2001 matches found
Abuse 2.0 - Local Buffer Overflow
Abuse 2.0 - Local Buffer Overflow / source: https://www.securityfocus.com/bid/6094/info Vulnerabilities have been discovered in two files used by Abuse. By passing an execessively long commandline argument to Abuse, it is possible to overrun a buffer. Exploiting this issue could allow a local...
HP Tru64 UNIX "dtsession" contains buffer overflow (SSRT2282)
Overview The HP Tru64 UNIX implementation of "dtsession" contains a locally exploitable buffer overflow. Description From the HP Tru64 UNIX reference pages, the "dtsession" utility "provides ICCCM 1.1 compliant session management functionality during a user's session, the time from login to logou...
HP Tru64 UNIX "csh" contains buffer overflow (SSRT2275)
Overview The HP Tru64 UNIX implementation of "csh" contains a locally exploitable buffer overflow. Description "csh" is used to invoke the C shell and interpret commands. A locally exploitable buffer overflow in "csh" may permit a local attacker to gain elevated privileges and execute arbitrary...
HP Tru64 - NLSPATH Environment Variable Local Buffer Overflow (1)
source: https://www.securityfocus.com/bid/5647/info Tru64 is a commercially available UNIX operating system. Tru64 was originally developed by Digital and is now distributed and maintained by HP. A buffer overflow has been discovered in a number of Tru64 binaries. Attackers may exploit this via a...
CVE-2002-0070
Buffer overflow in Windows Shell used as the Windows Desktop allows local and possibly remote attackers to execute arbitrary code via a custom URL handler that has not been removed for an application that has been improperly uninstalled...
CVE-2001-0920
Format string vulnerability in auto nice daemon AND 1.0.4 and earlier allows a local user to possibly execute arbitrary code via a process name containing a format string...
Netscape 4.77 - Composer Font Face Field Buffer Overflow
source: https://www.securityfocus.com/bid/5010/info Netscape is a freely available web browser distributed by Netscape Communications, and available for various platforms. This vulnerability is known to affect those installations on the Linux platform. A buffer overflow has been reported in the...
CVE-2001-1159
SquirrelMail 1.0.4 and earlier are affected by CVE-2001-1159 due to improper initialization of PHP variables in load_prefs.php and related include files. This allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary PHP code by uploadi...
CVE-2001-1093
CVE-2001-1093 concerns a buffer overflow in the msgchk utility of Digital UNIX 4.0G and earlier. A command-line argument of excessive length can overflow a buffer, enabling a local attacker to execute arbitrary code with the effective user ID of the msgchk process. The vulnerability is described ...
CVE-2001-1128
Buffer overflow in Progress database 8.3D and 9.1C allows local users to execute arbitrary code via long entries in files that are specified by the 1 PROMSGS or 2 PROTERMCAP environment variables...
Tower Toppler 0.99.1 - Display Local Buffer Overflow
Tower Toppler 0.99.1 - Display Local Buffer Overflow source: https://www.securityfocus.com/bid/7028/info It has been reported that a buffer overflow exists in Tower Toppler. A local user may be able to exploit this issue to execute code with the privileges of the toppler program. !/usr/bin/perl...
Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via HTTP request
Overview A buffer overflow vulnerability exists in the Apache Procedural Language/Structured Query Language PL/SQL module used by Oracle9i Application Server iAS. A maliciously crafted HTTP request made to the PL/SQL module could cause a denial of service or execute arbitrary code with the...
CVE-2001-0691
Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations...
CVE-2001-1138
Directory traversal vulnerability in r.pl aka r.cgi of Randy Parker Power Up HTML 0.8033beta allows remote attackers to read arbitrary files and possibly execute arbitrary code via a .. dot dot in the FILE parameter...
xloadimage 4.1 - Remote Buffer Overflow
xloadimage 4.1 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/3006/info // // xloadimage is a utility used for displaying images of varying formats on X11 servers. // // xloadimage and possibly derivatives such as 'xli' contain a buffer overflow vulnerability in the handlin...
CVE-2001-0260
Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command...
Дырка в Sun AnswerBook2
Непривилигированные пользователи могут получить доступ к интерфейсу администрирования, а так же выполнять программный код на сервере...
Alert: Buffer Overrun is O'Reilly WebsitePro webfind.exe (CISADV000718)
Cerberus Information Security Advisory CISADV000718 http://www.cerberus-infosec.co.uk/advisories.shtml Released : 18th July 2000 Name : Website Pro webfind.exe buffer overflow Affected Systems : Windows NT running Website Pro 2.4 Issue : Remote attackers can execute arbitrary code Author : Robert...
UoW IMAPd Server 10.23412.264 - LSUB Buffer Overflow (Metasploit)
UoW IMAPd Server 10.23412.264 - LSUB Buffer Overflow Metasploit source: https://www.securityfocus.com/bid/1110/info A buffer overflow exists in imapd. The vulnerability exists in the list command. By supplying a long, well-crafted string as the second argument to the list command, it becomes...
iis.system.isapi.txt
Date: Mon, 8 Mar 1999 11:27:48 -0500 From: Fabien Royer To: [email protected] Subject: ISAPI Extension vulnerability allows to execute code as SYSTEM There's a vulnerability in IIS and other WEB servers executing as SYSTEM that allows to execute an ISAPI extension in the security...