CVE-2001-0920

The CVE-2001-0920 entry concerns a format string vulnerability in the auto nice daemon (AND) version 1.0.4 and earlier that lets a local user potentially execute arbitrary code by supplying a process name containing a format string. Affected component: the daemon’s handling of process names. Unde...

Interbase 6.0 - GDS_Drop Interbase Environment Variable Buffer Overflow (1)

source: https://www.securityfocus.com/bid/5044/info Interbase is a database distributed and maintained by Borland. It is available for Unix and Linux operating systems. A buffer overflow has been discovered in the gdsdrop program packaged with Interbase. This problem could allow a local user to...

sudo vulnerable to heap corruption via -p parameter

Overview Sudo is susceptible to a locally exploitable heap overflow vulnerability. Description Sudo is a common utility used to allow a system administrator to give users or groups of users rights to run certain programs as root or as another user. A locally exploitable heap overflow can lead to...

CVE-2001-1093

Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument...

CVE-2001-0764

Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument...

Century Software Term For Linux 6.27.869 - Command Line Buffer Overflow

// source: https://www.securityfocus.com/bid/4174/info Term is a commercially available software package for Unix and Linux operating systems. It is distributed and maintained by Century Software. Under some circumstances, it may be possible for a local user to execute arbitrary code. Term does n...

CVE-2001-1541

Buffer overflow in Unix-to-Unix Copy Protocol UUCP in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument...

SSH CRC32 attack detection code contains remote integer overflow

Overview There is a remote integer overflow vulnerability in several implementations of the SSH1 protocol that allows an attacker to execute arbitrary code with the privileges of the SSH daemon, typically root. Description There is a remote integer overflow vulnerability in several implementation...

CVE-2001-1095

Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter...

CVE-2001-0670

Buffer overflow in BSD line printer daemon in.lpd or lpd in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue...

Advisory: Half-Life remote buffer overflow vulnerability

Author: Stan Bubrouski [email protected] Date: September 20, 2001 Program: Half-Life Versions Affected: 1.1.0.8 September 19, 2001 and all previous versions Severity: A Half-Life server can exploit buffer overflow in Client to execute arbitrary code on their machines. Vendor: Valve Software...

CVE-2001-0958

Buffer overflows in eManager plugin for Trend Micro InterScan VirusWall for NT 3.51 and 3.51J allow remote attackers to execute arbitrary code via long arguments to the CGI programs 1 register.dll, 2 ContentFilter.dll, 3 SFNofitication.dll, 4 register.dll, 5 TOP10.dll, 6 SpamExcp.dll, and 7...

CVE-2001-1093

Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument...

NetBSD Security Advisory 2001-015: Insufficient checking of lengths passed to kernel

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2001-015 ================================= Topic: Insufficient checking of lengths passed from userland to kernel Version: NetBSD-current: source prior to August 5, 2001 NetBSD-1.5.1: affected NetBSD-1.5: affected NetBSD-1.4.: affected...

AOLServer 3 - 'Authentication String' Remote Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/3230/info AOLServer is a freely available, open source web server. It was originally written by AOL, and is currently developed and maintained by AOL and public domain. A problem has been discovered that can allow remote users to crash an AOLServer,...

ISC InterNetNews (INN) innfeed contains buffer overflow

Overview A locally exploitable buffer overflow exists in ISC InterNetNews. Description InterNetNews is a Usenet/Netnews news server supported by the Internet Software Consortium and volunteers. Innfeed is a component of InterNetNews that implements the NNTP protocol for transerring news between...

AOLServer 3 - Authentication String Remote Buffer Overflow (1)

AOLServer 3 - Authentication String Remote Buffer Overflow 1 source: https://www.securityfocus.com/bid/3230/info AOLServer is a freely available, open source web server. It was originally written by AOL, and is currently developed and maintained by AOL and public domain. A problem has been...

Solaris 2.678 (SPARC) - xlock Heap Overflow

Solaris 2.678 SPARC - xlock Heap Overflow // source: https://www.securityfocus.com/bid/3160/info Xlock is a utility for locking X-windows displays. It is installed setuid root because it uses the user's password to authorize access to the display when it is locked. The version of xlock that ships...

Solaris 2.6/7/8 (SPARC) - xlock Heap Overflow

// source: https://www.securityfocus.com/bid/3160/info Xlock is a utility for locking X-windows displays. It is installed setuid root because it uses the user's password to authorize access to the display when it is locked. The version of xlock that ships with Solaris as part of OpenWindows...

Oracle OTRCREP Oracle 89 - Home Environment Variable Buffer Overflow

Oracle OTRCREP Oracle 89 - Home Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3139/info Oracle is an Enterprise level SQL database, supporting numerous features and options. It is distributed and maintained by Oracle Corporation. A buffer overflow has been...