65 matches found
CVE-1999-0406
Digital Unix Networker program nsralist has a buffer overflow which allows local users to obtain root privilege...
CVE-1999-0358
Digital Unix 4.0 has a buffer overflow in the inc program of the mh package...
EUVD-2001-1074
Malware in sbrugna...
EUVD-1999-0358
Malware in sbrugna...
EUVD-2001-1073
Malware in sbrugna...
EUVD-2000-0832
Malware in sbrugna...
EUVD-1999-1025
Malware in sbrugna...
EUVD-1999-1439
Malware in sbrugna...
EUVD-1999-0406
Malware in sbrugna...
EUVD-1999-1191
Malware in sbrugna...
EUVD-1999-1202
Malware in sbrugna...
Digital UNIX 4.0/4.0 B/4.0 D SUID/SGID Core File Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/74/info Digital UNIX 4.0 will follow symlinks while writting core files if two setuid programs dump core in sucession. The core file is owned by root but with the user's groud id. The core file permissions are 0600. This...
Digital Unix 4.0 MSGCHK MH_PROFILE Symbolic Link Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3320/info The msgchk utility under certain versions of Digital Unix contains an information disclosure vulnerability which could yield root privilege. Because msgchk fails to check file permissions before opening user...
Tru64 Malformed TCP Packet Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4011/info It has been reported that Tru64 systems may be prone to a denial of service condition when handling malformed TCP packets. Specifically, when processing a malformed TCP packet with both the SYN and FIN flags set...
Digital Unix 4.0 MSGCHK Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3311/info The msgchk utility under certain versions of Digital Unix contains a buffer overflow vulnerability which could yield root privilege. If a local user invokes the msgchk utility at the command line, argumented wit...
Apache Tomcat 'RemoteFilterValve'安全绕过漏洞
BUGTRAQ ID: 31698 CVE ID:CVE-2008-3271 CNCVE ID:CNCVE-20083271 Apache Tomcat是一款流行的开放源码的JSP应用服务器程序。 Apache Tomcat处理'RemoteFilterValve'扩展存在安全绕过问题,远程攻击者可以利用漏洞绕过访问限制,获得敏感信息。 在使用RemoteAddrValve允许部分地址访问引擎时: Valve className="org.apache.catalina.valves.RemoteAddrValve" allow="a.b.c.d"/...
BMC Patrol BGS_SDservice.EXE内存破坏漏洞
BMC Patrol是一款用于提供数据库系统监控的解决方案。 BMC Patrol PerformAgent服务存在内存破坏问题,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 bgssdservice.exe默认监听TCP 10128端口,由于不正确解析发送给此服务的XDR数据,攻击者可以操作进行内存拷贝操作的参数,而导致堆栈破坏,包括SEH指针,可造成任意指令执行。 BMC Software Patrol 3.5 BMC Software Patrol 3.4.11 BMC Software Patrol 3.3 BMC Software Patrol 3.2.7 BMC...
CVE-2001-1092
msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mhprofile file...
CVE-2001-1093
Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument...
CVE-2001-1092
CVE-2001-1092 concerns msgchk in Digital UNIX 4.0G and earlier that allows a local user to read the first line of arbitrary files by a symlink attack on the user’s .mh_profile. The root cause is msgchk reads the profile to obtain configuration options, and if linked to a target file readable by t...