OpenSSH Security Advisory (adv.token)

A buffer overflow exists in OpenSSH's sshd if sshd has been compiled with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing has been enabled in the sshdconfig file. Ticket and token passing is not enabled by default. 1. Systems affected: All Versions of OpenSSH compiled with...

[SNS Advisory No.51] Compaq Tru64 UNIX libc Buffer Overflow Vulnerability

---------------------------------------------------------------------- SNS Advisory No.51 Compaq Tru64 UNIX libc Buffer Overflow Vulnerability Problem first discovered: Sun, 18 Nov 2001 Published: Thu, 17 Apr 2002 ---------------------------------------------------------------------- Overview:...

[SECURITY] [DSA 119-1] ssh channel bug

Package: openssh Vulnerability: local root exploit, remote client exploit Debian-specific: no Joost Pol [email protected] reports that OpenSSH versions 2.0 through 3.0.2 have an off-by-one bug in the channel allocation code. This vulnerability can be exploited by authenticated users to gain root...

OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One

source: https://www.securityfocus.com/bid/4241/info OpenSSH is a suite implementing the SSH protocol. It includes client and server software, and supports ssh and sftp. It was initially developed for BSD, but is also widely used for Linux, Solaris, and other UNIX-like operating systems. A...

[ Hackerslab bug_paper ] Xkas application vulnerability

============================================================================= Hackerslab bugpaper Xkas application vulnerability ============================================================================= File : /usr/etc/appletalk/xkas application SYSTEM : tested irix 6.5 INFO : Xkas is a serve...

SysV /bin/login Environment Remote Overflow (telnet check)

The remote /bin/login seems to crash when it receives too many environment variables. This is likely due to a buffer overflow vulnerability which might allow an attacker to execute arbitrary code on the remote host. C Tenable Network Security, Inc. Sun's patch makes /bin/login exits when it...

WS-FTP Server vulnerable to buffer overflow via long string sent as argument to ftp command

Overview A remotely exploitable buffer overflow exists in the IPSWITCH WSFTP Server. Description Defcom Labs has discovered a remotely exploitable buffer overflow vulnerability in the IPSWITCH WSFTP Server on all platforms that allows intruders to execute arbitrary code with the privileges of the...

BEA WebLogic Hex Encoded Request JSP Source Disclosure

The version of BEA WebLogic installed on the remote host may be tricked into revealing the source code of JSP scripts by using simple URL encoding of characters in the filename extension. %NASLMINLEVEL 70300 This script was written by Gregory Duchemin See the Nessus Scripts License for details...

Check Point RDP Bypass Vulnerability

Overview Check Point VPN-1/FireWall-1 version 4.0 & 4.1 may allow an intruder to pass traffic through the firewall on port 259. Description Firewall-1 and VPN-1 include support for RDP, but do not provide adequate security controls for RDP data. By adding a faked RDP header to typical UDP traffic...

Trend Micro InterScan VirusWall catinfo CGI Overflow

The remote cgi /catinfo seems to be vulnerable to a buffer overflow when it receives a too long input strings, allowing any user to execute arbitrary commands as root. This CGI usually comes with the VirusWall suite. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Nobreak Tecnologies CrazyWWWBoard Remote Buffer Overflow Vulnerability

Nobreak Tecnologies CrazyWWWBoard Remote Buffer Overflow Vulnerability Jin Ho You, [email protected] 1 Discussion CrazyWWWBoardhttp://www.crazywwwboard.com is a web bulletin board program written in C/C++. Insufficient boundary checking exists in the qDecoder CGI library code which...

XMail APOP / USER Command Remote Overflow

The remote host is running XMail, a POP3 server. The installed version is subject to a buffer overflow when it receives two arguments that are too long for the APOP command. An attacker could exploit this issue to disable the POP server or to execute arbitrary code as root on the remote host. C...

Netscape Enterprise Server SSL Handshake DoS

There is an SSL handshake bug in the remote secure web server that could lead to a denial of service attack. An attacker may use this flaw to prevent your site from working properly. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

Microsoft IIS FTP Server NLST Command Overflow DoS

It is possible to make the IIS FTP server close all the active connections by issuing a too long NLST command, which will make the server crash. An attacker can use this flaw to prevent people from downloading data from your FTP server. C Tenable Network Security, Inc. include"compat.inc";...

CVE-2025-50142

...

PT-2002-3169 · Debian · Debian

Name of the Vulnerable Software and Affected Versions: ncurses version 5.0 ncurses4 compatibility package affected versions not specified Description: The issue is related to a buffer overflow in routines for moving the physical cursor and scrolling, allowing local users to gain privileges...

PT-2014-9085 · Openbsd +10 · Openssh Sshd +11

Name of the Vulnerable Software and Affected Versions: bash versions prior to 4.3 bash-3.0 bash-3.2 bash-4.1.2 bash-4.2.45 bash-debuginfo bash-debuginfo-3.2 bash-debuginfo-4.1.2 bash-debuginfo-4.2.45 bash-debugsource bash-devel bash-doc bash-doc-4.1.2 bash-doc-4.2.45 bash-loadables...