Gopher2.3.1p0 and below remote buffer overflow.

Gopher2.3.1p0 and below has many overflowable functions in the daemon. Most of them overflow with hardcoded data that gets passed along - making it not possible to change any pointers. The "halidate" function is not one of those. If sent the request "halidate large buffer" you will overwrite a 51...

netwin netauth 4.2 - Directory Traversal

netwin netauth 4.2 - Directory Traversal source: https://www.securityfocus.com/bid/1587/info A remote user is capable of gaining read access to any known file residing on a host running Netwin Netauth through directory traversal. Appending a series of '../' and the desired file name to the 'page'...

winamp.m3u.txt

This is a multi-part message in MIME format. ------=NextPart000649274c$21af Content-Type: text/plain; format=flowed LEGAL NOTICE: By reading this you do agree that life does not make sense and it doesn't need to. You also agree to wear a condom. You do agree to think about nature. .. umm you also...

Flowerfire Sawmill 5.0.21 - File Access

source: https://www.securityfocus.com/bid/1402/info Sawmill is a site statistics package for Unix, Windows and Mac OS. A specially crafted request can disclose the first line of any world readable file for which the full pathname is known, for example /etc/passwd. The output of the request is...

ex_anhttpd.txt

by Message by Thread Post Reply To: BugTraq Subject: Some holes for Win/UNIX softwares Date: Tue Nov 02 1999 22:39:56 Author: UNYUN Message-ID: ------------------------------------------------------------------------ 3 AN-HTTPd 1.20b Problem: The test CGIs which are distributed with AN-HTTPd 1.20...

WebCom datakommunikation Guestbook 0.1 - wguest.exe Arbitrary File Access

WebCom datakommunikation Guestbook 0.1 - wguest.exe Arbitrary File Access source: https://www.securityfocus.com/bid/2024/info The freeware guestbook package from freeware.webcom.se provides a web-based guestbook feature, using CGI. Some versions of this guestbook undetermined at the time of writi...

Linux Kernel 2.02.12.2 - autofs Denial of Service

Linux Kernel 2.02.12.2 - autofs Denial of Service source: https://www.securityfocus.com/bid/312/info The autofs module provides support for the automount filesystem, as well as the interface between the kernel and the automountd daemon, which is responsible for the actual mounting. Calls such as...

Sun Solaris 7.0 - 'ff.core' Local Privilege Escalation

source: https://www.securityfocus.com/bid/327/info There is a vulnerability in Solaris's ff.core utility which allows normal users to execute the rename command as root. This particular bug when leveraged against a series of other configuration issues in a standard Solaris setup can lead to a roo...

Novell Netware Web Server 3.x - files.pl

Novell Netware Web Server 3.x - files.pl source: https://www.securityfocus.com/bid/2076/info Novell Web Server 3.x Examples Toolkit v.2 is a package containing example scripts and HTML files to help administrators design web sites. It is not a support Novell product and is provided solely as a...

SGI IRIX 6.4 - cgi-bin handler

SGI IRIX 6.4 - cgi-bin handler source: https://www.securityfocus.com/bid/380/info A vulnerability exists in the cgi-bin program 'handler', as included by Silicon Graphics in their Irix operating system. This vulnerability will allow a remote attacker to execute arbitrary commands on the vulnerabl...