Lucene search
+L

5512 matches found

securityvulns
securityvulns
added 2001/08/24 12:0 a.m.56 views

Проблемы с tcp_wrappers в FreeBSD (protection bypass)

Режим PARANOID hostname chacking не работает так, как заявлено...

1AI score
Exploits0References1Affected Software1
FreeBSD Advisory
FreeBSD Advisory
added 2001/08/23 12:0 a.m.5 views

FreeBSD-SA-01:56.tcp_wrappers

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:56 Security Advisory FreeBSD, Inc. Topic: tcpwrappers PARANOID hostname checking does not work Category: core Module: tcpwrappers Announced: 2001-08-23 Credits: Tony Finc...

5.8AI score
Exploits0
CVE
CVE
added 2001/05/07 4:0 a.m.52 views

CVE-2001-0050

CVE-2001-0050 correlates to two bugs in the BitchX IRC client reported in MDKSA-2000:079. A stack overflow can occur when processing a malformed DNS answer, potentially enabling remote denial of service or arbitrary code execution, and a second bug allows embedding a malformed DNS record in a val...

10CVSS7.9AI score0.14573EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2001/05/07 4:0 a.m.15 views

CVE-2001-0050

Buffer overflow in BitchX IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary commands via an IP address that resolves to a long DNS hostname or domain name...

7.9AI score0.14573EPSS
Exploits1References8
NVD
NVD
added 2001/03/26 5:0 a.m.15 views

CVE-2001-0207

Buffer overflow in bing allows remote attackers to execute arbitrary commands via a long hostname, which is copied to a small buffer after a reverse DNS lookup using the gethostbyaddr function...

10CVSS7.9AI score0.04123EPSS
Exploits1References3
securityvulns
securityvulns
added 2001/03/17 12:0 a.m.28 views

Дырка в xinetd (hostname filtering)

Если в xinetd используется проверка пи имени хоста и обратное имя не разрешается, то компьютер получает доступ...

0.3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/03/17 12:0 a.m.24 views

Vulnerability in xinetd (Found)

Here is what I found. At the time of the pseudo-intrusion, there was effectively a host name in the filter and the current version is 2.1.88p1. xinetd Connection Filtering Via Hostname Vulnerability RELEASED: June 04, 2000 AFFECTS: xinetd 2.1.87, 88, 89 almost all versions REFERENCE:...

1.2AI score
Exploits0
NVD
NVD
added 2001/02/16 5:0 a.m.18 views

CVE-2001-0050

Buffer overflow in BitchX IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary commands via an IP address that resolves to a long DNS hostname or domain name...

10CVSS7.9AI score0.14573EPSS
Exploits1References8
exploitpack
exploitpack
added 2001/01/23 12:0 a.m.14 views

WU-FTPD 2.4.22.52.6 - Debug Mode Client Hostname Format String

WU-FTPD 2.4.22.52.6 - Debug Mode Client Hostname Format String source: https://www.securityfocus.com/bid/2296/info Wu-ftpd is a widely used unix ftp server. It contains a format string vulnerability that may be exploitable under certain perhaps 'extreme' circumstances. When running in debug mode,...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2001/01/23 12:0 a.m.46 views

WU-FTPD 2.4.2/2.5/2.6 - Debug Mode Client Hostname Format String

source: https://www.securityfocus.com/bid/2296/info Wu-ftpd is a widely used unix ftp server. It contains a format string vulnerability that may be exploitable under certain perhaps 'extreme' circumstances. When running in debug mode, Wu-ftpd logs user activity to syslog in an insecure manner. An...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/01/06 12:0 a.m.28 views

traceroute-4.4BSD (slack) heap overflow

Hi, A while ago I was studying the source code for this traceroute... I found this in the inetname function: ... static char line50; ... if cp void strcpyline, cp; else ... The cp variable holds at that point the hostname for the current host it's tracing. If the hostname is something like a litt...

1.9AI score
Exploits0
Exploit DB
Exploit DB
added 2001/01/03 12:0 a.m.124 views

WU-FTPD 2.6.0 - Remote Format Strings

/ 12:40 11/10/00: Tool for either attack or defense within an information warfare setting. Rather, it is a small program demonstrating proof of concept. Default values for solaris 2.8 and inetd. If you are not the intended recipient, or a person responsible for delivering it to the intended...

7.4AI score
Exploits0
CERT
CERT
added 2000/12/12 12:0 a.m.17 views

sysback makes call to hostname without a fully qualified path specification

Overview sysback , shipped with AIX systems, allows local users to gain root access because of a failure to use a fully qualified path for a call to hostname. Description sysback includes a call to hostname but does not include a full path specification. Because sysback is set uid root, intruders...

7.4AI score
Exploits0
NVD
NVD
added 2000/12/10 5:0 a.m.18 views

CVE-2000-1222

AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program...

7.2CVSS6.7AI score0.00341EPSS
Exploits0References2
Cvelist
Cvelist
added 2000/11/29 5:0 a.m.27 views

CVE-2000-1066

The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname...

6.7AI score0.01657EPSS
Exploits0References3
CVE
CVE
added 2000/11/29 5:0 a.m.56 views

CVE-2000-1066

The CVE-2000-1066 entry affects the getnameinfo function in FreeBSD 4.1.1 and earlier (and possibly other operating systems). The vulnerability allows a remote attacker to cause a denial of service by supplying a long DNS hostname. The available documents confirm this DoS impact but do not provid...

5CVSS7AI score0.01657EPSS
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2000/11/02 12:0 a.m.33 views

Security Advisory: FreeBSD-SA-00:63.getnameinfo

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:63 Security Advisory FreeBSD, Inc. Topic: getnameinfo function allows remote denial of service Category: core Module: libc Announced: 2000-11-01 Credits: Pavel Kankovsky...

7.3AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2000/11/01 12:0 a.m.11 views

FreeBSD-SA-00:63.getnameinfo

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:63 Security Advisory FreeBSD, Inc. Topic: getnameinfo function allows remote denial of service Category: core Module: libc Announced: 2000-11-01 Credits: Pavel Kankovsky...

5.8AI score
Exploits0
securityvulns
securityvulns
added 2000/10/27 12:0 a.m.26 views

Переполнение буфера в NIS (hostname lookup)

При ответе сервера не проверяется длина адреса, что позволяет переполнить статический буфер...

0.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2000/10/27 12:0 a.m.31 views

Security Advisory 2000-012

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-012 ================================= Topic: buffer overflow in NIS hostname lookup code Version: 1.4.x: All versions prior to 1.4.3 fix will be in 1.4.3 1.5ALPHA: prior to June 30, 2000 fix will be in 1.5 current: prior to June 30,...

7.9AI score
Exploits0
Rows per page
Query Builder