PT-2005-5409 · Freeradius +1 · Freeradius +1

Name of the Vulnerable Software and Affected Versions: FreeRADIUS versions 1.0.2.5-5 through 1.0.4 Description: The issue is related to an off-by-one error in the sql error function, which might allow remote attackers to cause a denial of service or possibly execute arbitrary code by causing the...

RHEL 2.1 / 3 : netpbm (RHSA-2005:843)

Updated netpbm packages that fix two security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The netpbm package contains a library of functions that support programs for handling various graphics file formats. A stack...

phpBB <= 2.0.17 (signature_bbcode_uid) Remote Command Exploit

Exploit for unknown platform in category web applications ============================================================= phpBB new or die; $cookiejar = HTTP::Cookies-new; for$i=0;$icookiejar $cookiejar ; $res = $xpl-post $path.'profile.php?GLOBALSsignaturebbcodeuid=.%2B/e%00', Content = 'username'...

Moderate: Red Hat Security Advisory: curl security update

Updated curl packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict servers, using any of th...

[Full-disclosure] Secunia Research: Pegasus Mail Buffer Overflow and Off-by-One Vulnerabilities

====================================================================== Secunia Research 20/12/2005 - Pegasus Mail Buffer Overflow and Off-by-One Vulnerabilities - ====================================================================== Table of Contents Affected...

DSA-919-2 curl - buffer overflow

Bulletin has no description...

DEBIAN-CVE-2005-4077

Multiple off-by-one errors in the cURL library libcurl 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that 1 are malformed in a way that prevents a terminating null byte from being added to...

CVE-2005-4077

Multiple off-by-one errors in the cURL library libcurl 7.11.2 through 7.15.0 allow local users to trigger a buffer overflow and cause a denial of service or bypass PHP security restrictions via certain URLs that 1 are malformed in a way that prevents a terminating null byte from being added to...

cUrl / licurl HTTP client library buffer overflow

Off-by-one and off-by-two overflows in URL parsing...

N-13 News Remote SQL/PHP Shell injection

?php 0 day -- 29/11/2005 N-13 News Remote SQL / PHP-Shell Injection Just upload in a web-server with modphp and run it trhough your browser ; Affected Software : http://network-13.com/ N-13 News Version: All Exploit discovere and written by: KingOfSka @ http://contropotere.altervista.org Conditio...

DEBIAN-CVE-2005-3662

Off-by-one buffer overflow in pnmtopng before 2.39, when using the -alpha command line option AlphasOfColor, allows attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted PNM file with exactly 256 colors...

OpenSSH Channel Code Off by 1

You are running a version of OpenSSH which is older than 3.1. Versions prior than 3.1 are vulnerable to an off by one error that allows local users to gain root access, and it may be possible for remote users to similarly compromise the daemon for remote access. In addition, a vulnerable SSH clie...

mod_ssl off by one

The remote host is using a version of modssl which is older than 2.8.10. This version is vulnerable to an off by one buffer overflow which may allow a user with write access to .htaccess files to execute arbitrary code on the system with permissions of the web server. Note that several Linux...

OpenSSH Channel Code Off by 1

You are running a version of OpenSSH which is older than 3.1. SPDX-FileCopyrightText: 2002 Thomas Reinke Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openbsd:openssh";...

Apache HTTP Server 'mod_ssl' Off By One Vulnerability

The remote host is using a version of modssl which is older than 2.8.10. This version is vulnerable to an off by one buffer overflow which may allow a user with write access to .htaccess files to execute arbitrary code on the system with permissions of the web server. SPDX-FileCopyrightText: 2002...

Mandrake Linux Security Advisory : apache2 (MDKSA-2005:129)

Marc Stern reported an off-by-one overflow in the modssl CRL verification callback which can only be exploited if the Apache server is configured to use a malicious certificate revocation list CVE-2005-1268. Watchfire reported a flaw that occured when using the Apache server as a HTTP proxy. A...

Slackware 10.0 / 10.1 / current : dnsmasq (SSA:2005-201-01)

New dnsmasq packages are available for Slackware 10.0, 10.1, and -current to fix security issues. An off-by-one overflow vulnerability may allow a DHCP client to create a denial of service condition. Additional code was also added to detect and defeat attempts to poison the DNS cache. %NASLMINLEV...

Debian DSA-805-1 : apache2 - several vulnerabilities

Several problems have been discovered in Apache2, the next generation, scalable, extendable web server. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-1268 Marc Stern discovered an off-by-one error in the modssl Certificate Revocation List CRL...

[SECURITY] [DSA 805-1] New Apache2 packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 805-1 [email protected] http://www.debian.org/security/ Martin Schulze September 8th, 2005 http://www.debian.org/security/faq -...

CVE-2005-2850

CVE-2005-2850 affects SlimFTPd 3.17. The vulnerability allows a remote attacker to cause a denial of service (crash) by sending certain USER and PASS commands, with indications pointing to a possible buffer overflow or off-by-one error. The available documents confirm the affected software/versio...