2171 matches found
HP-UX PHSS_29734 : s700_800 11.00 CDE Runtime Periodic Patch
s700800 11.00 CDE Runtime Periodic Patch : The remote HP-UX host is affected by multiple vulnerabilities : - Certain dtterm escape sequences have the potential to be misused. HPSBUX00309 SSRT3507 - A potential buffer overflow exists in a function called by the suid root program dtmailpr...
security flaw
Directory traversal vulnerability in the truepath function in private.py for Mailman 2.1.5 and earlier allows remote attackers to read arbitrary files via ".../....///" sequences, which are not properly cleansed by regular expressions that are intended to remove "../" and "./" sequences...
CVE-2004-1488
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code...
CVE-2004-1488
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code...
CVE-2005-0329
Directory traversal vulnerability in ZipGenius 5.5 and earlier allows remote attackers to create and possibly modify arbitrary files via a ZIP file with a file whose name includes .. dot dot sequences...
PowerDNS DNS server DoS
Random sequence of deta causes server to hang...
DEBIAN-CVE-2004-0916
Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. dot dot sequences in a filename...
CVE-2004-0916
Directory traversal vulnerability in cabextract before 1.1 allows remote attackers to overwrite arbitrary files via a cabinet file containing .. dot dot sequences in a filename...
CVE-2004-2480
Squid Web Proxy Cache 2.3.STABLE5 allows remote attackers to bypass security controls and access arbitrary websites via "@@" sequences in a URL within Internet Explorer...
CVE-2004-2294
Canonicalize-before-filter error in the sendreview function in the Reviews module for PHP-Nuke 6.0 to 7.3 allows remote attackers to inject arbitrary web script or HTML via hex-encoded XSS sequences in the text parameter, which is checked for dangerous sequences before it is canonicalized, leadin...
PT-2004-1119 · Unarj · Unarj
Name of the Vulnerable Software and Affected Versions: unarj affected versions not specified Description: The issue is related to a directory traversal vulnerability in the -x extract command line option. This vulnerability allows remote attackers to overwrite arbitrary files by using an arj...
ParaChat directory traversal
Directory traversal with ..5C/...
Debian DSA-380-1 : xfree86 - buffer overflows, denial of service
use wml::fmt::verbatim Four vulnerabilities have been discovered in XFree86. - CAN-2003-0063- xterm window title reporting escape sequence can deceive user The xterm package provides a terminal escape sequence that reports the window title by injecting it into the input buffer of the terminal...
solaris/SPARC execve /bin/sh 52 bytes
Exploit for solaris/sparc platform in category shellcode ===================================== solaris/SPARC execve /bin/sh 52 bytes ===================================== //Solaris/Sparc - LSD char shellcode= "\x20\xbf\xff\xff" / bn,a / "\x20\xbf\xff\xff" / bn,a / "\x7f\xff\xff\xff" / call /...
CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...
CVE-2002-1385
openwebmailinit in Open WebMail 1.81 and earlier allows local users to execute arbitrary code via .. dot dot sequences in a login name, such as the name provided in the sessionid parameter for openwebmail-abook.pl, which is used to find a configuration file that specifies additional code to be...
CVE-2003-0020
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences...
CVE-2003-0020
CVE-2003-0020 concerns Apache HTTP Server: the product does not filter terminal escape sequences from error logs, enabling potential insertion of escape sequences into terminal emulators vulnerable to such sequences. Connected documents show multiple related CVEs affecting different Apache branch...
Keene Digital Media Server directory traversal
Directory traversal with escape sequences...
GLSA-200405-22 : Apache 1.3: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200405-22 Apache 1.3: Multiple vulnerabilities On 64-bit big-endian platforms, modaccess does not properly parse Allow/Deny rules using IP addresses without a netmask which could result in failure to match certain IP addresses...