5334 matches found
Oracle OTRCREP Oracle 8/9 - Home Environment Variable Buffer Overflow
// source: https://www.securityfocus.com/bid/3139/info Oracle is an Enterprise level SQL database, supporting numerous features and options. It is distributed and maintained by Oracle Corporation. A buffer overflow has been discovered in the handling of $ORACLEHOME by otrcrep. otrcrep is installe...
Slackware 7.0/7.1/8.0 - Manual Page Cache File Creation
// source: https://www.securityfocus.com/bid/3054/info Slackware Linux contains a configuration error that enables local users to create files in the directory used by the system manual pager 'man' for cache files. Due to the behaviour of the 'man' program, it may be possible for an attacker to...
Advisory CA-2001-16
-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2001-16 Oracle 8i contains buffer overflow in TNS listener Original release date: July 03, 2001 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected Systems running Oracle 8i Overview A...
Rxvt 2.6.12.6.2 - Local Buffer Overflow
Rxvt 2.6.12.6.2 - Local Buffer Overflow source: https://www.securityfocus.com/bid/2878/info Rxvt is a color VT102 terminal emulator for X intended as an xterm1 replacement. A buffer overflow vulnerability exists in rxvt. The error occurs when certain command line options with long arguments are...
WFTPD "Pro" 3.0 R4 Buffer Overflow
WFTP is the Win/NT FTP server by Alun Jones, "an author acknowledged as an expert in FTP and TCP/IP". This advisory pertains to "Professional" version 3.00 R4, which appears to be the current version. It can be downloaded from the author's site at http://www.wftpd.com/. WFTPD is released as...
ISC INN 2.x - Command-Line Buffer Overflow (2)
source: https://www.securityfocus.com/bid/2620/info The innfeed utility, part of ISC InterNetNews, has an exploitable buffer overflow in its command-line parser. Specifically, innfeed will overflow if an overly long -c option is passed to it. A local attacker in the news group could use this...
ISC INN 2.x - Command-Line Buffer Overflow (2)
ISC INN 2.x - Command-Line Buffer Overflow 2 source: https://www.securityfocus.com/bid/2620/info The innfeed utility, part of ISC InterNetNews, has an exploitable buffer overflow in its command-line parser. Specifically, innfeed will overflow if an overly long -c option is passed to it. A local...
X 11.0/3.3.3/3.3.4/3.3.5/3.3.6/4.0 - libX11 '_XAsyncReply()' Stack Corruption
// source: https://www.securityfocus.com/bid/1408/info A vulnerability exists in the XAsyncReply function of libX11. This function utilizes size information retrieved as part of a client supplied packet. This value is a signed integer. By forcing this value to be negative, it becomes possible to...
Solaris 7.0/8 - Xsun Buffer Overrun
// source: https://www.securityfocus.com/bid/1140/info A buffer overrun vulnerability exists in the Xsun X11 server, as shipped as part of Solaris 7 and 8 from Sun Microsystems. By supplying a long argument to the -dev option normally used to set the output device, it is possible to execute...
Mirabilis ICQ 0.99b 1.1.1.13.19 - Remote Buffer Overflow
Mirabilis ICQ 0.99b 1.1.1.13.19 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/929/info ICQ is an individual to individual chat network which has clients installed on millions of computers around the world. It is, by far, the most widely used and is vulnerable to a remote buff...
CVE-1999-0032
Buffer overflow in lpr, as used in BSD-based systems including Linux, allows local users to execute arbitrary code as root via a long -C classification command line option...
RedHat Linux 4.2 / SGI IRIX 6.3 / Solaris 2.6 - 'mailx' (1)
// source: https://www.securityfocus.com/bid/393/info A buffer overrun exists in the /bin/mailx program. This program was originally developed as part of BSD, and is available on many Unix systems. By supplying a long, well crafted buffer as the username argument, an attacker can use it to execua...
NCSA HTTPd 1.x - Remote Buffer Overflow (2)
// source: https://www.securityfocus.com/bid/3158/info NCSA HTTPd is a free, open-source web server for nix systems. NCSA HTTPd versions 1.3 and earlier are prone to an exploitable buffer overflowin the username field which will allow malicious remote users to execute arbitrary code with the...
CVE-2024-33219
An issue in the component AsIO64.sys of ASUSTeK Computer Inc ASUS SABERTOOTH X99 Driver v1.0.1.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests...