CVE-2003-0034

Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable...

DEBIAN-CVE-2002-1384

Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf...

CVE-2002-1617

Multiple buffer overflows in HP Tru64 UNIX 5.x allow local users to execute arbitrary code via 1 a long -contextDir argument to dtaction, 2 a long -p argument to dtprintinfo, 3 a long -customization argument to dxterm, or 4 a long DISPLAY environment variable to dtterm...

CVE-2002-2282

McAfee VirusScan 4.5.1, when the WebScanX.exe module is enabled, searches for particular DLLs from the user's home directory, even when browsing the local hard drive, which allows local users to run arbitrary code via malicious versions of those DLLs...

CVE-2002-1789

Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function...

CVE-2002-2396

Buffer overflow in Advanced TFTP atftp 0.5 and 0.6, if installed setuid or setgid, may allow local users to execute arbitrary code via a long argument to the -g option...

CVE-2002-1767

Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for Linux allows local users to execute arbitrary code as the oracle user via a long command line argument...

CVE-2002-2087

Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling 1 gdsdrop, 2 gdslockmgr, or 3 gdsinetserver...

PT-2002-2274 · Trend Micro · Pc-Cillin

Name of the Vulnerable Software and Affected Versions: PC-cillin versions 2000, 2002, 2003 Description: The issue allows local users to execute arbitrary code via a long input string to the TCP port 110, which is used for POP3. This is due to a buffer overflow in the pop3trap.exe component...

Sun Solaris priocntl(2) does not adequately validate path to kernel modules that implement lightweight process (LWP) scheduling policy

Overview The Sun Solaris priocntl2 function does not adequately validate a memory structure that specifies the name of a kernel module. As a result, a local attacker could execute arbitrary code with superuser privileges on a vulnerable system. Description The Sun Solaris priocntl2 function...

PT-2002-1978 · Oracle · Mysql Server

Name of the Vulnerable Software and Affected Versions: MySQL versions 3.23.x through 3.23.49 MySQL versions 4.0 beta through 4.0.1 Description: A buffer overflow issue in the MySQL daemon allows local users to execute arbitrary code via a long datadir parameter in the my.ini initialization file...

CVE-2002-0901

Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver AMANDA 2.3.0.4 allow 1 remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs 2 amcheck, 3...

Buffer overflow in Far Manager

Title: Buffer overflow in Far Manager Author: ZARAZA Affected: Far Manager 1.70beta1 and prior saved EIP overflow 1.70beta4 off-by-one frame pointer overflow Vendor: RARSoft Risk: Average local code execution Exploitable: Yes Remote: No Vendor Notified: January, 30 2003 I. Introduction: FAR is mo...

CVE-2002-0901

Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver AMANDA 2.3.0.4 allow 1 remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs 2 amcheck, 3...

CVE-2002-0844

Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code...

ISDN4Linux 3.1 - IPPPD Device String SysLog Format String (2)

ISDN4Linux 3.1 - IPPPD Device String SysLog Format String 2 source: https://www.securityfocus.com/bid/5437/info isdn4linux is a freely available, open source package of isdn compatibility tools. It is available for Linux operating systems. isdn4linux contains a format string vulnerability in the...

security flaw

Off-by-one buffer overflow in the sslcompatdirective function, as called by the rewritecommand hook for modssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries...

PT-2002-1687 · Apache · Mod Ssl

Name of the Vulnerable Software and Affected Versions: mod ssl Apache module versions 2.8.9 and earlier Description: The issue is related to an off-by-one buffer overflow in the ssl compat directive function, which is called by the rewrite command hook. This allows local users to execute arbitrar...

Mandrake 789 RedHat 6.x7 Bonobo EFSTool - Commandline Argument Buffer Overflow (3)

Mandrake 789 RedHat 6.x7 Bonobo EFSTool - Commandline Argument Buffer Overflow 3 // source: https://www.securityfocus.com/bid/5125/info Bonobo is a set of tools and CORBA interfaces included as part of the Gnome infrastructure. It is designed for use on the Linux and Unix operating systems. A...

Mandrake 7/8/9 / RedHat 6.x/7 Bonobo EFSTool - Commandline Argument Buffer Overflow (1)

source: https://www.securityfocus.com/bid/5125/info Bonobo is a set of tools and CORBA interfaces included as part of the Gnome infrastructure. It is designed for use on the Linux and Unix operating systems. A boundry condition error has been discovered in the efstool program. Due to improper...