CVE-2001-0820

GazTek ghttpd 1.4 is affected by buffer overflows that enable a remote attacker to execute arbitrary code via excessively long arguments passed to (1) Log in util.c or (2) serveconnection in protocol.c. The CVE entry (CVE-2001-0820) documents a remote code execution risk with a CVSSv2 base score ...

Progres Databse PROMSGS Format strings issue.

Well once again I have found yet another Progress database issue. The PROMSGS has been looked at one time already for buffer overflows. It was supposed to be fixed. I was poking around at it today and noticed these format strings issues... PROGRESS Version 9.1C as of Thu Jun 7 10:03:59 EDT 2001...

Security Update: [CSSA-2001-SCO.25] OpenServer: various scoadmin/sysadm subprograms have buffer overflows

To: [email protected] [email protected] [email protected] [email protected] Do not reply to this mail. This security advisory is being sent from a nonexistent address in order to avoid spam problems. Caldera's contact address for UNIX security issue...

Progress Database 8.3/9.1 - Multiple Buffer Overflows

source: https://www.securityfocus.com/bid/3404/info Progress is a commercial database for Microsoft Windows and Unix systems. Locally exploitable buffer overflows are prevalent throughout many Progress Database programs. This is largely due to insufficient bounds checking of data which is...

Progress Database 8.39.1 - Multiple Buffer Overflows

Progress Database 8.39.1 - Multiple Buffer Overflows source: https://www.securityfocus.com/bid/3404/info Progress is a commercial database for Microsoft Windows and Unix systems. Locally exploitable buffer overflows are prevalent throughout many Progress Database programs. This is largely due to...

Многочисленные проблемы в EFTP (multiple bugs)

ОБратный путь в директориях, пароли в открытой форме, переполнения буфера, информация о системе и т.д...

CVE-1999-1502

CVE-1999-1502 affects the Quake 1.9 client. It is due to buffer overflows triggered by long values in four fields (precache paths, server name, server address, argument to the map console command), allowing a remote attacker to execute arbitrary commands on the client. Exploitation details are no...

CVE-2001-0636

Buffer overflows in Raytheon SilentRunner allow remote attackers to 1 cause a denial of service in the collector cle.exe component of SilentRunner 2.0 via traffic containing long passwords, or 2 execute arbitrary commands via long HTTP queries in the Knowledge Browser component in SilentRunner 2....

Security Update: [CSSA-2001-031.0] Linux -security issues in ucd-snmp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Caldera International, Inc. Security Advisory Subject: Linux - security issues in ucd-snmp Advisory number: CSSA-2001-031.0 Issue date: 2001, August 16 Cross reference: 1. Problem Description In a routine security audit of the ucd-snmp package we have...

Critical: Red Hat Security Advisory: : Updated Kerberos 5 packages now available

Updated Kerberos 5 packages are now available for Red Hat Linux 6.2, 7, and 7.1. These updates close vulnerabilities due to potential buffer overflows in the Kerberos-aware telnet server included in the krb5-workstation package. By exploiting buffer overflows in the telnet server included in the...

pileup 1.2

Attached you will find pileup-1.2 which fixes the scanf buffer overflows, allowing root access as demonstrated by Charles Stevenson. The fix was written by Richard Everitt [email protected], the author of pileup. Regards, Joop -- Joop Stakenborg - Debian GNU/Linux developer...

NetWin Authentication Module 3.0b password storage vulnerabilities / buffer overflows

NetWin Authentication Module 3.0b password storage vulnerabilities / buffer overflows AFFECTED SYSTEMS NWAuth module as used by DMail, SurgeFTP, others... cfr www.netwinsite.com I've tested SurgeFTP in particular The source code for NWAuth 2.0 can be found at...

CVE-2001-1320

Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via exceptional BER encodings possibly buffer overflows, as demonstrated by the PROTOS LDAPv3 test suite...

CVE-2001-0358

Buffer overflows in Sierra Half-Life build 1573 and earlier allow remote attackers to execute arbitrary code via 1 a long map command, 2 a long exec command, or 3 long input in a configuration file...

CVE-2001-0432

Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands...

CVE-2001-0476

Multiple buffer overflows in s.cgi program in Aspseek search engine 1.03 and earlier allow remote attackers to execute arbitrary commands via 1 a long HTTP query string, or 2 a long tmpl parameter...

CVE-2000-1174

Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username...

CVE-2000-1174

CVE-2000-1174 affects Ethereal (now Wireshark) up to version 0.8.13 and earlier, where multiple buffer overflows in the AFS ACL parser allow remote attackers to execute arbitrary commands by sending a crafted packet with a long username. The flaw is in the parser’s handling of AFS ACL data, enabl...

Security advisory: krb5 ftpd buffer overflows

-----BEGIN PGP SIGNED MESSAGE----- KRB5 FTPD BUFFER OVERFLOWS 2001-04-25 SUMMARY: Buffer overflows exist in the FTP daemon included with MIT krb5. IMPACT: If anonymous FTP is enabled, a remote user may gain unauthorized root access. A user with access to a local account may gain unauthorized root...

Trend Micro Interscan VirusWall (Linux) 3.0.1 - Multiple Program Buffer Overflows

source: https://www.securityfocus.com/bid/2579/info Interscan Viruswall is a Virus scanning software package distributed and maintained by Trend Micro. It is designed to scan for virus occurances in both incoming and outgoing traffic via SMTP, FTP, and HTTP at the gateway of the network. A proble...