39 matches found
CVE-2017-1000410
The Linux kernel version 3.3-rc1 and later is affected by a vulnerability lies in the processing of incoming L2CAP commands - ConfigRequest, and ConfigResponse messages. This info leak is a result of uninitialized stack variables that may be returned to an attacker in their uninitialized state. B...
Oracle OTRCREP Oracle 8/9 Home Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3139/info Oracle is an Enterprise level SQL database, supporting numerous features and options. It is distributed and maintained by Oracle Corporation. A buffer overflow has been discovered in the handling of $ORACLEHOME ...
Solaris 2.6/7.0 DTMail Mail Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3081/info dtmail is an application included with the Common Desktop Environment, one of the X Window Managers included with Solaris. A buffer overflow in dtmail makes it possible for a local user to gain elevated...
Apple QuickTime 5.0 Content-Type Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/4064/info Apple QuickTime is a freely available media player. It runs on a number of platforms including MacOS and Windows 9x/ME/NT/2000/XP operating systems. Apple QuickTime For Windows does not perform sufficient bounds...
IBM AIX 4.x setsenv Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2032/info AIX is a version of the UNIX Operating System distributed by IBM. A problem exists that could allow a user elevated priviledges. The problem occurs in the setsenv binary. It has been reported that a buffer...
IMLib2 Home Environment Variable Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3868/info Imlib2 is a freely available, open source graphics library available for the Linux and Unix operating systems. It is maintained by Michael Jennings. Imlib2 is installed on many operating systems and linked with...
Passlog Daemon 0.1 SL_Parse Remote Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/7261/info It has been reported that passlogd does not properly handle some types of input. Because of this, an attacker may be able to gain unauthorized access to hosts running the vulnerable software. / Title: Remote...
Ipswitch WS_FTP Server 1.0.x/2.0.x 'STAT' Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3507/info WSFTP Server, a popular FTP server for Microsoft Windows platforms, is vulnerable to a buffer overflow condition when a user submits a specially crafted legitimate FTP command. WSFTP Server by default runs as a...
Century Software Term For Linux 6.27.869 Command Line Buffer Overflow
No description provided by source. source: http://www.securityfocus.com/bid/4174/info Term is a commercially available software package for Unix and Linux operating systems. It is distributed and maintained by Century Software. Under some circumstances, it may be possible for a local user to...
Solaris 2.5/2.6/7.0/8 mailx -F Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/2610/info Solaris is the variant of the UNIX Operating System distributed by Sun Microsystems. Solaris is designed as a scalable operating system for the Intel x86 and Sun Sparc platforms, and operates on machines varying...
ssldump 0.9 b1 Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2096/info ssldump is a traffic analyzer for monitoring network traffic in real time. It is written and maintained by Eric Rescorla. A problem exists which could allow the arbitrary execution of code. The problem exists in...
MIT PGP Public Key Server 0.9.2/0.9.4 Search String Remote Buffer Overflow
No description provided by source. source: http://www.securityfocus.com/bid/4828/info The PGP Public Key Server is a freely available, open source software package distributed by MIT. It is designed for use on Linux and Unix operating systems. The PGP Public Key Server does not properly handle lo...
Debian GNU/Linux 3.1 top Format String Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1895/info top is a program used to display system usage statistics in real time written by GoupSys Consulting but shipped by default as a core component with many operating systems. On BSD systems, top is installed setgid...
Real Networks RealJukebox 1.0.2/RealOne 6.0.10 Player Gold Skinfile Buffer Overflow
No description provided by source. source: http://www.securityfocus.com/bid/5217/info Real Software has announced a vulnerability in RealJukebox2 and Real Player Gold. A buffer overflow condition exists due to insufficient bounds checking of fields in skinfiles. There is an unchecked buffer for t...
[Full-disclosure] Mercur SP4 IMAPD
The attached exploits several signedness bugs in the NTLM implementation of Mercur IMAPD www.atrium-software.com to give the attacker complete control over a memcpy to a stack variable... non-authenticated In this case, memcpybuf, src+a, b with 'a', and 'b' being user controlled and buf 7208 byte...
GLSA-200607-11 : TunePimp: Buffer overflow
The remote host is affected by the vulnerability described in GLSA-200607-11 TunePimp: Buffer overflow Kevin Kofler has reported a vulnerability where three stack variables are allocated with 255, 255 and 100 bytes respectively, yet 256 bytes are read into each. This could lead to buffer overflow...
TunePimp: Buffer overflow
Background The TunePimp library also referred to as libtunepimp is a development library geared towards developers who wish to create MusicBrainz enabled tagging applications. Description Kevin Kofler has reported a vulnerability where three stack variables are allocated with 255, 255 and 100 byt...
Matu FTP 1.74 - Client Buffer Overflow
source: https://www.securityfocus.com/bid/4572/info An issue has been reported which could allow for a malicious ftp server to execute arbitrary code on a Matu FTP client. If,upon user connection, a FTP server '220' response is of excessive length, a stack-based overflow condition could occur. Th...
BitchX IRC Client 1.0 c17 - DNS Buffer Overflow
BitchX IRC Client 1.0 c17 - DNS Buffer Overflow // source: https://www.securityfocus.com/bid/2087/info BitchX is a popular Internet Relay Chat client, written by Colten Edwards. A problem exists which could potentially allow a user to access restricted resources. The problem occurs in the DNS...