7706 matches found
CVE-2001-1095
Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter...
Microsoft Remote Access Service API contains additional buffer overflow vulnerability via phonebook entries
Overview The Microsoft Remote Access Service API contains a vulnerability that allows local attackers to execute arbitrary code with system privileges. Description The Microsoft Remote Access Service RAS Application Programming Interface API allows Windows programs to make dial-up connections to...
Microsoft Remote Access Service API contains buffer overflow vulnerability via phonebook entries
Overview The Microsoft Remote Access Service API contains a vulnerability that allows local attackers to execute arbitrary code with system privileges. Description The Microsoft Remote Access Service RAS Application Programming Interface API allows Windows programs to make dial-up connections to...
CVE-2002-0426
VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys...
CVE-2002-1638
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2002-2153. Reason: This candidate is a duplicate of CVE-2002-2153. Notes: All CVE users should reference CVE-2002-2153 instead of this candidate. All references and descriptions in this candidate have been removed to prevent...
Critical Path InJoin Directory Server 4.0 - File Disclosure
Critical Path InJoin Directory Server 4.0 - File Disclosure source: https://www.securityfocus.com/bid/4718/info Critical Path provides an LDAP Lightweight Directory Access Protocol Directory Server called InJoin. InJoin Directory Server is provided for Microsoft Windows operating systems and Unix...
CVE-2002-0271
Runtime library in GNU Ada compiler GNAT 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files...
xNewsletter 1.0 - Form Field Input Validation
xNewsletter 1.0 - Form Field Input Validation source: https://www.securityfocus.com/bid/4516/info xNewsletter is a script that allows web users to subscribe to a newsletter. It is written in PHP and will run on most Unix and Linux variants, as well as Microsoft Windows operating systems...
CVE-2001-0527
DCScripts DCForum versions 2000 and earlier allow a remote attacker to gain additional privileges by inserting pipe symbols | and newlines into the last name in the registration form, which will create an extra entry in the registration database...
Обход входа на машину в клиенте Novell Netware (protection bypass)
Из приглашения входа можно вызвать программу справки, которая позволяет открыть любой файл и выполнить приложение...
CVE-2001-1147
The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pamlimits...
PT-2001-2496 · Openssh +1 · Openssh +1
Name of the Vulnerable Software and Affected Versions: OpenSSH versions prior to 2.9.9p2 Description: The issue concerns the "echo simulation" traffic analysis countermeasure in OpenSSH. This countermeasure sends an additional echo packet after the password and carriage return is entered. As a...
CVE-1999-1366
Pegasus e-mail client 3.0 and earlier uses weak encryption to store POP3 passwords in the pmail.ini file, which allows local users to easily decrypt the passwords and read e-mail...
CVE-1999-1187
Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail...
CVE-1999-1387
Windows NT 4.0 SP2 allows remote attackers to cause a denial of service crash, possibly via malformed inputs or packets, such as those generated by a Linux smbmount command that was compiled on the Linux 2.0.29 kernel but executed on Linux 2.0.25...
CVE-1999-1185
Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry TERM in the .mscreenrc file...
CVE-1999-1185
The CVE-1999-1185 issue affects SCO mscreen and is caused by a buffer overflow in handling a long TERM entry in the .mscreenrc file, enabling local users to gain root privileges. The provided documents identify the vulnerable component and the impact (local privilege escalation) but do not includ...
GNU findutils 4.04.1 - Locate Arbitrary Command Execution
GNU findutils 4.04.1 - Locate Arbitrary Command Execution // source: https://www.securityfocus.com/bid/3127/info GNU locate is an application that searches file databases for file names that match user-supplied patterns. A boundary condition error can occur when the program reads database files...
CVE-1999-0223
Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry...
How to remove .printer mapping (WAS RE: Permanently remove IIS printer mapping)
This is from another list I receive. It explains this scenario rather well. Keith --------------------------------------------------- All IIS Administrators Please Read this Immediately --------------------------------------------------- I wanted to get this out right away. More info to follow. O...