27 matches found
CVE-2016-20038
A flaw was found in yTree. This vulnerability, a stack-based buffer overflow, allows a local attacker to execute arbitrary code. By supplying an excessively long command-line argument, an attacker can overwrite the program's memory stack, leading to the execution of malicious code within the...
CVE-2016-20038
yTree 1.94-1.1 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an excessively long argument to the application. Attackers can craft a malicious command-line argument containing shellcode and a return address to overwrite the...
EUVD-2006-3925
Malware in sbrugna...
Glib: glib crash after long command line
...
Arbitrary Code Injection
Overview Affected versions of this package are vulnerable to Arbitrary Code Injection due to improper handling of long command line inputs. An attacker can cause the application to crash by supplying an excessively long command line input. This is only exploitable if the application is running on...
SUSE CVE-2010-2799
Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments...
Stack-based buffer overflow in the searchwn function in Wordnet 2.0 2.1 and 3.0 might allow context-dependent attackers to execute arbitrary code via a long command line option. NOTE: this issue probably does not cross privilege boundaries except in cases in which Wordnet is used as a back end.
...
EulerOS Virtualization 2.5.3 : systemd (EulerOS-SA-2019-1227)
According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in...
systemd: stack overflow when calling syslog from a command with long cmdline
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges...
systemd: stack overflow when calling syslog from a command with long cmdline
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges...
systemd: stack overflow when calling syslog from a command with long cmdline
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges...
systemd: stack overflow when calling syslog from a command with long cmdline
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges...
systemd: stack overflow when calling syslog from a command with long cmdline
An allocation of memory without limits, that could result in the stack clashing with another memory region, was discovered in systemd-journald when a program with long command line arguments calls syslog. A local attacker may use this flaw to crash systemd-journald or escalate privileges...
DNSTracer Stack Buffer Overflow Vulnerability
DNSTracer is an application used to track the DNS resolution process. A stack buffer overflow vulnerability exists in DNSTracer 1.9 and earlier versions. An attacker can exploit this vulnerability to cause a denial of service application crash with a command line with long parameters...
OracleVM 2.1 : xen (OVMSA-2009-0001)
The remote OracleVM system is missing necessary patches to address critical security updates : - Fix permissions problem with VM.GuestMetrics bugz 7265 - Disable ovs-disabled-create-netif-if-vif-type-set-ioemu.patch - Include proper patch for bugz 7807 - Implement VM.GuestMetrics to communicate...
Tcptrack Command Line Parsing Heap Based Buffer Overflow Vulnerability
Tcptrack is prone to heap based buffer overflow vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Tcptrack Command Line Parsing Heap Based Buffer Overflow Vulnerability
This host is installed with Tcptrack and is prone to heap based buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gbtcptracklongcommandbofvuln.nasl 7015 2017-08-28 11:51:24Z teissa $ Tcptrack Command Line Parsing Heap Based Buffer Overflow Vulnerability Authors: Antu Sanadi Copyright...
DEBIAN-CVE-2011-2903
Heap-based buffer overflow in tcptrack before 1.4.2 might allow attackers to execute arbitrary code via a long command line argument. NOTE: this is only a vulnerability in limited scenarios in which tcptrack is "configured as a handler for other applications." This issue might not qualify for...
UBUNTU-CVE-2011-2903
Heap-based buffer overflow in tcptrack before 1.4.2 might allow attackers to execute arbitrary code via a long command line argument. NOTE: this is only a vulnerability in limited scenarios in which tcptrack is "configured as a handler for other applications." This issue might not qualify for...
CVE-2010-3441
Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary code via 1 a crafted input file, related to the PUT0 and PUT1 output macros; 2 a crafted input file, related to the trimtitle function; and possibly 3 a long -O option on a command line...