CVE-2002-0290

Netwin WebNews WebNews.cgi (Webnews.exe) version 1.1 is affected by a buffer overflow when processing a long group argument in the WebNews CGI, allowing remote attackers to execute arbitrary code. The issue is described across CVE-2002-0290 records (NVD/Nessus/OpenVAS) with a base CVSS v2 score o...

CVE-2002-0947

CVE-2002-0947 describes a buffer overflow in the rwcgi60 CGI program used by Oracle Reports Server 6.0.8.18.0 and earlier (Oracle9iAS and other products). The vulnerability allows a remote attacker to execute arbitrary code via a long database name parameter. The Oracle RWCGI60 component handles ...

CVE-2003-0057

Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code 1 via a long attachment filename that is not properly handled by the hypermail executable, or 2 by connecting to the mail CGI program from an IP address...

Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C.

======================================== INetCop Security Advisory 2002-0x82-007 ======================================== Title: Remote Frame Pointer Overwrite vulnerability in LIB CGI in Language C. 0x01. Description A simple mode of develop CGI in language C. The libcgi package is a library...

Remote Multiple Buffer Overflow(s) vulnerability in Libcgi-tuxbr.

======================================== INetCop Security Advisory 2002-0x82-008 ======================================== Title: Remote Multiple Buffer Overflows vulnerability in Libcgi-tuxbr. 0x01. Description LIBCGI is a simple of functions to create CGI programs in C. It provides support for...

CVE-2002-1089

rwcgi60 CGI program in Oracle Reports Server, by design, provides sensitive information such as the full pathname, which could enable remote attackers to use the information in additional attacks...

CVE-2002-1089

CVE-2002-1089 affects rwcgi60, the CGI used with Oracle Reports Server. The flaw is an information disclosure: the program can reveal sensitive data (the full pathname), which an attacker could leverage for further attacks. Connected documents (Nessus plugin) confirm rwcgi60 exposure as part of O...

CVE-2002-0948

The CVE-2002-0948 entry concerns Scripts For Educators MakeBook 2.2 CGI, where the (1) Name and (2) Email parameters are not properly filtered. This allows remote attackers to execute arbitrary scripts as other visitors, or to trigger server-side includes (SSI) with the web server context. The NV...

qmailadmin 1.0.x - Local Buffer Overflow

qmailadmin 1.0.x - Local Buffer Overflow / source: https://www.securityfocus.com/bid/5404/info The qmailadmin utility, developed by Inter7, is vulnerable to a buffer overflow condition. It is meant to run as a CGI program and is typically installed setuid owned by root on some systems, regular...

qmailadmin 1.0.x - Local Buffer Overflow

/ source: https://www.securityfocus.com/bid/5404/info The qmailadmin utility, developed by Inter7, is vulnerable to a buffer overflow condition. It is meant to run as a CGI program and is typically installed setuid owned by root on some systems, regular users on others. qmailadmin fails to...

CVE-2002-0360

Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program...

CVE-2002-0290

Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument...

CVE-2002-0360

Buffer overflow in Sun AnswerBook2 1.4 through 1.4.3 allows remote attackers to execute arbitrary code via a long filename argument to the gettransbitmap CGI program...

CVE-2002-0360

The CVE-2002-0360 issue affects Sun AnswerBook2 1.4–1.4.3, where a buffer overflow in the gettransbitmap CGI allows a remote attacker to execute arbitrary code via a long filename argument. Impact is remote code execution with the daemon privileges; no exploit details are provided in the document...

CVE-2002-0099

Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote attackers to cause a denial of service crash via a long HTTP request to the cgi-bin directory in which the CGI program name contains a large number of . dot characters...

CVE-2002-0099

Buffer overflow in Michael Lamont Savant Web Server 3.0 allows remote attackers to cause a denial of service crash via a long HTTP request to the cgi-bin directory in which the CGI program name contains a large number of . dot characters...

CVE-2001-0997

Textor Webmasters Ltd listrec.pl CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the TEMPLATE parameter...

CVE-2001-0947

The CVE-2001-0947 issue affects ValiCert Enterprise Validation Authority (EVA) versions 3.3 through 4.2.1. It allows remote attackers to determine the server’s real pathname by requesting an invalid extension, which causes an error page that reveals the path. The vulnerability is a server-path di...

CVE-2001-0924

CVE-2001-0924 describes a directory traversal vulnerability in the Informix SQL Web DataBlade CGI (LO parameter) that allows remote attackers to read arbitrary files on the affected system. The issue arises from improper handling of the .. (dot dot) path traversal in the LO parameter of the ifx C...

CVE-2001-0689

Vulnerability in TrendMicro Virus Control System 1.8 allows a remote attacker to view configuration files and change the configuration via a certain CGI program...