to improper...
John O'Fallon Responder.cgi 1.0 - Denial of Service
source: https://www.securityfocus.com/bid/3155/info responder.cgi' is a free CGI shell script, written in C, for MacHTTP Server and other MacOS webserver products. It is possible to cause a denial of service to MacHTTP webserver due to improper bounds checking in the script 'responder.cgi'. HTTP...
Debian 2.0 - Super Syslog Buffer Overflow
// source: https://www.securityfocus.com/bid/342/info // // After the first super buffer overflow vulnerability was discovered, another appeared shortly after. This vulnerability exists when the syslog option is enabled. The overflow is in the file error.c, in the Error function where the...
WU-FTPD 2.4.2 / SCO Open Server 5.0.5 / ProFTPd 1.2 pre1 - 'realpath' Remote Buffer Overflow (1)
/ source: https://www.securityfocus.com/bid/113/info There is a vulnerability in ProFTPD versions 1.2.0pre1 and earlier and in wu-ftpd 2.4.2 beta 18 VR9 and earlier. This vulnerability is a buffer overflow triggered by unusually long path names directory structures. For example, if a user has wri...
Elm 2.32.4 - TERM Environment Variable Local Buffer Overrun
Elm 2.32.4 - TERM Environment Variable Local Buffer Overrun source: https://www.securityfocus.com/bid/8030/info A buffer overrun has been discovered in Elm. The problem occurs due to insufficient bounds checking performed before copying user-supplied data into an internal memory buffer...
SGI IRIX 6.5.4 Solaris 2.5.1 - ps(1) Buffer Overflow
SGI IRIX 6.5.4 Solaris 2.5.1 - ps1 Buffer Overflow source: https://www.securityfocus.com/bid/220/info The ps command prints information about active processes on a system. Due to insufficient bounds checking on arguments supplied to ps, it is possible to overwrite the internal data space of the p...
BSDOS 2.1 FreeBSD 2.1.5 NeXTstep 4.x IRIX 6.4 SunOS 4.1.34.1.4 - lpr Buffer Overrun (1)
BSDOS 2.1 FreeBSD 2.1.5 NeXTstep 4.x IRIX 6.4 SunOS 4.1.34.1.4 - lpr Buffer Overrun 1 / source: https://www.securityfocus.com/bid/707/info BSD/OS 2.1,FreeBSD 2.1.5,NeXTstep 4.0/4.1,SGI IRIX 6.4,SunOS 4.1.3/4.1.4 lpr Buffer Overrun Vulnerability 1 Due to insufficient bounds checking on arguments i...
BSDOS 2.1 FreeBSD 2.1.5 NeXTstep 4.x IRIX 6.4 SunOS 4.1.34.1.4 - usrbinlpr Buffer Overrun Privilege Escalation (2)
BSDOS 2.1 FreeBSD 2.1.5 NeXTstep 4.x IRIX 6.4 SunOS 4.1.34.1.4 - usrbinlpr Buffer Overrun Privilege Escalation 2 / source: https://www.securityfocus.com/bid/707/info Due to insufficient bounds checking on arguments in this case -C which are supplied by users, it is possible to overwrite the...
BSD/OS 2.1 / FreeBSD 2.1.5 / NeXTstep 4.x / IRIX 6.4 / SunOS 4.1.3/4.1.4 - '/usr/bin/lpr' Buffer Overrun Privilege Escalation (2)
/ source: https://www.securityfocus.com/bid/707/info Due to insufficient bounds checking on arguments in this case -C which are supplied by users, it is possible to overwrite the internal stack space of the lpr program while it is executing. This can allow an intruder to cause lpr to execute...