124 matches found
DEBIAN-CVE-2001-1413
Stack-based buffer overflow in the comprexx function for ncompress 4.2.4 and earlier, when used in situations that cross security boundaries such as FTP server, may allow remote attackers to execute arbitrary code via a long filename argument...
security flaw
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."...
security flaw
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA e.g. sendmail in the 5th argument to mail, altering MTA behavior and possibly executing commands...
QSSL QNX 4.25 A - 'crypt()' Local Privilege Escalation
/ source: https://www.securityfocus.com/bid/1114/info A design error in the operation of the crypt3 function exists in QNX, from QNX System Software, Limited QSSL. The flaw allows the recovery of passwords from the hashes. On most Unix variants, crypt3 is based on a variant of the DES encryption...