Fedora Core 1 : kernel-2.4.22-1.2129.nptl (2003-026)

The kernel shipped with Fedora Core 1 was vulnerable to a bug in the error return on a concurrent fork with threaded exit which could be exploited by a user level program to crash the kernel. In addition to this bug fix, the changelog below details various other non-security fixes that have been...

CVE-2004-0342

WFTPD Pro Server 3.21 Release 1, with the XeroxDocutech option enabled, allows local users to cause a denial of service crash via a 1 MKD or 2 XMKD command that causes an absolute path of 260 characters to be used, which overwrites a cookie with a null character, possibly due to an off-by-one err...

ModSecurity for Apache 2.x remote off-by-one overflow

When the directive "SecFilterScanPost" is enabled, the Apache 2.x version of ModSecurity is vulnerable to an off-by-one overflow...

Low: Red Hat Security Advisory: cvs security update

Updated cvs packages closing a vulnerability that could allow cvs to attempt to create files and directories in the root file system are now available. CVS is a version control system frequently used to manage source code repositories. A flaw was found in versions of CVS prior to 1.11.10 where a...

security flaw

Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code...

Switch Off Multiple Vulnerabilities

Switch Off Multiple Vulnerabilities Credit: Author : Peter Winter-Smith Software: Packages : Switch Off Version : 2.3 and prior Vendor : YaSoft Vendor Url : http://yasoft.km.ru/eng/switchoff/ Vulnerability: Bug Type : Denial of Service; Stack-based Buffer Overflow Severity : Less Critical 1...

YaSoft Switch Off 2.3 - Large Packet Remote Denial of Service

source: https://www.securityfocus.com/bid/9339/info A problem has been identified in the YaSoft Switch Off software package when handling large packets via the service management port 8000/TCP. This may make it possible for a remote user to deny service to legitimate users of the service. perl -e...

YaSoft Switch Off 2.3 - 'swnet.dll' Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/9340/info A vulnerability has been identified in the YaSoft Switch Off software package when handling message requests. The buffer overrun condition exists in the 'swnet.dll' module of the software due to insufficient bounds checking performed by the...

YaSoft Switch Off 2.3 - Large Packet Remote Denial of Service

YaSoft Switch Off 2.3 - Large Packet Remote Denial of Service source: https://www.securityfocus.com/bid/9339/info A problem has been identified in the YaSoft Switch Off software package when handling large packets via the service management port 8000/TCP. This may make it possible for a remote us...

YaSoft Switch Off 2.3 - swnet.dll Remote Buffer Overflow

YaSoft Switch Off 2.3 - swnet.dll Remote Buffer Overflow // source: https://www.securityfocus.com/bid/9340/info A vulnerability has been identified in the YaSoft Switch Off software package when handling message requests. The buffer overrun condition exists in the 'swnet.dll' module of the softwa...

Bug in libXcursor , is it exploitable?

INTRO: ------------------------------------------------------------------ off-by-one bug in libXcursor that shows up when $HOME does not start with a '/'. THE QUESTION: ------------------------------------------------------------------ Could this bug compromise a system? In what cases? TEST:...

exim buffer overflow

Buffer overflow with static string can be exploited as off-by-one...

CVE-2003-0625

Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response...

DEBIAN-CVE-2003-0625

Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response...

CVE-2003-0466

Off-by-one error in the fbrealpath function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including 1 STOR, 2 RETR,...

DEBIAN-CVE-2003-0252

Off-by-one error in the xlog function of mountd in the Linux NFS utils package nfs-utils before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines...

wu-ftpd 2.6.2 Remote Root Exploit (advanced version)

Exploit for linux platform in category remote exploits ==================================================== wu-ftpd 2.6.2 Remote Root Exploit advanced version ==================================================== / wu-ftpd v2.6.2 off-by-one remote 0day exploit. exploit by "you dong-hun"Xpl017Elz,...

NetBSD Security Advisory 2003-011: off-by-one error in realpath(3)

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2003-011 ================================= Topic: off-by-one error in realpath3 Version: NetBSD-current: source prior to August 4, 2003 NetBSD 1.6.1: affected NetBSD 1.6: affected NetBSD-1.5.3: affected NetBSD-1.5.2: affected NetBSD-1.5....

wu-ftpd 2.6.2 off-by-one Remote Root Exploit

No description provided by source. / wu-ftpd v2.6.2 off-by-one remote 0day exploit. exploit by "you dong-hun"Xpl017Elz Brute-Force function added. / define VERSION "v0.0.3" include stdio.h include unistd.h include stdlib.h include netdb.h include netinet/in.h include sys/socket.h define DEBUGNG...

WU-FTPD 2.6.2 - Off-by-One Remote Command Execution

/ wu-ftpd v2.6.2 off-by-one remote 0day exploit. exploit by "you dong-hun"Xpl017Elz Brute-Force function added. / define VERSION "v0.0.3" include include include include include include define DEBUGNG undef DEBUGNG define NRL 0 define SCS 1 define FAD -1 define MAXBF 16 define BFLSZ 0x100 / 256 /...