CVE-2005-3116

VERITAS NetBackup Enterprise Server's Volume Manager Daemon (vmd) contains a stack-based buffer overflow in a shared library used by vmd. A crafted packet can overflow the buffer via port 13701/tcp, potentially allowing remote code execution with SYSTEM/root privileges. Affected versions include ...

Sympa < 4.1.3 Privilege Escalation Vulnerability

The remote version of Sympa contains a vulnerability which can be exploited by malicious local user to gain escalated privileges. SPDX-FileCopyrightText: 2005 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

openssl096b, wget security update

CentOS Errata and Security Advisory CESA-2005:830 Updated wget packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. GNU Wget is a file retrieval utility that can use either the HTTP or FTP...

CVE-2005-2930

Summary: CVE-2005-2930 is a stack-based buffer overflow in chmlib’s _chm_find_in_PMGL, affecting chmlib and apps like KchmViewer. Exploitation could allow arbitrary code execution via crafted CHM files. The vulnerability is documented alongside CVE-2005-2659 and CVE-2005-3318 by Debian and Gentoo...

CVE-2005-2927

Stack-based buffer overflow in ppp in SCO Unixware 7.1.3 and 7.1.4, and possibly earlier versions, allows local users to execute arbitrary code via a long argument to the 1 prompt or 2 defprompt command...

CVE-2005-2926

Stack-based buffer overflow in 1 backupsh and 2 authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable...

CVE-2005-3269

Stack-based buffer overflow in help.cgi in the HTTP administrative interface for 1 Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, 2 Red Hat Directory Server and 3 Certificate Server before 7.1 SP1, 4 Sun ONE Directory Server 5.1 SP4 and earlier, and 5 Sun ONE Administration Serv...

CVE-2005-2469

Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C and possibly earlier versions allows local users to execute arbitrary code via a long user name in the USER command...

CVE-2005-3263

Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via an ACE archive containing a file with a long name...

CVE-2005-3252

Stack-based buffer overflow in the Back Orifice BO preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet...

CVE-2005-3252

CVE-2005-3252 affects Snort’s Back Orifice preprocessor up through version 2.4.3. The vulnerability is a stack-based buffer overflow in the UDP handling of the BO preprocessor, enabling remote code execution. Publicized in multiple advisories and evidenced by exploit/module entries (Metasploit an...

CVE-2005-3252

Stack-based buffer overflow in the Back Orifice BO preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet...

CVE-2005-3120

Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape ESC characters...

CVE-2005-2943

CVE-2005-2943 describes a stack-based buffer overflow in xmail’s sendmail component prior to version 1.22, which could allow an attacker to execute arbitrary code via the -t option. Public advisories (Debian DSA-902-1, Gentoo GLSA 200512-05, SUSE SUSECVE) note a fix in xmail 1.21/1.22 series and ...

Debian DSA-831-1 : mysql-dfsg - buffer overflow

A stack-based buffer overflow in the initsyms function of MySQL, a popular database, has been discovered that allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long functionname field. The ability to create user-defined functions is not...

Debian DSA-833-2 : mysql-dfsg-4.1 - buffer overflow

This update only covers binary packages for the big endian MIPS architecture that was mysteriously forgotten in the earlier update. For completeness below is the original advisory text : A stack-based buffer overflow in the initsyms function of MySQL, a popular database, has been discovered that...

CVE-2005-3033

Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP GET request...

CVE-2005-3033

Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP GET request...

CVE-2005-3029

Stack-based buffer overflow in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to execute arbitrary code via a long filname in an ACE archive...

CVE-2005-2856

Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including 1 ALZip 5.51 through 6.11, 2 Servant Salamander 2.0 and 2.5 Beta 1, 3 WinHKI 1.66 and 1.67, 4 ExtractNow 3.x, 5 Total Commander 6.53, 6 Anti-Trojan 5.5.421,...