7965 matches found
CVE-2005-0639
Multiple vulnerabilities in xli before 1.17 may allow remote attackers to execute arbitrary code via "buffer management errors" from certain image properties, some of which may be related to integer overflows in PPM files...
CVE-2004-1035
Multiple integer signedness errors in 1 imapcommon.c, 2 main.c, 3 request.c, and 4 select.c for up-imapproxy IMAP proxy 1.2.2 allow remote attackers to cause a denial of service server crash and possibly leak sensitive information via certain literal values that are not properly handled when usin...
CVE-2004-1035
Multiple integer signedness errors in 1 imapcommon.c, 2 main.c, 3 request.c, and 4 select.c for up-imapproxy IMAP proxy 1.2.2 allow remote attackers to cause a denial of service server crash and possibly leak sensitive information via certain literal values that are not properly handled when usin...
Scrapland 1.0 - Server Termination Denial of Service
Scrapland 1.0 - Server Termination Denial of Service / by Luigi Auriemma / include include include include ifdef WIN32 include / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include include void stderrvoid char error;...
Path disclosure
PMASA-2005-2 Announcement-ID: PMASA-2005-2 Date: 2005-02-26 Summary Path disclosure Description By calling some scripts that are part of phpMyAdmin in an unexpected way especially scripts in the libraries subdirectory, it is possible to trigger phpMyAdmin to display a PHP error message which...
[Full-Disclosure] iDEFENSE Security Advisory 02.23.05: Sun Solaris kcms_configure Arbitrary File Corruption Vulnerability
Sun Solaris kcmsconfigure Arbitrary File Corruption Vulnerability iDEFENSE Security Advisory 02.23.05 www.idefense.com/application/poi/display?id=206&type=vulnerabilities February 23, 2005 I. BACKGROUND The kcmsconfigure utility is part of the Kodak Color Management System KCMS package that is...
Tarantella Secure Global Desktop user enumeration
If RSA SecurID is used for authentication error messages differes for invalid username...
HP-UX PHNE_31726 : HP-UX Running BIND v920, Remote Denial of Service (DoS) (HPSBUX00290 SSRT3622 rev.5)
s700800 11.23 Bind 9.2.0 components : 1. Certain ASN.1 encodings that are rejected as invalid by the parser can trigger a bug in the deallocation of the corresponding data structure, corrupting the stack. This can be used as a denial of service attack. It is currently unknown whether this can be...
security flaw
lppasswd in CUPS 1.1.22 ignores write errors when modifying the CUPS passwd file, which allows local users to corrupt the file by filling the associated file system and triggering the write errors...
Emacs, XEmacs: Format string vulnerabilities in movemail
Background GNU Emacs and XEmacs are highly extensible and customizable text editors. movemail is an Emacs utility that can fetch mail on remote mail servers. Description Max Vozeler discovered that the movemail utility contains several format string errors. Impact An attacker could set up a...
GLSA-200501-25 : Squid: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200501-25 Squid: Multiple vulnerabilities Squid contains a vulnerability in the gopherToHTML function CAN-2005-0094 and incorrectly checks the 'number of caches' field when parsing WCCPISEEYOU messages CAN-2005-0095. Furthermore t...
Quake 3 Engine - Infostring Crash and Shutdown
Quake 3 Engine - Infostring Crash and Shutdown / by Luigi Auriemma / include include include ifdef WIN32 include / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include include void stderrvoid char error;...
Quake 3 Engine - Infostring Crash and Shutdown
/ by Luigi Auriemma / include include include ifdef WIN32 include / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include include void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system...
Logon with wrong user/password gives 'weird' errorpage.
Error screen after wrong login is 'weird'...
Armagetron Advanced <= 0.2.7.0 Server Crash Exploit
Exploit for unknown platform in category dos / poc =================================================== Armagetron Advanced include include include ifdef WIN32 include / inserted win32.h /str0ke / / Header file used for manage errors in Windows It support socket and errno too this header replace t...
Armagetron Advanced 0.2.7.0 - Server Crash
/ by Luigi Auriemma / include include include include ifdef WIN32 include / inserted win32.h /str0ke / / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include include void stderrvoid char error; switchWSAGetLastError ca...
Armagetron Advanced 0.2.7.0 - Server Crash
Armagetron Advanced 0.2.7.0 - Server Crash / by Luigi Auriemma / include include include include ifdef WIN32 include / inserted win32.h /str0ke / / Header file used for manage errors in Windows It support socket and errno too this header replace the previous sockerrX.h / include include void...
Armagetron Advanced <= 0.2.7.0 Server Crash Exploit
No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h include time.h ifdef WIN32 include winsock.h / inserted win32.h /str0ke / / Header file used for manage errors in Windows It support socket and errno too this header replace the previous...
awstats -- arbitrary command execution
Several input validation errors exist in AWStats that allow a remote unauthenticated attacker to execute arbitrary commands with the priviliges of the web server. These programming errors involve CGI parameters including loadplugin, logfile, pluginmode, update, and possibly others. Additionally,...
CVE-2005-0180
Multiple integer signedness errors in the sgscsiioctl function in scsiioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copyfromuser and copytouser functions...