CVE-2005-2772

Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via 1 a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and 2 certain arguments when launching third party programs such as...

CVE-2005-2772

Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via 1 a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and 2 certain arguments when launching third party programs such as...

CVE-2005-2686

Directory traversal vulnerability in SaveWebPortal 3.4 allows remote attackers to include arbitrary files and execute arbitrary local PHP programs via ".." sequences in the 1 SITEPath parameter to menudx.php or 2 CONTENTSDir parameter to menusx.php...

Opera < 8.02 Multiple Vulnerabilities

The remote host is using Opera, an alternative web browser. The version of Opera installed on the remote host contains several flaws. One involves imaging dragging and could result in cross-site scripting attacks and user file retrieval. A second may let attackers spoof the file extension in the...

CVE-2001-1556

Technical details for CVE-2001-1556 are not publicly provided in the connected documents. Monitor for updates.

CVE-2002-2063

AtGuard 3.2 allows remote attackers to bypass firwall filters and execute prohibited programs by changing the filenames to permitted filenames...

FreeBSD : cups-lpr -- lppasswd multiple vulnerabilities (7850a238-680a-11d9-a9e7-0001020eed82)

D. J. Bernstein reports that Bartlomiej Sieka has discovered several security vulnerabilities in lppasswd, which is part of CUPS. In the following excerpt from Bernstein's email, CVE names have been added for each issue : First, lppasswd blithely ignores write errors in fputsline,outfile at lines...

Slackware 8.1 / 9.0 / 9.1 / current : cvs (SSA:2004-140-01)

New cvs packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix a buffer overflow vulnerability which could allow an attacker to run arbitrary programs on the CVS server. Sites running a CVS server should upgrade to the new CVS package right away. %NASLMINLEVEL 70300 C Tenable...

CVE-2004-2197

CVE-2004-2197 affects kdocker up to version 0.8. The binary kdocker.cpp fails to properly check file ownership, enabling local users to run arbitrary programs via ownership trust bypass. Affected component: kdocker.cpp in kdocker 0.1–0.8. Root cause: insufficient ownership verification. Impact: l...

security flaw

GNU glibc 2.3.4 before 2.3.4.20040619, 2.3.3 before 2.3.3.20040420, and 2.3.2 before 2.3.2-r10 does not restrict the use of LDDEBUG for a setuid program, which allows local users to gain sensitive information, such as the list of symbols used by the program...

Apple Mac OS X chpass/chfn/chsh utilities do not properly validate external programs

Overview Apple Mac OS X Directory Service utilities use external programs insecurely, potentially allowing an attacker to execute arbitrary code. Description The OS X Directory Services have three utilities chpass, chfn, and chsh to update information in the user database, such as user name,...

CVE-2004-1885

Ipswitch WSFTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe...

CVE-2004-1885

WS_FTP Server 4.0.2 is affected by CVE-2004-1885. The vulnerability allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify iFtpSvc options processed by iftpmgr.exe. This is a local/remote code-execution style impact described in the records, ...

CVE-2005-1335

Unknown vulnerability in Mac OS X 10.3.9 allows local users to gain privileges via 1 chfn, 2 chpass, and 3 chsh, which "use external helper programs in an insecure manner."...

CVE-2005-0627

Qt before 3.3.4 searches the BUILDPREFIX directory, which could be world-writable, to load shared libraries regardless of the LDLIBRARYPATH environment variable, which allows local users to execute arbitrary programs...

Multiple web browsers vulnerable to spoofing via Internationalized Domain Name support

Overview Multiple web browsers are vulnerable to spoofing attacks through the use of Internationalized Domain Names. Other applications such as email programs may also be vulnerable. Description The Domain Name System The Domain Name System DNS provides name, address, and other information about...

CVE-2005-0627

CVE-2005-0627 (Qt) : Qt before 3.3.4 searches the BUILD_PREFIX directory, which can be world-writable, to load shared libraries, effectively bypassing LD_LIBRARY_PATH and enabling a local user to execute arbitrary code. Affected product/versions: Qt up to 3.3.x prior to 3.3.4. Impact: local privi...

CVE-2005-0627

Qt before 3.3.4 searches the BUILDPREFIX directory, which could be world-writable, to load shared libraries regardless of the LDLIBRARYPATH environment variable, which allows local users to execute arbitrary programs...

CVE-2005-0243

Yahoo! Messenger 6.0.0.1750, and possibly other versions before 6.0.0.1921, does not properly display long filenames in file dialog boxes, which could allow remote attackers to trick users into downloading and executing programs via file names containing a large number of spaces and multiple file...

HP-UX PHNE_24715 : HPSBUX0309-283 SSRT3637 Potential Security Vulnerability in socket programs

s700800 11.00 cumulative ARPA Transport patch : Potential Security Vulnerability in socket programs. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and patch checks in this plugin were extracted from HP patch PHNE24715. The text itself is copyright C Hewlett-Packard...