6556 matches found
Multiple vulnerabilities in SNMPv1 trap handling
Overview Multiple vendor SNMPv1 Trap handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below...
CVE-2001-0820
Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to execute arbitrary code via long arguments that are passed to 1 the Log function in util.c, or 2 serveconnection in protocol.c...
CVE-2001-0820
GazTek ghttpd 1.4 is affected by buffer overflows that enable a remote attacker to execute arbitrary code via excessively long arguments passed to (1) Log in util.c or (2) serveconnection in protocol.c. The CVE entry (CVE-2001-0820) documents a remote code execution risk with a CVSSv2 base score ...
Progres Databse PROMSGS Format strings issue.
Well once again I have found yet another Progress database issue. The PROMSGS has been looked at one time already for buffer overflows. It was supposed to be fixed. I was poking around at it today and noticed these format strings issues... PROGRESS Version 9.1C as of Thu Jun 7 10:03:59 EDT 2001...
Security Update: [CSSA-2001-SCO.25] OpenServer: various scoadmin/sysadm subprograms have buffer overflows
To: [email protected] [email protected] [email protected] [email protected] Do not reply to this mail. This security advisory is being sent from a nonexistent address in order to avoid spam problems. Caldera's contact address for UNIX security issue...
Progress Database 8.39.1 - Multiple Buffer Overflows
Progress Database 8.39.1 - Multiple Buffer Overflows source: https://www.securityfocus.com/bid/3404/info Progress is a commercial database for Microsoft Windows and Unix systems. Locally exploitable buffer overflows are prevalent throughout many Progress Database programs. This is largely due to...
Progress Database 8.3/9.1 - Multiple Buffer Overflows
source: https://www.securityfocus.com/bid/3404/info Progress is a commercial database for Microsoft Windows and Unix systems. Locally exploitable buffer overflows are prevalent throughout many Progress Database programs. This is largely due to insufficient bounds checking of data which is...
Многочисленные проблемы в EFTP (multiple bugs)
ОБратный путь в директориях, пароли в открытой форме, переполнения буфера, информация о системе и т.д...
CVE-1999-1502
CVE-1999-1502 affects the Quake 1.9 client. It is due to buffer overflows triggered by long values in four fields (precache paths, server name, server address, argument to the map console command), allowing a remote attacker to execute arbitrary commands on the client. Exploitation details are no...
CVE-2001-0636
Buffer overflows in Raytheon SilentRunner allow remote attackers to 1 cause a denial of service in the collector cle.exe component of SilentRunner 2.0 via traffic containing long passwords, or 2 execute arbitrary commands via long HTTP queries in the Knowledge Browser component in SilentRunner 2....
Security Update: [CSSA-2001-031.0] Linux -security issues in ucd-snmp
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Caldera International, Inc. Security Advisory Subject: Linux - security issues in ucd-snmp Advisory number: CSSA-2001-031.0 Issue date: 2001, August 16 Cross reference: 1. Problem Description In a routine security audit of the ucd-snmp package we have...
Critical: Red Hat Security Advisory: : Updated Kerberos 5 packages now available
Updated Kerberos 5 packages are now available for Red Hat Linux 6.2, 7, and 7.1. These updates close vulnerabilities due to potential buffer overflows in the Kerberos-aware telnet server included in the krb5-workstation package. By exploiting buffer overflows in the telnet server included in the...
pileup 1.2
Attached you will find pileup-1.2 which fixes the scanf buffer overflows, allowing root access as demonstrated by Charles Stevenson. The fix was written by Richard Everitt [email protected], the author of pileup. Regards, Joop -- Joop Stakenborg - Debian GNU/Linux developer...
NetWin Authentication Module 3.0b password storage vulnerabilities / buffer overflows
NetWin Authentication Module 3.0b password storage vulnerabilities / buffer overflows AFFECTED SYSTEMS NWAuth module as used by DMail, SurgeFTP, others... cfr www.netwinsite.com I've tested SurgeFTP in particular The source code for NWAuth 2.0 can be found at...
CVE-2001-1320
Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via exceptional BER encodings possibly buffer overflows, as demonstrated by the PROTOS LDAPv3 test suite...
CVE-2001-0358
Buffer overflows in Sierra Half-Life build 1573 and earlier allow remote attackers to execute arbitrary code via 1 a long map command, 2 a long exec command, or 3 long input in a configuration file...
CVE-2001-0432
Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands...
CVE-2001-0476
Multiple buffer overflows in s.cgi program in Aspseek search engine 1.03 and earlier allow remote attackers to execute arbitrary commands via 1 a long HTTP query string, or 2 a long tmpl parameter...
CVE-2000-1174
CVE-2000-1174 affects Ethereal (now Wireshark) up to version 0.8.13 and earlier, where multiple buffer overflows in the AFS ACL parser allow remote attackers to execute arbitrary commands by sending a crafted packet with a long username. The flaw is in the parser’s handling of AFS ACL data, enabl...
CVE-2000-1174
Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username...