webalizer vulnerable to buffer overflow when performing reverse DNS lookups

Overview A remotely exploitable buffer overflow exists in all versions of webalizer prior to version 2.01-10. Description webalizer is a web server log file analysis program.webalizer has the ability do resolve hostnames as part of the process of generating reports. A buffer overflow exists in th...

Symantec Enterprise Firewall Secure Webserver info leak

Advanced IT-Security Advisory 02-10-2002 http://www.ai-sec.dk/ Issue: ====== Symantec Enterprise Firewall Secure Webserver info leak Problemdescription: =================== There exists a problem in Simple, secure webserver 1.1 which is shipped with Raptor Firewall 6.5 among others, in which an...

Low: Red Hat Security Advisory: unzip security update

The unzip and tar utilities contain vulnerabilities which can allow arbitrary files to be overwritten during archive extraction. updated Jan 22 2003 Added description of CAN-2002-1216 which was also fixed by these erratum packages. The unzip and tar utilities are used for dealing with archives,...

Microsoft Word does not check for macros contained in linked template file when opening RTF document

Overview There is a vulnerability caused by a failure to detect macros embedded in templates used by rich text format documents opened in Microsoft Word. This vulnerability may allow the author of a malicious document to execute arbitrary commands as the user who opens the document. Description...

Novell GroupWise Server web-based front-end does not adequately validate user input thereby allowing directory traversal

Overview Novell GroupWise web application does not adequately validate user input, allowing directory traversal. Description Novell GroupWise server includes a web application that allows users to access e-mail and other features of the server. This component of GroupWise does not properly valida...

HP Tru64 UNIX "chfn" contains buffer overflow (SSRT2259)

Overview The HP Tru64 UNIX implementation of "chfn" contains a locally exploitable buffer overflow. Description A locally exploitable buffer overflow in "chfn" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host. --- Impact A local user may be...

Security Bulletin MS02-051: Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure (Q324380)

-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Cryptographic Flaw in RDP Protocol can Lead to Information Disclosure Q324380 Released: 18 September 2002 Software: Microsoft Windows 2000 Microsoft Windows XP Impact: Two...

HP Tru64 UNIX ".upd..loader" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of ".upd..loader" contains a locally exploitable buffer overflow. Description A locally exploitable buffer overflow in ".upd..loader" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host. --- Impact A loc...

HP Tru64 UNIX "ps" contains buffer overflow (SSRT2256)

Overview The HP Tru64 UNIX implementation of "ps" contains a locally exploitable buffer overflow. Description "ps" is used to display information about running processes. A locally exploitable buffer overflow in "ps" may permit a local attacker to gain elevated privileges and execute arbitrary co...

HP Tru64 UNIX "imapd" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "imapd" contains a locally exploitable buffer overflow. Description "imapd" is the IMAP daemon. A locally exploitable buffer overflow in "imapd" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host. --...

HP Tru64 UNIX "ipcs" contains buffer overflow (SSRT0794U)

Overview The HP Tru64 UNIX implementation of "ipcs" contains a locally exploitable buffer overflow. Description "ipcs" is used to report inter-process communication status. A locally exploitable buffer overflow in "ipcs" may permit a local attacker to gain elevated privileges and execute arbitrar...

HP Tru64 UNIX "binmail" contains buffer overflow (SSRT0796U)

Overview The HP Tru64 UNIX implementation of "binmail" contains a locally exploitable buffer overflow. Description "binmail" is used to send and display mail messages. A locally exploitable buffer overflow in "binmail" may permit a local attacker to gain elevated privileges and execute arbitrary...

HP Tru64 UNIX "lpq" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "lpq" contains a locally exploitable buffer overflow. Description "lpq" is used to examine the printer spool queue. A locally exploitable buffer overflow in "lpq" may permit a local attacker to gain elevated privileges and execute arbitrary code on a...

Multiple Vendor rpc.nisd Long NIS+ Argument Remote Overflow

The remote RPC service 100300 nisd is vulnerable to a buffer overflow attack that allows any user to obtain a root shell on this host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10251; scriptversion"1.28"; scriptcvsdate"Date: 2018/11/15 20:50:24";...

Microsoft Windows Server Message Block (SMB) fails to properly handle SMB_COM_TRANSACTION packets requesting NetServerEnum3 transaction

Overview Microsoft Server Message Block SMB may crash upon receipt of a crafted SMBCOMTRANSACTION packet requesting a NetServerEnum3 transaction. Attackers can use this vulnerability to cause a denial of service. Description SMB is a protocol for sharing data and resources between computers,...

Sendmail RestrictQueueRun Option Debug Mode Information Disclosure

According to the version number of the remote mail server, a local user may be able to obtain the complete mail configuration and other interesting information about the mail queue even if he is not allowed to access those information directly, by running sendmail -q -d0-nnnn.xxx where nnnn & xxx...

Microsoft Windows SQL Server allows arbitrary queries to be executed via "xp_execresultset" extended procedure

Overview MS SQL Server contains an extended stored procedure with inappropriate permission settings. Description Microsoft SQL Server 7.0 and Microsoft SQL Server 2000 contain an extended stored procedure, xpexecresultset , that permits an unprivileged user of a database to gain administrative...

Oracle Configurator discloses version and host information via "test" argument passed to servlet

Overview A servlet component of Oracle Configurator may post sensitive version and host information to any Web user that makes a crafted request to the server. Description Oracle Configurator is an Internet application used to configure Oracle Application and Database Servers. If a user sends a...

Microsoft IIS / Site Server codebrws.asp Arbitrary Source Disclosure

Microsoft's IIS 5.0 web server is shipped with a set of sample files to demonstrate different features of the ASP language. One of these sample files allows a remote user to view the source of any file in the web root with the extension .asp, .inc, .htm, or .html. %NASLMINLEVEL 70300 This script...

cqure.net.20020412.netware_client.a

cqure.net Security Vulnerability Report No: cqure.net.20020412.netwareclient.a ======================================== Vulnerability Summary --------------------- Problem: Multiple buffer overflow conditions exist in the Novell Netware client for Windows. Threat: An attacker could crash any...