746 matches found
[SECURITY] [DSA-128-1] sudo buffer overflow
Package : sudo Problem type : buffer overflow Debian-specific: no fc found a buffer overflow in the variable expansion code used by sudo for its prompt. Since sudo is necessarily installed suid root a local user can use this to gain root access. This has been fixed in version 1.6.2-2.2 and we...
Security Update: [CSSA-2002-SCO.8] OpenServer: dlvr_audit: exploitable buffer overflow
To: [email protected] [email protected] [email protected] Caldera International, Inc. Security Advisory Subject: OpenServer: dlvraudit: exploitable buffer overflow Advisory number: CSSA-2002-SCO.8 Issue date: 2002 March 11 Cross reference: 1. Problem Description The dlvraud...
mod_ssl and Apache_SSL modules contain a buffer overflow in the implementation of the OpenSSL "i2d_SSL_SESSION" routine
Overview There is a remotely exploitable buffer overflow in two modules that implement the Secure Sockets Layer SSL and Transport Layer Security TLS protocol. This can be used to execute arbitrary code. Description The Secure Sockets Layer SSL and Transport Layer Security TLS protocols are used t...
New Roxen Webserver Library Issues
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++GOBBLES+SECURITY+RESEARCH+TEAM+INCORPORATED+++++++++++++++++ ALERT! ALERT! A NEW BUFFER OVERFLOW IN LIBRARY FROM ROXEN! ALERT! ALERT! ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++...
Buffer overflow in Python code
Hi, I've found buffer overflow in Python 2.1.1 source code. Maybe there're many others The buffer overflow is in the file traceback.c in the directory Python of the Python source code. Simply there's a sprintf done in this way: sprintflinebuf,FMT,filename,lineno,name What cause the overflow is th...
Stalker Internet Mail Server 1.6 - Remote Buffer Overflow
source: https://www.securityfocus.com/bid/62/info There exists a buffer overflow in the Stalker Internet Mail Server version 1.6. If you connect to the SMTP port and issue a HELO command with a large string several hundred bytes for a hostname the server, and possibly MacOS, will crash. 220-Stalk...
Advisory CA-2001-21
-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2001-21 Buffer Overflow in telnetd Original release date: July 24, 2001 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Systems running versions of telnetd derived from BSD...
Переполнение буфера в pileup (buffer overflow)
Переполнение буфера в suid приложении...
[SECURITY] [DSA-066-1] cfingerd remote exploit
Package : cfingerd Problem type : remote exploit Debian-specific: no Steven van Acker reported on bugtraq that the version of cfingerd a configurable finger daemon as distributed in Debian GNU/Linux 2.2 suffers from two problems: 1. The code that reads configuration files files in which $ command...
Ports Security Advisory: FreeBSD-SA-01:22.dc20ctrl
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:22 Security Advisory FreeBSD, Inc. Topic: dc20ctrl port contains a locally exploitable buffer overflow yielding gid dialer Category: ports Module: dc20ctrl Announced:...
Дырка в CrazyWWWBoard
Переполнение буфера при разборе MIME-полей POST-запроса...
Vulnerabilites in SmallHTTP Server
403-security SECURITY ADVISORY Product: SmallHTTPServer Version: 2.01 Author: [email protected] Homepage: http://www.403-security.org 1st Problem: By default if user send request without file name specified http://host/subdirectory/ HTTPServer will look for index.html in that folder and if...
CVE-2000-0706
Buffer overflows in ntop running in web mode allows remote attackers to execute arbitrary commands...
Qpopper 2.53 remote problem, user can gain gid=mail
b u f f e r 0 v e r f l 0 w s e c u r i t y a d v i s o r y 5 Advisory Name: Remote shell via Qpopper2.53 Date: 5/23/00 Application: Qpopper 2.53 for NIX Vendor: Qualcomm Incorporated WWW: www.qualcomm.com Severity: can give users remote shell with gid=mail. Author: prizm [email protected]...
Переполнение буфера в fdmount
Каждый входящий в группу floppy имеет возможность получить привилегии root...
Microsoft Windows Server 20009598NT 4.0 - Long Filename Extension
Microsoft Windows Server 20009598NT 4.0 - Long Filename Extension // source: https://www.securityfocus.com/bid/1259/info Windows 95, 98, NT and 2000 suffer from a number of related buffer overflows that can result in a crash if a filename with an extension longer than 128 characters is accessed...
XFree86 server overflow - exploit issues
While trying to exploit this overflow, I noticed that the problem lies in lovely strcpy call, which overwrites stack. Unfortunately, any 'offending' non-alphanumeric characters are replaced with '' somewhere before. Uh, most of people will say "it's impossible to write alphanumeric shellcode, so ...
RedHat 4.x/5.x/6.x / RedHat man 1.5 / Turbolinux man 1.5 / Turbolinux 3.5/4.x - 'man' Buffer Overrun (2)
/ source: https://www.securityfocus.com/bid/1011/info RedHat 4.0/4.1/4.2/5.0/5.1/5.2/6.0/6.2,RedHat man 1.5,Turbolinux man 1.5,Turbolinux 3.5/4.2/4.4 man Buffer Overrun Vulnerability A buffer overflow exists in the implementation of the 'man' program shipped with RedHat Linux, and other LInux...
CVE-1999-0076
Buffer overflow in wu-ftp from PASV command causes a core dump...
Computalynx CMail 2.3 - Web File Access
Computalynx CMail 2.3 - Web File Access / source: https://www.securityfocus.com/bid/281/info A vulnerability in Computalynx's CMail allows remote malicious users to steal local files. Compulynx's CMail is a Win32 mail server program. One of its features is allowing users to access their email wit...