430 matches found
CVE-2009-0841
Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. dot dot in the id parameter...
Buffer overflow
mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action...
Stack overflow
Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action...
CVE-2009-1176
mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action...
CVE-2009-0843
The msLoadQuery function in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to determine the existence of arbitrary files via a full pathname in the queryfile parameter, which triggers different error messages depending on whether this pathname exists...
CVE-2009-0843
CVE-2009-0843 affects MapServer (MapServer 4.x before 4.10.4 and 5.x before 5.2.2). The vulnerability arises from missing input validation in the queryfile parameter of the mapserv/GET request, allowing remote attackers to infer the existence of arbitrary files via differing error messages. Debia...
CVE-2009-0842
MapServer is affected by CVE-2009-0842 due to a lack of file type verification when parsing a map file, which can disclose content from arbitrary files via error messages when a full path is provided in the map parameter. Impact is partial disclosure of file contents, as described in Debian secur...
CVE-2009-1177
Multiple stack-based buffer overflows in maptemplate.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 have unknown impact and remote attack vectors...
CVE-2009-1177
CVE-2009-1177 affects MapServer’s mapserv, specifically MapServer 4.x before 4.10.4 and 5.x before 5.2.2. The flaw resides in maptemplate.c and is described as multiple stack-based buffer overflows, with unknown impact and remote attack vectors. The Red Hat CVE entry corroborates this description...
CVE-2009-1176
MapServer's mapserv binary (MapServer 4.x before 4.10.4 and 5.x before 5.2.2) is affected by a vulnerability in the handling of the id parameter in query actions: the string holding the id parameter may not end with a null terminator, enabling a remote attacker to trigger a buffer overflow or rel...
CVE-2009-0841
MapServer’s mapserv on Windows with Cygwin is vulnerable to directory traversal via a .. in the id parameter, allowing remote creation of arbitrary files. Affected: MapServer 4.x before 4.10.4 and 5.x before 5.2.2. Several advisories (e.g., Debian DSA-1914-1, Fedora advisories) indicate fixes in ...
CVE-2009-0842
mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to read arbitrary invalid .map files via a full pathname in the map parameter, which triggers the display of partial file contents within an error message, as demonstrated by a /tmp/sekrut.map symlink...
CVE-2009-0839
CVE-2009-0839 is a mapserver vulnerability affecting MapServer 4.x (pre-4.10.4) and 5.x (pre-5.2.2) where a stack-based buffer overflow can be triggered by a crafted id parameter in a query action when a map contains a long IMAGEPATH or NAME attribute. This leads to arbitrary code execution on th...
CVE-2009-0841
Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. dot dot in the id parameter...
CVE-2009-0840
CVE-2009-0840 affects MapServer’s mapserv CGI: a heap-based buffer overflow can be triggered by a crafted Content-Length header, enabling remote code execution. Impacted are MapServer 4.x up to 4.10.4 and 5.x up to 5.2.2. Debian/OSS advisories note an incomplete fix also affecting CVE-2009-2281 a...
CVE-2009-0839
Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action...
CVE-2009-0841
Directory traversal vulnerability in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when running on Windows with Cygwin, allows remote attackers to create arbitrary files via a .. dot dot in the id parameter...
CVE-2009-0842
mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 allows remote attackers to read arbitrary invalid .map files via a full pathname in the map parameter, which triggers the display of partial file contents within an error message, as demonstrated by a /tmp/sekrut.map symlink...
CVE-2009-1176
mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2 does not ensure that the string holding the id parameter ends in a '\0' character, which allows remote attackers to conduct buffer-overflow attacks or have unspecified other impact via a long id parameter in a query action...
CVE-2009-0839
Stack-based buffer overflow in mapserv.c in mapserv in MapServer 4.x before 4.10.4 and 5.x before 5.2.2, when the server has a map with a long IMAGEPATH or NAME attribute, allows remote attackers to execute arbitrary code via a crafted id parameter in a query action...