699 matches found
CVE-2002-0297
Buffer overflow in ScriptEase MiniWeb Server 0.95 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long URL in an HTTP request...
EZNE.NET Ezboard 2000 - Remote Buffer Overflow
source: https://www.securityfocus.com/bid/4068/info Ezboard 2000 is a web based bulletin board system. It is available for Linux systems. A vulnerability has been reported in some versions of Ezboard. In some CGI programs, user supplied data is written to a staticly sized array with a sprintf cal...
[resend] Avirt Gateway Telnet Vulnerability (and more?)
Strumpf Noir Society Advisories ! Public release ! -- -= Avirt Gateway Telnet Vulnerability and more? =- Release date: Friday, January 18, 2002 Introduction: The Utah, USA-based company Avirt specializes in the development of inter-networking and sharing technologies. As such, it maintains the SO...
Boozt 0.9.8 - Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/3787/info Boozt! is a free open source banner management software for Linux hosts. An issue has been reported which could allow for a user to execute arbitrary code on a Boozt! host. This is acheivable when a Boozt! user attempts to create a new banner...
SapporoWorks Black JumboDog 2.6.42.6.5 - HTTP Proxy Buffer Overflow
SapporoWorks Black JumboDog 2.6.42.6.5 - HTTP Proxy Buffer Overflow // source: https://www.securityfocus.com/bid/3858/info Black JumboDog 2.6.4 and 2.6.5 HTTP proxy is vulnerable to an exploitable buffer overflow. The buffer overflow can be exploited by sending excessively long "expires",...
Rational ClearCase 3.24.x - DB Loader TERM Environment Variable Buffer Overflow
Rational ClearCase 3.24.x - DB Loader TERM Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3523/info ClearCase is a commercially available software change management package. It is maintained and distributed by Rational. A problem with the package could lead to a...
[SECURITY] [DSA-070-1] netkit-telnet AYT buffer overflow
------------------------------------------------------------------------ Debian Security Advisory DSA-070-1 [email protected] http://www.debian.org/security/ Robert van der Meulen August 10, 2001 - ------------------------------------------------------------------------ Package : netkit-telnet...
Solaris 8 - x86 xlock Heap Overflow
Solaris 8 - x86 xlock Heap Overflow // source: https://www.securityfocus.com/bid/3160/info Xlock is a utility for locking X-windows displays. It is installed setuid root because it uses the user's password to authorize access to the display when it is locked. The version of xlock that ships with...
Oracle 8i - TNS Listener Buffer Overflow
// source: https://www.securityfocus.com/bid/2941/info Oracle 8i ships with a component called TNS Listener. TNS Listener is used to arbitrate communication between remote database clients/applications and the database server. There exists a remotely exploitable buffer overflow in TNS Listener...
multiple vendor telnet daemon vulnerability
This is a short version of the original advisory. Most details about exploiting this vulnerabilty have been removed after thinking about it. I do not release it because it makes me happy, and I would like you to please not assume things about the reasons involving this posting. I wish things woul...
cfingerd 1.4.1/1.4.2/1.4.3 Utilities - Local Buffer Overflow (3)
// source: https://www.securityfocus.com/bid/2914/info cfingerd is a secure implementation of the finger daemon. cfingerd has been contributed to by many authors, and is maintained by the cfingerd development team. A buffer overflow in cfingerd makes it possible for a local user to gain elevated...
Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (4)
source: https://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A maliciously crafted request could allow...
NetSQL 1.0 - Remote Buffer Overflow
NetSQL 1.0 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/2885/info NetSQL is an implementation of a database and toolset distributed by Munica Corporation. NetSQL is part of 5 piece software package called the Webpak, containing utilities for features such as web boards,...
Solaris 2.62.67.08 whodo - Local Buffer Overflow
Solaris 2.62.67.08 whodo - Local Buffer Overflow // source: https://www.securityfocus.com/bid/2935/info The 'whodo' utility shipped with Sun Microsystems' Solaris provides a listing of users online and their activities. It is installed setuid root because it reads from the 'utmp' log as well as...
Microsoft Windows Server 2000 SP1SP2 - isapi .printer Extension Overflow (2)
Microsoft Windows Server 2000 SP1SP2 - isapi .printer Extension Overflow 2 / IIS 5 remote .printer overflow. "jill.c" don't ask. by: dark spyrit respect to eeye for finding this one - nice work. shouts to halvar, neofight and the beavuh bitchez. this exploit overwrites an exception frame to contr...
MS Windows 2000 sp1/sp2 isapi .printer Extension Overflow Exploit
Exploit for unknown platform in category remote exploits ================================================================= MS Windows 2000 sp1/sp2 isapi .printer Extension Overflow Exploit ================================================================= / iishack 2000 - eEye Digital Security -...
Microsoft Windows Server 2000 SP1/SP2 - isapi .printer Extension Overflow (1)
/ iishack 2000 - eEye Digital Security - 2001 This affects all unpatched windows 2000 machines with the .printer isapi filter loaded. This is purely proof of concept. Quick rundown of the exploit: Eip overruns at position 260 i have 19 bytes of code to jump back to the beginning of the buffer. an...
CrossWind CyberScheduler 2.1 - websyncd Remote Buffer Overflow
CrossWind CyberScheduler 2.1 - websyncd Remote Buffer Overflow // source: https://www.securityfocus.com/bid/2628/info CrossWind CyberScheduler is a scheduling and calendaring package. It consists of two distinct parts for - a set of cgi scripts on a web server and a set of daemons or services on ...
ssh1.crc32.txt
Abstract ----------- This article discusses the recently discovered security hole in the crc32 attack detector as found in common ssh packages like OpenSSH and derivates using the ssh-1 protocoll. There is a possible overflow during assignemnet from 32bit integer to 16bit wide one leading to...
Elm 2.5.3 - Alternative-Folder Buffer Overflow
Elm 2.5.3 - Alternative-Folder Buffer Overflow // source: https://www.securityfocus.com/bid/2403/info There is a buffer overflow in elm 2.5 PL3. This overflow is accessible by passing a long string to the -f Alternative-Folder command-line option. This vulnerability may not be restricted to this...