15 matches found
EUVD-2008-2353
Malware in sbrugna...
EUVD-2010-0531
Malware in sbrugna...
CVE-2010-0500
Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service arbitrary client blacklisting via a crafted DNS PTR record, related to a "plist injection issue."...
SUSE CVE-2022-28391
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors...
Cross Site Scripting (XSS)
busybox is vulnerable to Cross Site Scripting XSS. The vulnerability exists due to arbitrary code execution which allows an attacker to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal...
CVE-2022-28391
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors...
AZL-41790 CVE-2022-28391 affecting package busybox for versions less than 1.36.1-3
BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors...
Design/Logic Flaw
Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service arbitrary client blacklisting via a crafted DNS PTR record, related to a "plist injection issue."...
CVE-2010-0500
Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, which allows remote attackers to cause a denial of service arbitrary client blacklisting via a crafted DNS PTR record, related to a "plist injection issue."...
CVE-2008-2357
Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...
Stack overflow
Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...
CVE-2008-2357
CVE-2008-2357 affects mtr prior to version 0.73, where a stack-based buffer overflow in split_redraw (split.c) can be triggered by a crafted DNS PTR record when using -p. Several OpenVAS/Nessus entries link this to multiple distributions (e.g., SUSE/OpenSUSE, Gentoo GLSA, Slackware SSA) and refer...
CVE-2008-2357
Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...
CVE-2008-2357
Stack-based buffer overflow in the splitredraw function in split.c in mtr before 0.73, when invoked with the -p aka --split option, allows remote attackers to execute arbitrary code via a crafted DNS PTR record. NOTE: it could be argued that this is a vulnerability in the nsnamentop function in...
CVE-2001-1033
Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a system that does not have a DNS PTR record, which causes the cluster to enter a "split-brain" state...