Lucene search
K

255 matches found

OSV
OSV
added 2005/12/07 8:0 a.m.5 views

CURL-CVE-2005-4077 URL Buffer Overflow

libcurl's URL parser function can overflow a heap based buffer in two ways, if given a too long URL. These overflows happen if you 1 - pass in a URL with no protocol like "http://" prefix, using no slash and the string is 256 bytes or longer. This leads to a single zero byte overflow of the heap...

4.6CVSS6.5AI score0.00516EPSS
Exploits0
curl security advisories
curl security advisories
added 2005/12/07 8:0 a.m.6 views

URL Buffer Overflow

libcurl's URL parser function can overflow a heap based buffer in two ways, if given a too long URL. These overflows happen if you 1 - pass in a URL with no protocol like "http://" prefix, using no slash and the string is 256 bytes or longer. This leads to a single zero byte overflow of the heap...

4.6CVSS5.5AI score0.00516EPSS
Exploits0Affected Software2
NVD
NVD
added 2005/05/02 4:0 a.m.24 views

CVE-2005-1123

Monkey daemon monkeyd before 0.9.1 allows remote attackers to cause a denial of service memory corruption via a request for a zero byte file...

5CVSS6.5AI score0.01591EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2005/04/16 12:0 a.m.26 views

GLSA-200504-14 : monkeyd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200504-14 monkeyd: Multiple vulnerabilities Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discover...

7.5CVSS6.1AI score0.02688EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/03/22 5:0 a.m.21 views

CVE-2001-1427

Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors...

6.6AI score0.01913EPSS
Exploits0References4
Cvelist
Cvelist
added 2005/03/18 5:0 a.m.27 views

CVE-2001-1415

vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes...

6.4AI score0.00312EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/02/06 5:0 a.m.15 views

CVE-2005-0212

The Amp II engine as used by Gore: Ultimate Soldier 1.50 and earlier allows remote attackers to cause a denial of service infinite loop via a zero byte UDP packet...

6.6AI score0.01699EPSS
Exploits1References5
Exploit DB
Exploit DB
added 2005/01/09 12:0 a.m.34 views

Windows 9x/NT/2k/XP PEB method 35 bytes

Windows 9x/NT/2k/XP PEB method 35 bytes. Shellcode exploit for win32 platform /This is a 35 byte C implementation of the use of the PEB method to get the kernel32 base address on Windows. This is generic code designed to run on both Windows 9x and NT based systems. The code has been optimized to...

Exploits0
NVD
NVD
added 2001/11/13 5:0 a.m.24 views

CVE-2001-1415

vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes...

4.6CVSS6.4AI score0.00312EPSS
Exploits0References3
CERT
CERT
added 2001/08/03 12:0 a.m.19 views

Allaire ColdFusion Server contains vulnerability allowing templates to be overwritten by zero byte file of the same name

Overview A vulnerability exists in Allaire ColdFusion Server which allows an attacker to overwrite ColdFusion Server templates with zero byte files. Description A remotely exploitable vulnerability exists in the Allaire ColdFusion Server which could allow an attacker to overwrite ColdFusion Serve...

6.8AI score
Exploits0References2
NVD
NVD
added 2001/07/11 4:0 a.m.21 views

CVE-2001-1427

Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors...

7.5CVSS6.6AI score0.01913EPSS
Exploits0References4
Cvelist
Cvelist
added 2000/10/18 4:0 a.m.23 views

CVE-2000-0866

Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes...

6.5AI score0.00409EPSS
Exploits0References3
securityvulns
securityvulns
added 2000/10/16 12:0 a.m.24 views

Дырка в Anaconda Foundation Directory

Ошибка "нулевого байта" позволяет обратиться к любому локальному файлу...

1AI score
Exploits0References1
securityvulns
securityvulns
added 2000/09/08 12:0 a.m.26 views

SEGFAULTING Interbase 6 SS Linux

Hi Doodz, while doing some coding i found out a serious bug in Interbase 6 SuperServer for Linux final Version. If you hand a server a query with 0 bytes, it will say goodbye with a nice SEGFAULT. My test-environment is: SuSE Linux 6.4, Kernel 2.2.14, IB6SS. regards, mephisto/pandora...

2.2AI score
Exploits0
Exploit DB
Exploit DB
added 2000/02/08 12:0 a.m.44 views

Zeus Web Server 3.x - Null Terminated Strings

source: https://www.securityfocus.com/bid/977/info Appending "%00" to the end of a CGI script filename will permit a remote client to view full contents of the script if the CGI module option "allow CGIs anywhere" is enabled. Scripts located in directories which are designated as executable eg...

7AI score
Exploits0
Rows per page
Query Builder