security flaw

Off-by-one buffer overflow in the sslcompatdirective function, as called by the rewritecommand hook for modssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries...

PT-2002-1687 · Apache · Mod Ssl

Name of the Vulnerable Software and Affected Versions: mod ssl Apache module versions 2.8.9 and earlier Description: The issue is related to an off-by-one buffer overflow in the ssl compat directive function, which is called by the rewrite command hook. This allows local users to execute arbitrar...

Mandrake 7/8/9 / RedHat 6.x/7 Bonobo EFSTool - Commandline Argument Buffer Overflow (1)

source: https://www.securityfocus.com/bid/5125/info Bonobo is a set of tools and CORBA interfaces included as part of the Gnome infrastructure. It is designed for use on the Linux and Unix operating systems. A boundry condition error has been discovered in the efstool program. Due to improper...

Mandrake 789 RedHat 6.x7 Bonobo EFSTool - Commandline Argument Buffer Overflow (3)

Mandrake 789 RedHat 6.x7 Bonobo EFSTool - Commandline Argument Buffer Overflow 3 // source: https://www.securityfocus.com/bid/5125/info Bonobo is a set of tools and CORBA interfaces included as part of the Gnome infrastructure. It is designed for use on the Linux and Unix operating systems. A...

Mandrake 7/8/9 / RedHat 6.x/7 Bonobo EFSTool - Commandline Argument Buffer Overflow (2)

source: https://www.securityfocus.com/bid/5125/info Bonobo is a set of tools and CORBA interfaces included as part of the Gnome infrastructure. It is designed for use on the Linux and Unix operating systems. A boundry condition error has been discovered in the efstool program. Due to improper...

Interbase 6.0 - GDS_Drop Interbase Environment Variable Buffer Overflow (2)

Interbase 6.0 - GDSDrop Interbase Environment Variable Buffer Overflow 2 // source: https://www.securityfocus.com/bid/5044/info Interbase is a database distributed and maintained by Borland. It is available for Unix and Linux operating systems. A buffer overflow has been discovered in the gdsdrop...

Microsoft Remote Access Service API contains additional buffer overflow vulnerability via phonebook entries

Overview The Microsoft Remote Access Service API contains a vulnerability that allows local attackers to execute arbitrary code with system privileges. Description The Microsoft Remote Access Service RAS Application Programming Interface API allows Windows programs to make dial-up connections to...

CVE-2002-0219

Buffer overflow in 1 sastcpd in SAS/Base 8.0 and 8.1 or 2 objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via large command line argument...

CVE-2002-0239

Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the 1 -fn, 2 -hfb, or 3 -hfn argument...

CVE-2002-1602

Buffer overflow in the Braille module for GNU screen 3.9.11, when HAVEBRAILLE is defined, allows local users to execute arbitrary code...

CVE-2002-0132

Buffer overflow in Chinput 3.0 allows local users to execute arbitrary code via a long HOME environment variable...

AZL-36938 CVE-2002-0130 affecting package efax 0.9a-34

Buffer overflow in efax 0.9 and earlier, when installed setuid root, allows local users to execute arbitrary code via a long -x argument...

Webmin 0.x - Code Input Validation

Webmin 0.x - Code Input Validation source: https://www.securityfocus.com/bid/4329/info Webmin is a web-based interface for system administration of Unix and Linux operating systems. Webmin does not filter script code from output that may be displayed by the web interface, such as log files, etc...

CVE-2001-1164

CVE-2001-1164 affects UnixWare 7, specifically the uucp utilities (uucp, uux, bnuconvert, uucico, uuxcmd, uuxqt). The issue is a buffer overflow triggered by long command-line arguments, allowing a local attacker to run arbitrary code. CVSS v2 base score is 7.2 (HIGH) with LOCAL attack vector, LO...

CVE-2002-0125

Buffer overflow in ClanLib library 0.5 may allow local users to execute arbitrary code in games that use the library, such as 1 Super Methane Brothers, 2 Star War, 3 Kwirk, 4 Clankanoid, and others, via a long HOME environment variable...

CVE-2001-0551

Buffer overflow in CDE Print Viewer dtprintinfo allows local users to execute arbitrary code by copying text from the clipboard into the Help window...

CVE-2001-1034

CVE-2001-1034 describes format-string vulnerabilities in HylaFAX. HylaFAX components affected include faxrm, faxalter, faxgetty, faxwatch, and hfaxd; the root cause is unchecked input used as a format string, enabling local privilege escalation or denial of service in some configurations. Debian ...

CVE-2001-1561

Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long 1 -name and 2 -T arguments...

CVE-2001-1582

Buffer overflow in the LDAP naming services library libsldap in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAPOPTIONS environment variable to a privileged program that uses libsldap...

CVE-2001-1553

Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options 1 socksserver, 2 socksuser, and 3 sockspasswd. NOTE: since the default configuration of setiathome is not setuid, perhaps this issue should not be...