HP Tru64 UNIX "inc" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "inc" contains a locally exploitable buffer overflow. Description "inc" is used to incorporate new mail. A locally exploitable buffer overflow in "inc" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable...

Netris 0.3/0.4/0.5 - Remote Memory Corruption

// source: https://www.securityfocus.com/bid/5680/info Netris is prone to a remotely exploitable memory corruption issue. Netris is prone to a remotely exploitable memory corruption issue. An attacker may exploit this to execute arbitrary code with the privileges of the user invoking the vulnerab...

Netris 0.30.40.5 - Remote Memory Corruption

Netris 0.30.40.5 - Remote Memory Corruption // source: https://www.securityfocus.com/bid/5680/info Netris is prone to a remotely exploitable memory corruption issue. Netris is prone to a remotely exploitable memory corruption issue. An attacker may exploit this to execute arbitrary code with the...

Canna SR_INIT Command Remote Overflow

The remote host is running Canna, a service that processes Japanese input and translates it from kana to kanji. It was possible to make the remote Canna server crash by sending a SRINIT command with a very long string. A remote attacker could use this to crash the service, or possibly execute...

GDAM123 0.933/0.942 - Filename Buffer Overflow

// source: https://www.securityfocus.com/bid/5578/info The GDAM123 command-line MP3 player is prone to a buffer overflow condition when handling overly long filenames. Under some circumstances, the player may be installed setuid root to allow unprivileged users to run the player if access to...

WorldView vulnerability on IRIX

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: WorldView vulnerability Number: 20000803-01-P Date: August 21, 2002 Reference: SGI Security Advisory 20000803-01-A Reference: CVE CAN-2000-0704 - ----------------------- - --- Issue Specifics --- - ----------------------- This bullet...

SecureCRT 2.4/3.x/4.0 - SSH1 Identifier String Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/5287/info The SecureCRT client is prone to a buffer-overflow condition when attempting to handle an overly long SSH1 protocol identifier string. Reportedly, an attacker can exploit this issue via a malicious server. Exploiting this issue may allow an...

ymxp.txt

Yahoo! Messenger 5,0,0,1061 Buffer Overflow Exploit for Win XP Pro Intro: Proof of concept code for YM Buffer Overflow as discovered in: http://packetstorm.decepticons.org/advisories/misc/yahoo-im.txt Code flow: Overwrite EIP at 218 Point EIP to a "RET" in the memory "RET" jumps to beginning of...

IBM Informix SE 7.25 sqlexec - Local Buffer Overflow (1)

IBM Informix SE 7.25 sqlexec - Local Buffer Overflow 1 // source: https://www.securityfocus.com/bid/4891/info Informix is an enterprise database distributed and maintained by IBM. A buffer overflow vulnerability has been reported for Informix-SE for Linux. The overflow is due to an unbounded stri...

MDaemon WorldClient 5.0.x - Folder Creation Buffer Overflow

source: https://www.securityfocus.com/bid/4689/info MDaemon is an integrated mail transport agent, webmail, and mail anti-virus package. It is available for Microsoft Windows operating systems. It may be possible for a remote user to take advantage of a buffer overflow in the MDaemon software...

CVE-2002-0297

Buffer overflow in ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long URL in an HTTP request...

EZNE.NET Ezboard 2000 - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/4068/info Ezboard 2000 is a web based bulletin board system. It is available for Linux systems. A vulnerability has been reported in some versions of Ezboard. In some CGI programs, user supplied data is written to a staticly sized array with a sprintf cal...

[resend] Avirt Gateway Telnet Vulnerability (and more?)

Strumpf Noir Society Advisories ! Public release ! -- -= Avirt Gateway Telnet Vulnerability and more? =- Release date: Friday, January 18, 2002 Introduction: The Utah, USA-based company Avirt specializes in the development of inter-networking and sharing technologies. As such, it maintains the SO...

Boozt 0.9.8 - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/3787/info Boozt! is a free open source banner management software for Linux hosts. An issue has been reported which could allow for a user to execute arbitrary code on a Boozt! host. This is acheivable when a Boozt! user attempts to create a new banner...

SapporoWorks Black JumboDog 2.6.42.6.5 - HTTP Proxy Buffer Overflow

SapporoWorks Black JumboDog 2.6.42.6.5 - HTTP Proxy Buffer Overflow // source: https://www.securityfocus.com/bid/3858/info Black JumboDog 2.6.4 and 2.6.5 HTTP proxy is vulnerable to an exploitable buffer overflow. The buffer overflow can be exploited by sending excessively long "expires",...

Rational ClearCase 3.24.x - DB Loader TERM Environment Variable Buffer Overflow

Rational ClearCase 3.24.x - DB Loader TERM Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a...

[SECURITY] [DSA-070-1] netkit-telnet AYT buffer overflow

------------------------------------------------------------------------ Debian Security Advisory DSA-070-1 [email protected] http://www.debian.org/security/ Robert van der Meulen August 10, 2001 - ------------------------------------------------------------------------ Package : netkit-telnet...

Oracle 8i - TNS Listener Buffer Overflow

// source: https://www.securityfocus.com/bid/2941/info Oracle 8i ships with a component called TNS Listener. TNS Listener is used to arbitrate communication between remote database clients/applications and the database server. There exists a remotely exploitable buffer overflow in TNS Listener...

multiple vendor telnet daemon vulnerability

This is a short version of the original advisory. Most details about exploiting this vulnerabilty have been removed after thinking about it. I do not release it because it makes me happy, and I would like you to please not assume things about the reasons involving this posting. I wish things woul...

cfingerd 1.4.1/1.4.2/1.4.3 Utilities - Local Buffer Overflow (3)

// source: https://www.securityfocus.com/bid/2914/info cfingerd is a secure implementation of the finger daemon. cfingerd has been contributed to by many authors, and is maintained by the cfingerd development team. A buffer overflow in cfingerd makes it possible for a local user to gain elevated...