CVE-2005-3269

Stack-based buffer overflow in help.cgi in the HTTP administrative interface for 1 Sun Java System Directory Server 5.2 2003Q4, 2004Q2, and 2005Q1, 2 Red Hat Directory Server and 3 Certificate Server before 7.1 SP1, 4 Sun ONE Directory Server 5.1 SP4 and earlier, and 5 Sun ONE Administration Serv...

CVE-2005-2469

Stack-based buffer overflow in the NMAP Agent for Novell NetMail 3.52C and possibly earlier versions allows local users to execute arbitrary code via a long user name in the USER command...

CVE-2005-3263

Stack-based buffer overflow in UNACEV2.DLL for RARLAB WinRAR 2.90 through 3.50 allows remote attackers to execute arbitrary code via an ACE archive containing a file with a long name...

CVE-2005-3252

Stack-based buffer overflow in the Back Orifice BO preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet...

CVE-2005-3252

CVE-2005-3252 affects Snort’s Back Orifice preprocessor up through version 2.4.3. The vulnerability is a stack-based buffer overflow in the UDP handling of the BO preprocessor, enabling remote code execution. Publicized in multiple advisories and evidenced by exploit/module entries (Metasploit an...

CVE-2005-3252

Stack-based buffer overflow in the Back Orifice BO preprocessor for Snort before 2.4.3 allows remote attackers to execute arbitrary code via a crafted UDP packet...

CVE-2005-3120

Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape ESC characters...

CVE-2005-2943

CVE-2005-2943 describes a stack-based buffer overflow in xmail’s sendmail component prior to version 1.22, which could allow an attacker to execute arbitrary code via the -t option. Public advisories (Debian DSA-902-1, Gentoo GLSA 200512-05, SUSE SUSECVE) note a fix in xmail 1.21/1.22 series and ...

Debian DSA-831-1 : mysql-dfsg - buffer overflow

A stack-based buffer overflow in the initsyms function of MySQL, a popular database, has been discovered that allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long functionname field. The ability to create user-defined functions is not...

Debian DSA-833-2 : mysql-dfsg-4.1 - buffer overflow

This update only covers binary packages for the big endian MIPS architecture that was mysteriously forgotten in the earlier update. For completeness below is the original advisory text : A stack-based buffer overflow in the initsyms function of MySQL, a popular database, has been discovered that...

CVE-2005-3033

Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP GET request...

CVE-2005-3033

Stack-based buffer overflow in vxWeb 1.1.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a long HTTP GET request...

CVE-2005-3029

Stack-based buffer overflow in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to execute arbitrary code via a long filname in an ACE archive...

CVE-2005-2856

Stack-based buffer overflow in the WinACE UNACEV2.DLL third-party compression utility before 2.6.0.0, as used in multiple products including 1 ALZip 5.51 through 6.11, 2 Servant Salamander 2.0 and 2.5 Beta 1, 3 WinHKI 1.66 and 1.67, 4 ExtractNow 3.x, 5 Total Commander 6.53, 6 Anti-Trojan 5.5.421,...

CVE-2005-2856

CVE-2005-2856 describes a stack-based buffer overflow in the WinACE UNACEV2.DLL used by many products (e.g., ALZip, Total Commander, IZArc, BitZipper, UltimateZip, etc.). The flaw occurs when extracting an ACE archive with an overly long filename, allowing user-assisted attackers to execute arbit...

CVE-2005-2810

Urban (software) before version 1.5.3 contains multiple stack-based buffer overflows exploitable by a long HOME environment variable, enabling local users to escalate privileges through (1) config.cc, (2) game.cc, (3) highscor.cc, or (4) meny.cc. Root cause: improper handling of environment data ...

CVE-2005-2558

Stack-based buffer overflow in the initsyms function in MySQL 4.0 before 4.0.25, 4.1 before 4.1.13, and 5.0 before 5.0.7-beta allows remote authenticated users who can create user-defined functions to execute arbitrary code via a long functionname field...

CVE-2005-1983

Stack-based buffer overflow in the Plug and Play PnP service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob aka Mytob worm...

CVE-2005-1272

Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port 1 6070 or 2 6050...

CVE-2005-1272

Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote attackers to execute arbitrary code via a long string sent to port 1 6070 or 2 6050...