CVE-2000-1204

Vulnerability in the modvhostalias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root...

asciiSECURE advisory (2002-07-17/1)

ASCII HEADER ADVISORY !! ALERT !! ASCII HEADER ADVISORY !! ALERT !! ASCII HE :::::::: ADDIUNG A POORLY GENERATED ASCII HEADERZ FOR BUGTACKY READERZAAZSZ! :::::apparentlytheonlywaytogetamessageacceptedonbugtraqistodothis::::::::::: :::GREETZ2MOIher0z...mali/malificient/the mali amazing san fran...

WINAMP also allows execution of arbitrary code (probably a lot more programs aswell)

It would seem that I opened up a can of worms when i created my icq + msie advisory the other day Wich presented a new way to execute arbitrary code on a users machine winamp is equally vulnerable Winamps starts skin files with the extention wsz and the mime type interface/x-winamp-skin automatic...

CVE-2001-1074

Webmin 0.84 and earlier does not properly clear the HTTPAUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges...

CVE-2001-1074

Summary: CVE-2001-1074 affects Webmin 0.84 and earlier. The vulnerability arises because Webmin does not properly clear the HTTP_AUTHORIZATION environment variable when the web server restarts, causing authentication information to be exposed to all CGI programs and enabling local privilege escal...

CVE-2002-0477

Standalone Macromedia Flash Player 5.0 before 5,0,30,2 allows remote attackers to execute arbitrary programs via a .SWF file containing the "exec" FSCommand...

CVE-2002-0421

IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including 1 aexp2.htr, 2 aexp2b.htr, 3 aexp3.htr , or 4 aexp4.htr...

QNX RTOS 4.25/6.1 - su Password Hash Disclosure

source: https://www.securityfocus.com/bid/4914/info It has been reported that the 'su' utility for QNX RTOS accepts the SIGSEGV signal and dumps a world readable core file. An attacker is able to analyze the core file and obtain very sensitive information. It is very probable that this is a...

Multiple vulnerabilities in QNX

I think I found what appears to be several or one fundamental vulnerabilities under QNXtested on version 4.25. I have not found any documentation/reference to these anywhere, so I assume they/it were not known. Importance of the bug: any local user can gain root accesswhich, under QNX, means root...

Apache HTTP Server on Win32 systems does not securely handle input passed to CGI programs

Overview A vulnerability in the Apache HTTP Server running on Win32 systems Windows 9x/Me, Windows NT/2000/XP could allow an attacker to execute commands with the privileges of the web server process. Description The Apache HTTP Server is a freely available web server that runs on a variety of...

A possible buffer overflow in libnewt

Hi! When I am debugging my little program which used libnewt,I found a possible buffer overflow in libnewt. libnewt is widely used by configuration program in redhat.Because there is no suid program use libnewt in my redhat 6.2 environment,it seems this bug can't be used to gain root.But if there...

Moderate: Red Hat Security Advisory: : Vulnerability in zlib library (powertools)

Update 20 Mar 2002: VNC packages updated to fix another denial of service vulnerability caused by the previous update. Thanks to Const Kaplinsky for discovering this issue. The zlib compression library provides in-memory compression and decompression functions. It is widely used throughout Linux...

CVE-1999-1143

Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs...

CVE-1999-1301

The CVE-1999-1301 issue concerns the rzsz implementation of the Z-Modem protocol in FreeBSD prior to 2.1.5. A design flaw in the Z-Modem handling allows the remote sender of a file to execute arbitrary programs on the client, constituting remote code execution at the client side. Affected compone...

CVE-2000-0790

The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file...

CVE-2001-0995

PHProjekt before 2.4a allows remote attackers to perform actions as other PHProjekt users by modifying the ID number in an HTTP request to PHProjekt CGI programs. The vulnerability arises from trusting the ID parameter in requests, enabling privilege escalation to partial confidentiality/integrit...

CVE-1999-1145

Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges...

CVE-2001-0573

lsfs in AIX 4.x allows a local user to gain additional privileges by creating Trojan horse programs named 1 grep or 2 lslv in a certain directory that is under the user's control, which cause lsfs to access the programs in that directory...

EZNE.NET Ezboard 2000 - Remote Buffer Overflow

EZNE.NET Ezboard 2000 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/4068/info Ezboard 2000 is a web based bulletin board system. It is available for Linux systems. A vulnerability has been reported in some versions of Ezboard. In some CGI programs, user supplied data is writt...

EZNE.NET Ezboard 2000 - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/4068/info Ezboard 2000 is a web based bulletin board system. It is available for Linux systems. A vulnerability has been reported in some versions of Ezboard. In some CGI programs, user supplied data is written to a staticly sized array with a sprintf cal...