CVE-2005-2850

CVE-2005-2850 affects SlimFTPd 3.17. The vulnerability allows a remote attacker to cause a denial of service (crash) by sending certain USER and PASS commands, with indications pointing to a possible buffer overflow or off-by-one error. The available documents confirm the affected software/versio...

pblang465.php.txt

php.exe ..\www\r57pblang465.php localhost /pbl/ "pblcookie732128=Pe ng0; PBLsecid=a4c2f845c002ac54f5751440647f3c91;" Peng0 PrSrS $ARGV = $SERVER'argv'; global $ARGV; ifcount$ARGV == 0 echo base64decode"3fLu8iDx6vDo7/Ig5O7r5uXtIOH78vwg5+Dv8/nl7SDo5yDq7uzg7eTt7u...

DEBIAN-CVE-2005-2534

Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of service server crash via simultaneous TCP connections from multiple clients that use the same client certificate...

CVE-2004-2394

CVE-2004-2394 affects the passwd program (versions 0.68 and earlier). The root cause is an off-by-one error in the --stdin path, causing passwords to be truncated to the first 78 characters instead of 79, which reduces the brute-force search space. Remediation appears in connected advisories: Man...

CVE-2004-2394

Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks...

security flaw

Off-by-one error in the modssl Certificate Revocation List CRL verification callback in Apache, when configured to use a CRL, allows remote attackers to cause a denial of service child process crash via a CRL that causes a buffer overflow of one null byte...

dnsmasq

New dnsmasq packages are available for Slackware 10.0, 10.1, and -current to fix security issues. An off-by-one overflow vulnerability may allow a DHCP client to create a denial of service condition. Additional code was also added to detect and defeat attempts to poison the DNS cache. More detail...

Slackware 8.1 / 9.0 / current : nfs-utils off-by-one overflow fixed (SSA:2003-195-01)

New nfs-utils packages are available for Slackware 8.1, 9.0, and -current to fix an off-by-one buffer overflow in xlog.c. Thanks to Janusz Niewiadomski for discovering and reporting this problem. The CVE Common Vulnerabilities and Exposures Project has assigned the identification number...

apache -- Certificate Revocation List (CRL) off-by-one vulnerability

Marc Stern reports an off-by-one vulnerability in within modssl. The vulnerability lies in modssl's Certificate Revocation List CRL. If Apache is configured to use a CRL this could allow an attacker to crash a child process causing a Denial of Service...

CVE-2002-1745

CVE-2002-1745 concerns an off-by-one error in the CodeBrws.asp sample script bundled with Microsoft IIS 5.0. The vulnerability allows remote attackers to view source code for files with extensions that contain one extra character after .html, .htm, .asp, or .inc (e.g., .aspx). Root cause is an of...

PT-2005-2275 · Apache +1 · Apache Mod Ssl +2

Name of the Vulnerable Software and Affected Versions: Apache mod ssl affected versions not specified Description: The issue is related to an off-by-one error in the mod ssl Certificate Revocation List CRL verification callback, which can cause a denial of service child process crash via a CRL th...

security flaw

Multiple buffer overflows in Cyrus IMAPd before 2.2.11 may allow attackers to execute arbitrary code via 1 an off-by-one error in the imapd annotate extension, 2 an off-by-one error in "cached header handling," 3 a stack-based buffer overflow in fetchnews, or 4 a stack-based buffer overflow in...

CVE-2004-1792

The CVE-2004-1792 issue affects YaSoft Switch Off (swnet.dll) versions 2.3 and earlier. A crafted long packet containing two CRLF sequences sent to the service management port (TCP 8000) can trigger an infinite loop, causing a denial of service and partial availability impact. Public sources in t...

CVE-2004-1899

The CVE-2004-1899 entry applies to Monit’s administration interface, affecting versions 1.4 through 4.2. The issue is an off-by-one overflow triggered by a POST containing 1024 bytes, enabling remote attackers to exploit the vulnerability via the admin interface. The connected documents consisten...

CVE-2004-1793

CVE-2004-1793 describes a stack-based buffer overflow in swnet.dll of YaSoft Switch Off (versions 2.3 and earlier). The vulnerability allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm. Affected component: swnet.dll within Ya...

CVE-2004-1793

Stack-based buffer overflow in swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote authenticated users to execute arbitrary code via a long message parameter in a SendMsg action to action.htm...

CVE-2004-1792

swnet.dll in YaSoft Switch Off 2.3 and earlier allows remote attackers to cause a denial of service infinite loop via a long packet with two CRLF sequences to the service management port TCP 8000...

CVE-2004-1899

The administration interface in Monit 1.4 through 4.2 allows remote attackers to cause an off-by-one overflow via a POST that contains 1024 bytes...

DEBIAN-CVE-2005-0876

Off-by-one buffer overflow in Dnsmasq before 2.21 may allow attackers to execute arbitrary code via the DHCP lease file...

Microsoft Windows - Malformed IP Options Denial of Service (MS05-019)

Microsoft Windows - Malformed IP Options Denial of Service MS05-019 / ecl-winipdos.c - 16/04/05 Yuri Gushin Alex Behar This one was actually interesting, an off-by-one by our beloved M$ : When processing an IP packet with an option size 2nd byte after the option of 39, it will crash - since the...