Lucene search
K

721 matches found

securityvulns
securityvulns
added 2005/07/13 12:0 a.m.69 views

[Full-disclosure] APPLE Darwin Streaming Server Web Admin Remote Denial of Serivce

APPLE Darwin Streaming Server Web Admin Remote Denial of Serivce By Sowhat 2005.07.13 http://secway.org/Advisory/AD20050713.txt Vendor Apple Inc. Product Affected Darwin Streaming Server 5.5 and below for Win32 CVE-ID: CAN-2005-2195 OverView: Darwin Streaming Server is server technology allowing...

10CVSS3.3AI score0.03425EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2005/07/13 12:0 a.m.23 views

FreeBSD : ethereal -- multiple vulnerabilities (efa1344b-5477-11d9-a9e7-0001020eed82)

An Ethreal Security Advisories reports : Issues have been discovered in the following protocol dissectors : - Matthew Bing discovered a bug in DICOM dissection that could make Ethereal crash. - An invalid RTP timestamp could make Ethereal hang and create a large temporary file, possibly filling...

5CVSS5.4AI score0.02495EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2005/03/24 12:0 a.m.10 views

Media Server Type (RTP) Detection

Binary data 2760.prm...

7.3AI score
Exploits0
CVE
CVE
added 2005/02/20 5:0 a.m.36 views

CVE-2004-1683

CVE-2004-1683 concerns a race condition in crrtrap on QNX RTP 6.1. The vulnerability allows local users to gain privileges by manipulating the PATH environment variable to invoke a malicious io-graphics program before crrtrap executes. Impact is described as local privilege escalation with partia...

3.7CVSS6.9AI score0.00294EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/02/06 5:0 a.m.18 views

CVE-2004-1390

Multiple buffer overflows in the PPPoE daemon PPPoEd in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument to the 1 -F, 2 name, 3 en, 4 upscript, 5 downscript, 6 retries, 7 timeout, 8 scriptdetach, 9 noscript, 10 nodetach, 11 remotemac, or 12 localmac flags...

7.8AI score0.0734EPSS
Exploits1References5
Cvelist
Cvelist
added 2005/02/06 5:0 a.m.19 views

CVE-2004-1391

Untrusted execution path vulnerability in the PPPoE daemon PPPoEd in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program...

7AI score0.00561EPSS
Exploits1References6
CVE
CVE
added 2005/02/06 5:0 a.m.49 views

CVE-2004-1391

The CVE-2004-1391 entry concerns the PPPoE daemon (PPPoEd) in QNX RTP 6.1, where an untrusted execution path allows local users to execute arbitrary programs by manipulating the PATH environment variable to reference a malicious mount program. This describes a local-privilege problem rooted in PA...

4.6CVSS7.4AI score0.00561EPSS
Exploits1References6Affected Software2
CVE
CVE
added 2005/02/06 5:0 a.m.47 views

CVE-2004-1390

CVE-2004-1390 affects the PPPoE daemon (PPPoEd) in QNX RTP 6.1 . The issue is described as multiple buffer overflows in PPPoEd that allow a remote attacker to execute arbitrary code by supplying a long argument to any of the flags: -F, name, en, upscript, downscript, retries, timeout, scriptdetac...

10CVSS8.2AI score0.0734EPSS
Exploits1References5Affected Software2
CVE
CVE
added 2004/12/31 5:0 a.m.62 views

CVE-2004-1140

CVE-2004-1140 affects Ethereal 0.9.0 through 0.10.7. The flaw allows remote attackers to trigger a denial of service (application hang) and potentially exhaust disk space by sending an invalid RTP timestamp. This is a network‑targeted issue on Ethereal’s RTP handling. Public context in connected ...

5CVSS6.4AI score0.02495EPSS
Exploits0References11Affected Software1
Cvelist
Cvelist
added 2004/12/31 5:0 a.m.30 views

CVE-2004-1140

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service application hang and possibly fill available disk space via an invalid RTP timestamp...

6.4AI score0.02495EPSS
Exploits0References11
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-1391

Untrusted execution path vulnerability in the PPPoE daemon PPPoEd in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program...

4.6CVSS7AI score0.00561EPSS
Exploits1References6
UbuntuCve
UbuntuCve
added 2004/12/31 5:0 a.m.31 views

CVE-2004-1140

Ethereal 0.9.0 through 0.10.7 allows remote attackers to cause a denial of service application hang and possibly fill available disk space via an invalid RTP timestamp...

5CVSS6AI score0.02495EPSS
Exploits0References1
NVD
NVD
added 2004/12/31 5:0 a.m.14 views

CVE-2004-1390

Multiple buffer overflows in the PPPoE daemon PPPoEd in QNX RTP 6.1 allow remote attackers to execute arbitrary code via a long argument to the 1 -F, 2 name, 3 en, 4 upscript, 5 downscript, 6 retries, 7 timeout, 8 scriptdetach, 9 noscript, 10 nodetach, 11 remotemac, or 12 localmac flags...

10CVSS7.8AI score0.0734EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2004/12/21 12:0 a.m.32 views

Mandrake Linux Security Advisory : ethereal (MDKSA-2004:152)

A number of vulnerabilities were discovered in Ethereal : - Matthew Bing discovered a bug in DICOM dissection that could make Ethereal crash CVE-2004-1139 - An invalid RTP timestamp could make Ethereal hang and create a large temporary file, possibly filling available disk space CVE-2004-1140 - T...

5CVSS5.5AI score0.02495EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2004/12/19 12:0 a.m.31 views

GLSA-200412-15 : Ethereal: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200412-15 Ethereal: Multiple vulnerabilities There are multiple vulnerabilities in versions of Ethereal earlier than 0.10.8, including: Bug in DICOM dissection discovered by Bing could make Ethereal crash CAN 2004-1139. An invalid...

5CVSS6AI score0.02495EPSS
Exploits0References6
FreeBSD
FreeBSD
added 2004/12/14 12:0 a.m.34 views

ethereal -- multiple vulnerabilities

An Ethreal Security Advisories reports: Issues have been discovered in the following protocol dissectors: Matthew Bing discovered a bug in DICOM dissection that could make Ethereal crash. An invalid RTP timestamp could make Ethereal hang and create a large temporary file, possibly filling availab...

5CVSS0.4AI score0.02495EPSS
Exploits0References1
NVD
NVD
added 2004/09/13 4:0 a.m.7 views

CVE-2004-1683

A race condition in crrtrap for QNX RTP 6.1 allows local users to gain privileges by modifying the PATH environment variable to reference a malicious io-graphics program before is executed by crrtrap...

3.7CVSS6.5AI score0.00294EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2001/06/15 12:0 a.m.64 views

QNX RTP FTP stat Command strtok() Function Overflow

The remote FTP server is vulnerable to a stack overflow when calling the 'strtok' function. An attacker can exploit this flaw to execute arbitrary code on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10692; scriptversion"1.28"; scriptcvsdate"Date:...

7.5CVSS5.9AI score0.02144EPSS
Exploits1References2
NVD
NVD
added 2001/05/03 4:0 a.m.13 views

CVE-2001-0325

Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command...

7.5CVSS7.8AI score0.02144EPSS
Exploits1References2
Cvelist
Cvelist
added 2001/04/04 4:0 a.m.22 views

CVE-2001-0325

Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command...

7.8AI score0.02144EPSS
Exploits1References2
Rows per page
Query Builder