Solaris 2.67.0 - lp -d Option Buffer Overflow

Solaris 2.67.0 - lp -d Option Buffer Overflow // source: https://www.securityfocus.com/bid/1143/info A buffer overrun has been discovered in the lp program, as included with Sun's Solaris 7 operating system. By passing well crafted, machine executable code of sufficient length to the -d option of...

FrontPage 98Personal WebServer 1.0 Personal Web Server 2.0 - htimage.exe File Existence Disclosure

FrontPage 98Personal WebServer 1.0 Personal Web Server 2.0 - htimage.exe File Existence Disclosure source: https://www.securityfocus.com/bid/1141/info htimage.exe can be used to determine if a specified path and filename exists on the target host or not. The specified path must be on the same...

FrontPage 97/98 - Server Image Mapper Buffer Overflow

source: https://www.securityfocus.com/bid/1117/info The htimage.exe and imagemap.exe files included with FrontPage handle server-side image mapping functions. Under normal operations, it would be passed a map name and a set of coordinates in the format http: //target/path/htimage.exe/mapname?x,y...

Переполнения буфера в Star Office

Многочисленные перепоолнения буфера при разборе документа позволяют "вставить" в документ исполняемый код...

Halloween Linux 4.0 / RedHat Linux 6.1/6.2 - 'imwheel' (2)

// source: https://www.securityfocus.com/bid/1060/info A vulnerability exists in the 'imwheel' package for Linux. This package is known to be vulnerable to a buffer overrun in its handling of the HOME environment variable. By supplying a sufficiently long string containing machine executable code...

RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x - 'man' Buffer Overrun (1)

/ source: https://www.securityfocus.com/bid/1011/info RedHat 4.0/4.1/4.2/5.0/5.1/5.2/6.0/6.2,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.2/4.4 man Buffer Overrun Vulnerability A buffer overflow exists in the implementation of the 'man' program shipped with RedHat Linux, and other LInux...

Microsoft Windows 95/98/NT 4.0 - 'autorun.inf' Code Execution

source: https://www.securityfocus.com/bid/993/info The Windows Autorun feature was designed to allow an executable and an icon to be specified for any piece of removable media. Upon insertion, the icon would be displayed for the drive, and the executable would automatically run. This feature also...

Microsoft Windows 9598NT 4.0 - autorun.inf Code Execution

Microsoft Windows 9598NT 4.0 - autorun.inf Code Execution source: https://www.securityfocus.com/bid/993/info The Windows Autorun feature was designed to allow an executable and an icon to be specified for any piece of removable media. Upon insertion, the icon would be displayed for the drive, and...

Kuang2 the Virus Detection

Kuang2 the Virus was found. Kuang2 the Virus is a program that infects all the executables on the system, as well as set up a server that allows the remote control of the computer. The client program allows files to be browsed, uploaded, downloaded, hidden, etc on the infected machine. The client...

CVE-1999-0354

This CVE (CVE-1999-0354) affects Internet Explorer 4.x/5.x when paired with Word 97, where a Word 97 template containing executable Visual Basic code can run arbitrary programs on the IE client without warning. The issue also applies to Outlook when viewing a malicious email. The underlying risk ...

CVE-1999-0527

The permissions for system-critical data in an anonymous FTP account are inappropriate. For example, the root directory is writeable by world, a real password file is obtainable, or executable commands such as "ls" can be overwritten...

Microsoft Systems Management Server 2.0 - Default Permissions

source: https://www.securityfocus.com/bid/945/info The default permissions applied to the directory containing the SMS Remote Control executable allow any user to replace the executable with any other executable. The new executable will run with System privileges after the next reboot. Replace...

Microsoft Systems Management Server 2.0 - Default Permissions

Microsoft Systems Management Server 2.0 - Default Permissions source: https://www.securityfocus.com/bid/945/info The default permissions applied to the directory containing the SMS Remote Control executable allow any user to replace the executable with any other executable. The new executable wil...

Microsoft Windows 95/98/NT 4.0 - Help File Backdoor

source: https://www.securityfocus.com/bid/868/info The help files for the Windows Help system .cnt, .hlp can be edited so that they run an arbitrary executable when selected by a user. The executable will run at the privelege level of the user. The .cnt files are like tables of contents that tell...

Microsoft Windows 9598NT 4.0 - Help File Backdoor

Microsoft Windows 9598NT 4.0 - Help File Backdoor source: https://www.securityfocus.com/bid/868/info The help files for the Windows Help system .cnt, .hlp can be edited so that they run an arbitrary executable when selected by a user. The executable will run at the privelege level of the user. Th...

Microsoft Windows NT 4.0SP1SP2SP3SP4SP5SP6 - Services.exe Denial of Service (2)

Microsoft Windows NT 4.0SP1SP2SP3SP4SP5SP6 - Services.exe Denial of Service 2 source: https://www.securityfocus.com/bid/754/info A specially crafted packet can cause a denial of service on an NT 4.0 host, rendering local administration and network communication nearly unusable. This attack will...

Microsoft Windows NT 4.0/SP1/SP2/SP3/SP4/SP5/SP6 - 'Services.exe' Denial of Service (2)

source: https://www.securityfocus.com/bid/754/info A specially crafted packet can cause a denial of service on an NT 4.0 host, rendering local administration and network communication nearly unusable. This attack will crash the "services" executable, which in turn, disables the ability for the...

SCO Open Server 5.0.5 - userOsa Symlink

SCO Open Server 5.0.5 - userOsa Symlink source: https://www.securityfocus.com/bid/701/info Under certain versions of SCO OpenServer there exists a symlink vulnerability which can be exploited to overwrite any file which is group writable by the 'auth' group. The problem in particular is in the th...

SCO Open Server 5.0.5 - 'userOsa' Symlink

source: https://www.securityfocus.com/bid/701/info Under certain versions of SCO OpenServer there exists a symlink vulnerability which can be exploited to overwrite any file which is group writable by the 'auth' group. The problem in particular is in the the /etc/sysadm.d/bin/userOsa executable...

RedHat Linux 4.2/5.2/6.0 / S.u.S.E Linux 6.0/6.1 - Cron Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/602/info The version of Vixie cron that ships with RedHat versions 4.2, 5.2 and 6.0 is vulnerable to a local buffer overflow attack. By utilizing the MAILTO environment variable, a buffer can be overflown in the cronpopen function, allowing an attacker...