CVE-2004-0003

Technical details for CVE-2004-0003 are not publicly available in the provided documents. No concrete description of affected component, root cause, or remediation is present; monitor for updates from the sources.

Microsoft Help and Support Center contains buffer overflow in code used to handle HCP protocol

Overview There is a buffer overflow in the Microsoft Help and Support Center that could permit an attacker to execute arbitrary code with SYSTEM privileges. Description The Microsoft Help and Support Center is a facility within WIndows to provide product help and documentation. Among other things...

Important: Red Hat Security Advisory: : : : New PHP packages fix vulnerabilities

Updated PHP packages are available for Red Hat Linux on IBM iSeries and pSeries systems. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command...

Apache 2.x - Memory Leak

/ apache-massacre.c Test code for Apache 2.x Memory Leak By Matthew Murphy DISCLAIMER: This exploit tool is provided only to test networks for a known vulnerability. Do not use this tool on systems you do not control, and do not use this tool on networks you do not own without appropriate consent...

CVE-2002-0762

CVE-2002-0762 : The shadow package in SuSE 8.0 lets local users destroy /etc/passwd and /etc/shadow or grant extra group privileges by lowering the filesize limits before programs modify those files, indicating a local-privilege-impact scenario due to improper enforcement of file-size constraints...

(RHSA-2002:214) php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command line arguments to the MTA such as sendmail in the 5th argument to mail, altering MTA...

AOL Instant Messenger 4.8.2790 - Local File Execution

AOL Instant Messenger 4.8.2790 - Local File Execution source: https://www.securityfocus.com/bid/6027/info AOL Instant Messenger AIM is prone to an issue which may allow attackers to execute arbitrary files on the client system. It is possible to send a malicious link which references local files ...

CVE-2001-1388

iptables before 1.2.4 does not accurately convert rate limits that are specified on the command line, which could allow attackers or users to generate more or less traffic than intended by the administrator...

CVE-2001-1388

CVE-2001-1388 affects iptables prior to 1.2.4. The vulnerability stems from an inaccuracy in converting rate limits specified on the command line, which could cause administrators to see mismatched traffic levels (more or less) than intended. The articles do not provide exploit details or confirm...

Important: Red Hat Security Advisory: php security update

PHP versions earlier than 4.1.0 contain a vulnerability that could allow arbitrary commands to be executed. updated 22 Aug 2002 The initial set of errata packages contained an incorrect set of dependencies. This meant that a number of packages would need to be installed before php that were not...

CVE-2002-0234

NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service resource exhaustion via a port scan to an external network, which consumes all available connections...

DoS против SphereServer/Ultima Online

Нет таймаута на соединение до проверки имени пользователя и ограничения числа коннектов с одного IP...

DoS против Irix через nsd (disk space filling)

Отсутствуют ограничения на размер дискового кэша, что может привести к исчерпанию дискового пространства в системном разделе...

DEBIAN-CVE-2001-1459

OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module PAM session if commands are executed with no pty, which allows local users to bypass resource limits rlimits set in pam.d...

Access Restriction Bypass

Overview Affected versions of this package are vulnerable to Access Restriction Bypass. OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module PAM session if commands are executed with no pty, which allows local users to bypass resource limits rlimits set in pam.d. Remediatio...

CVE-2001-1459

OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module PAM session if commands are executed with no pty, which allows local users to bypass resource limits rlimits set in pam.d...

CVE-2001-1459

OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module PAM session if commands are executed with no pty, which allows local users to bypass resource limits rlimits set in pam.d...

PT-2001-2550 · Openssh +1 · Openssh +1

Name of the Vulnerable Software and Affected Versions: OpenSSH versions 2.9 and earlier Description: The issue allows local users to bypass resource limits rlimits set in pam.d because OpenSSH does not initiate a Pluggable Authentication Module PAM session when commands are executed with no pty...

CVE-2001-0393

CVE-2001-0393 affects Navision Financials Server 2.0. The issue allows remote attackers to cause a denial of service by establishing a series of connections to the server without providing a username/password, consuming license limits. The available references (NVD/NVD entry) describe the impact ...

WU-FTPD 2.42.52.6 Trolltech ftpd 1.2 ProFTPd 1.2 BeroFTPD 1.3.4 FTP - glob Expansion

WU-FTPD 2.42.52.6 Trolltech ftpd 1.2 ProFTPd 1.2 BeroFTPD 1.3.4 FTP - glob Expansion source: https://www.securityfocus.com/bid/2496/info Many FTP servers are vulnerable to a denial of service condition resulting from poor globbing algorithms and user resource usage limits. Globbing generates...