7175 matches found
SCO Unixware 2.1/7.0/7.0.1/7.1/7.1.1 - su(1) Buffer Overflow
// source: https://www.securityfocus.com/bid/826/info Certain versions of Unixware ship with a version of su1 which is vulnerable to a buffer overflow attack. This attack is possible because su1 fails to sanity check user supplied data, in this instance a username supplied on the command line...
CVE-1999-0612
CVE-1999-0612 affects the finger service. The finger daemon exposes valid user information to any entity on the network, enabling information disclosure. Affected: finger on UNIX-like systems vulnerable in versions older than the patched release (e.g.,
ffingerd.txt
Date: Fri, 23 Apr 1999 19:26:13 +0300 From: Eilon Gishri To: [email protected] Subject: Ffingerd privacy issues Hi, I found a couple of bugs in ffingerd 1.19 which are related to privacy. Here goes: The permission on root's home directory are now 700 /home/root. ----- aristo/cc/eilonfinger...
ms-frame-spoof.txt
From: Microsoft Product Security Notification Service mailto:[email protected] On Behalf Of Microsoft Product Security Sent: Wednesday, December 23, 1998 9:51 AM To: [email protected] Subject: Microsoft Security Bulletin MS98-020 The following is a...
netscape4.5-nsform.tmp.txt
02-FEB-99 - http://www.skylab.org/netscape/index.html Yet another browser bug was found late last week. This time in Netscape's Communicator 4.5. The problem appears with the way Netscape handles forms. In many cases, the browser will store data entered on a FORM in C:\WINDOWS\TEMP in a NSFORM.TM...
promail.1.21.trojan.txt
Date: Fri, 19 Mar 1999 09:41:18 +0100 From: Aeon Labs To: [email protected] Subject: security/privacy news Perhaps this might be of interest to Your readers. ProMail v1.21, an advanced freeware mail program spread through several worldwide distribution networks SimTel.net, Shareware.co...
msie.5.autocomplete.txt
http://abcnews.go.com/sections/tech/DailyNews/iehole990315.html New Web Browser Feature May Put Private Info At Risk Internet Explorer 5.0 users might be vulnerable to hackers if they enter credit cards and other information using the browser's AutoComplete feature. A.Shepherd/ABCNEWS.com By...
favicon.ico.search.txt
Date: Fri, 16 Apr 1999 22:11:22 -0700 From: "Robert David Graham" Subject: favicon.ico In case you haven't heard, Microsoft has a new feature in IE 5.0 web browser. When you add a website to you "Favorites" aka. Bookmarks for you Netscape users, the browser attempts to download a graphic called...
hotmail.passwd.trap.txt
Date: Fri, 23 Apr 1999 13:55:24 -0500 From: David L. Nicol To: [email protected] Subject: javascript hotmail password trap Hello, I was informed this morning that a free form data mailer I maintain http://www.tipjar.com/generic.html was being involved in a javascript-based hotmail password...
msie.fixes.4.99.txt
Date: Wed, 21 Apr 1999 18:13:39 -0700 From: [email protected] To: [email protected] Subject: Microsoft Security Bulletin MS99-011 The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an...
PT-1997-1166 · Unknown · Rwho/Rwhod
Name of the Vulnerable Software and Affected Versions: rwho/rwhod affected versions not specified Description: The issue concerns the rwho/rwhod service, which is running and exposes machine status and user information. Recommendations: At the moment, there is no information about a newer version...
Elm 2.3/2.4 - TERM Environment Variable Local Buffer Overrun
source: https://www.securityfocus.com/bid/8030/info A buffer overrun has been discovered in Elm. The problem occurs due to insufficient bounds checking performed before copying user-supplied data into an internal memory buffer. Specifically, a TERM environment variable containing excessive data...
AZL-6422 CVE-1999-0612 affecting package finger for versions less than 0.17-4
A version of finger is running that exposes valid user information to any entity on the network...
CVE-1999-1099
Kerberos 4 allows remote attackers to obtain sensitive information via a malformed UDP packet that generates an error string that inadvertently includes the realm name and the last user...
John S.2 Roberts AnyForm 1.02.0 - CGI Semicolon
John S.2 Roberts AnyForm 1.02.0 - CGI Semicolon source: https://www.securityfocus.com/bid/719/info AnyForm is a popular form CGI designed to support simple forms that deliver responses via email. Certain versions of AnyForm did not perform user supplied data sanity checking and could be exploited...
John S.2 Roberts AnyForm 1.0/2.0 - CGI Semicolon
source: https://www.securityfocus.com/bid/719/info AnyForm is a popular form CGI designed to support simple forms that deliver responses via email. Certain versions of AnyForm did not perform user supplied data sanity checking and could be exploited by remote intruders to execute arbitrary...
CVE-2024-2396
...
CVE-2025-47864
...
CVE-2024-4625
...
CVE-2010-0061
...