elm -- remote buffer overflow in Expires header

Ulf Harnhammar has discovered a remotely exploitable buffer overflow in Elm e-mail client when parsing the Expires header of an e-mail message: The attacker only needs to send the victim an e-mail message. When the victim with that message in his or her inbox starts Elm or simply views the inbox ...

security flaw

Stack-based buffer overflow in shar in GNU sharutils 4.2.1 allows local users to execute arbitrary code via a long -o command line argument...

CVE-2005-0162

Stack-based buffer overflow in the getinternaladdresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code...

CVE-2004-1317

Stack-based buffer overflow in doexec.c in Netcat for Windows 1.1, when running with the -e option, allows remote attackers to execute arbitrary code via a long DNS command...

iDEFENSE Security Advisory 12.16.04: Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability

Veritas Backup Exec Agent Browser Registration Request Buffer Overflow Vulnerability iDEFENSE Security Advisory 12.16.04 http://www.idefense.com/application/poi/display?id=169 December 16, 2004 I. BACKGROUND Backup Exec is a next generation backup and restore solution for Microsoft Windows server...

Convex 3D 0.8 - Buffer Overflow

Convex 3D 0.8 - Buffer Overflow source: https://www.securityfocus.com/bid/11995/info It is reported that Convex 3D is susceptible to a stack-based buffer overflow vulnerability. This issue is due to a failure of the application to properly check the bounds of user-supplied image data prior to...

gdk-pixbuf -- image decoding vulnerabilities

Chris Evans discovered several flaws in the gdk-pixbuf XPM image decoder: Heap-based overflow in pixbufcreatefromxpm Stack-based overflow in xpmextractcolor Integer overflows in io-ico.c Some of these flaws are believed to be exploitable...

CVE-2004-0488

Stack-based buffer overflow in the sslutiluuencodebinary function in sslutil.c for Apache modssl, when modssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subject DN...

proxyNow2x.txt

ProxyNow! 2.x Multiple Overflow Vulnerabilities Credit: Author : Peter Winter-Smith Software: Package : ProxyNow! Versions : 2.75 and below Vendor : InternetNow! Vendor Url : http://www.internetnow.com.my/ Vulnerability: Bug Type : Multiple Buffer Overflows + Heap Memory Corruption + Stack-based...

CVE-2003-1023

Stack-based buffer overflow in vfssresolvesymlink of vfs/direntry.c for Midnight Commander mc 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion...

CVE-2003-0968

Stack-based buffer overflow in SMBLogonServer of the rlmsmb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute...

BrowseFTP Client 1.62 - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/3781/info BrowseFTP is an ftp client that runs on various Microsoft Windows operating systems. An issue has been reported which could allow for a malicious ftp server to execute arbitrary code on a BrowseFTP client user. This is acheivable when a BrowseFT...

winamp.win98.txt

Author: Steve Fewer, [email protected] http://indigo.ie/lmf Introduction: I recently uncovered a stack based buffer overflow in winamp version 2.10 which lets me execute 'arbitrary code'. It is=20 carried out through .pls files which winamp uses for playlists.=20 This is unnerving as it is a...

University of Washington pop2d 4.4 - Remote Buffer Overflow

// source: https://www.securityfocus.com/bid/283/info A buffer overflow vulnerability in pop2d version 4.4 or earlier allow malicious remote users to obtain access to the "nobody" user account. The pop2 and pop3 servers support the concept of an "anonymous proxy", whereby a remote user connecting...