255 matches found
CURL-CVE-2005-4077 URL Buffer Overflow
libcurl's URL parser function can overflow a heap based buffer in two ways, if given a too long URL. These overflows happen if you 1 - pass in a URL with no protocol like "http://" prefix, using no slash and the string is 256 bytes or longer. This leads to a single zero byte overflow of the heap...
URL Buffer Overflow
libcurl's URL parser function can overflow a heap based buffer in two ways, if given a too long URL. These overflows happen if you 1 - pass in a URL with no protocol like "http://" prefix, using no slash and the string is 256 bytes or longer. This leads to a single zero byte overflow of the heap...
CVE-2005-1123
Monkey daemon monkeyd before 0.9.1 allows remote attackers to cause a denial of service memory corruption via a request for a zero byte file...
GLSA-200504-14 : monkeyd: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200504-14 monkeyd: Multiple vulnerabilities Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discover...
CVE-2001-1427
Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors...
CVE-2001-1415
vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes...
CVE-2005-0212
The Amp II engine as used by Gore: Ultimate Soldier 1.50 and earlier allows remote attackers to cause a denial of service infinite loop via a zero byte UDP packet...
Windows 9x/NT/2k/XP PEB method 35 bytes
Windows 9x/NT/2k/XP PEB method 35 bytes. Shellcode exploit for win32 platform /This is a 35 byte C implementation of the use of the PEB method to get the kernel32 base address on Windows. This is generic code designed to run on both Windows 9x and NT based systems. The code has been optimized to...
CVE-2001-1415
vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes...
Allaire ColdFusion Server contains vulnerability allowing templates to be overwritten by zero byte file of the same name
Overview A vulnerability exists in Allaire ColdFusion Server which allows an attacker to overwrite ColdFusion Server templates with zero byte files. Description A remotely exploitable vulnerability exists in the Allaire ColdFusion Server which could allow an attacker to overwrite ColdFusion Serve...
CVE-2001-1427
Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors...
CVE-2000-0866
Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes...
Дырка в Anaconda Foundation Directory
Ошибка "нулевого байта" позволяет обратиться к любому локальному файлу...
SEGFAULTING Interbase 6 SS Linux
Hi Doodz, while doing some coding i found out a serious bug in Interbase 6 SuperServer for Linux final Version. If you hand a server a query with 0 bytes, it will say goodbye with a nice SEGFAULT. My test-environment is: SuSE Linux 6.4, Kernel 2.2.14, IB6SS. regards, mephisto/pandora...
Zeus Web Server 3.x - Null Terminated Strings
source: https://www.securityfocus.com/bid/977/info Appending "%00" to the end of a CGI script filename will permit a remote client to view full contents of the script if the CGI module option "allow CGIs anywhere" is enabled. Scripts located in directories which are designated as executable eg...