2173 matches found
GLSA-200502-03 : enscript: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200502-03 enscript: Multiple vulnerabilities Erik Sjolund discovered several issues in enscript: it suffers from several buffer overflows CAN-2004-1186, quotes and shell escape characters are insufficiently sanitized in filenames...
MS05-007: Vulnerability in Windows Could Allow Information Disclosure (888302)
The remote version of Windows contains a flaw that could allow an attacker to cause it to disclose information over the use of a named pipe through a NULL session. An attacker may exploit this flaw to gain more knowledge about the remote host. C Tenable Network Security, Inc. include"compat.inc";...
CVE-2005-0051
CVE-2005-0051 concerns the Windows Server service (srvsvc.dll) on Windows XP SP1/SP2, where an anonymous logon over a named pipe can disclose authentication-related information about users accessing shared resources. The vulnerability enables remote information disclosure without code execution. ...
CVE-2005-0051
The Server service srvsvc.dll in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information users who are accessing resources via an anonymous logon using a named pipe, which is not properly authenticated, aka the "Named Pipe Vulnerability."...
enscript -- multiple vulnerabilities
Erik Sjölund discovered several issues in enscript: it suffers from several buffer overflows, quotes and shell escape characters are insufficiently sanitized in filenames, and it supported taking input from an arbitrary command pipe, with unwanted side effects...
CVE-2004-1184
CVE-2004-1184 affects enscript (notably version 1.6.3) where EPSF pipe support accepts shell metacharacters, enabling arbitrary command execution by remote attackers or local users. Technical details across OpenVAS/Nessus entries confirm the vulnerability and its association with enscript; remedi...
CVE-2004-1184
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters...
CVE-2004-1184
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters...
DEBIAN-CVE-2004-1184
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters...
CVE-2004-1184
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters...
DEBIAN-CVE-2004-1014
statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service server process crash via a TCP connection that is prematurely terminated...
CVE-2004-0795
DB2 8.1 remote command server DB2RCMD.EXE executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe...
Debian DSA-151-1 : xinetd - pipe exposure
Solar Designer found a vulnerability in xinetd, a replacement for the BSD derived inetd. File descriptors for the signal pipe introduced in version 2.3.4 are leaked into services started from xinetd. The descriptors could be used to talk to xinetd resulting in crashing it entirely. This is usuall...
CVE-2004-0795
DB2 8.1 remote command server DB2RCMD.EXE executes the db2rcmdc.exe program as the db2admin administrator, which allows local users to gain privileges via the DB2REMOTECMD named pipe...
Sendmail < 8.12.8 Double Pipe smrsh Bypass Overflow
Binary data 2039.prm...
HP-UX FTP code execution
It's possiblt to execute application on server by specifing '|' in filename...
CVE-2003-0230
Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability...
CVE-2003-0231
Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service crash or hang via a long request to a named pipe...
CVE-2003-0496
Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xpfileexist extended stored procedure with a named pipe as an argument instead of a normal file...
VulnCheck KEV: CVE-2003-0605
The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service crash, and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the RemoteGetClassObject interface that cause a NULL pointer to be passed...