wu-ftpd 2.4.2,SCO Open Server <= 5.0.5,ProFTPD 1.2 pre1 realpath Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/113/info There is a vulnerability in ProFTPD versions 1.2.0pre1 and earlier and in wu-ftpd 2.4.2 beta 18 VR9 and earlier. This vulnerability is a buffer overflow triggered by unusually long path names directory structures...

PHP 3/4/5 Multiple Local And Remote Vulnerabilities (1)

No description provided by source. source: http://www.securityfocus.com/bid/11964/info PHP4 and PHP5 are reported prone to multiple local and remote vulnerabilities that may lead to code execution within the context of the vulnerable process. The following specific issues are reported: A heap-bas...

freeBSD 4.8 realpath() Off-By-One Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8315/info The 'realpath' function is a C-library procedure to resolve the canonical, absolute pathname of a file based on a path that may contain values such as '/', './', '../', or symbolic links. A vulnerability that wa...

wu-ftpd 2.6.2, 2.6.0, 2.6.1 realpath() Off-By-One Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8315/info The 'realpath' function is a C-library procedure to resolve the canonical, absolute pathname of a file based on a path that may contain values such as '/', './', '../', or symbolic links. A vulnerability that wa...

wu-ftpd 2.6.2 realpath() Off-By-One Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8315/info The 'realpath' function is a C-library procedure to resolve the canonical, absolute pathname of a file based on a path that may contain values such as '/', './', '../', or symbolic links. A vulnerability that wa...

wu-ftpd 2.4.2,SCO Open Server <= 5.0.5,ProFTPD 1.2 pre1 realpath Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/113/info There is a vulnerability in ProFTPD versions 1.2.0pre1 and earlier and in wu-ftpd 2.4.2 beta 18 VR9 and earlier. This vulnerability is a buffer overflow triggered by unusually long path names directory structures...

PHP realpath 函数信息泄露漏洞

No description provided by source...

PT-2009-1126 · Vmware +3 · Open-Vm-Tools +3

Name of the Vulnerable Software and Affected Versions: open-vm-tools version 2009.03.18-154848 Description: The issue is related to the mount.vmhgfs component of the open-vm-tools package, which incorrectly handles symbolic links before accessing a file. This can allow an attacker to access...

freeSSHd SFTP 'rename' and 'realpath' Remote DoS Vulnerability

The host is running freeSSHd SSH server and is prone to remote denial of service vulnerability. NULL pointer de-referencing errors in SFTP 'rename' and 'realpath' commands. These can be exploited by passing overly long string passed as an argument to the affected commands. OpenVAS Vulnerability...

freeSSHd SFTP 'rename' and 'realpath' < 1.2.6 Remote DoS Vulnerability

freeSSHd SSH server is prone to a remote denial of service DoS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Stack overflow

Stack-based buffer overflow in freeSSHd 1.2.1 allows remote authenticated users to cause a denial of service service crash and potentially execute arbitrary code via a long argument to the 1 rename and 2 realpath parameters...

freeSSHd rename及realpath命令拒绝服务漏洞

BUGTRAQ ID: 31872 freeSSHd是免费的SSH服务器实现。 freeSSHd在处理SFTP rename和realpath命令时存在空指针引用错误，如果远程攻击者在上述命令中包含了超长的字符串作为参数的话，就可以触发这个漏洞，导致服务器崩溃。 freeSSHd 1.2.1 -------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本： http://freesshd.com/ http://www.sebug.net/exploit/4958/ http://www.sebug.net/exploit/4957/...

freeSSHd 1.2.1 sftp realpath Remote Buffer Overflow PoC (auth)

No description provided by source. !/usr/bin/perl Jeremy Brown [email protected]/jbrownsec.blogspot.com FreeSSH 1.2.1 Crash 2 -- A Product of Fuzzing. Stay Tuned For More. use Net::SSH2; $host = "192.168.0.100"; $port = 22; $username = "test"; $password = "test"; $dos = "A" x 262145; $ssh2 =...

python buffer overflow

Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has a long name, related to the realpath...

SuSe mount/umount溢出漏洞

由于mount/umount命令没有对用户的输入进行正确的边界检查，如果攻击者以超长的相对路径名为参数运行mount/umount程序，将会覆盖为realpath函数动态分配的内存空间的内容。攻击者通过修改堆heap数据有可能会获得root特权。 SuSe Linux 所有版本 Package: util 2.10f 升级util软件包，或去掉mount/umount的suid位。 ftp://ftp.suse.com/pub/suse/axp/update/6.1/a1/util-2.10f-4.alpha.rpm...

python buffer overflow

Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has a long name, related to the realpath...

Design/Logic Flaw

PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...

CVE-2007-3007

PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...

CVE-2007-3007

PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...

CVE-2007-3007

PHP 5 before 5.2.3 does not enforce the openbasedir or safemode restriction in certain cases, which allows context-dependent attackers to determine the existence of arbitrary files by checking if the readfile function returns a string. NOTE: this issue might also involve the realpath function...