MIT Kerberos kdcpreauth module pre-authentication security bypass vulnerability

MIT Kerberos 5 is a network authentication protocol that uses a client/server architecture and allows both the client and server side to authenticate each other. kdcpreauth is one of the interface modules. A security vulnerability exists in the plugins/preauth/otp/main.c and...

CVE-2014-5355

MIT Kerberos 5 aka krb5 through 1.13.1 incorrectly expects that a krb5readmessage data field is represented as a string ending with a '\0' character, which allows remote attackers to 1 cause a denial of service NULL pointer dereference via a zero-byte version string or 2 cause a denial of service...

DEBIAN-CVE-2014-5355

MIT Kerberos 5 aka krb5 through 1.13.1 incorrectly expects that a krb5readmessage data field is represented as a string ending with a '\0' character, which allows remote attackers to 1 cause a denial of service NULL pointer dereference via a zero-byte version string or 2 cause a denial of service...

UBUNTU-CVE-2014-5355

MIT Kerberos 5 aka krb5 through 1.13.1 incorrectly expects that a krb5readmessage data field is represented as a string ending with a '\0' character, which allows remote attackers to 1 cause a denial of service NULL pointer dereference via a zero-byte version string or 2 cause a denial of service...

CURL-CVE-2009-2417 embedded zero in cert name

SSL and TLS Server certificates contain one or more fields with server name or otherwise matching patterns. These strings are stored as content and length within the certificate, and thus there is no particular terminating character. curl's OpenSSL interfacing code did faulty assumptions about...

kernel: dell_rbu local oops

drivers/firmware/dellrbu.c in the Linux kernel before 2.6.27.13, and 2.6.28.x before 2.6.28.2, allows local users to cause a denial of service system crash via a read system call that specifies zero bytes from the 1 imagetype or 2 packetsize file in /sys/devices/platform/dellrbu/...

CVE-2008-1532

Perlbal before 1.70, when buffered upload is enabled, allows remote attackers to cause a denial of service crash via a zero-byte chunked upload...

CVE-2008-1532

Perlbal before 1.70, when buffered upload is enabled, allows remote attackers to cause a denial of service crash via a zero-byte chunked upload...

Overkill game DoS

Zero byte to game server port leads to crash...

CURL-CVE-2005-4077 URL Buffer Overflow

libcurl's URL parser function can overflow a heap based buffer in two ways, if given a too long URL. These overflows happen if you 1 - pass in a URL with no protocol like "http://" prefix, using no slash and the string is 256 bytes or longer. This leads to a single zero byte overflow of the heap...

CVE-2005-1123

Monkey daemon monkeyd before 0.9.1 allows remote attackers to cause a denial of service memory corruption via a request for a zero byte file...

GLSA-200504-14 : monkeyd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200504-14 monkeyd: Multiple vulnerabilities Tavis Ormandy of the Gentoo Linux Security Audit Team discovered a double expansion error in monkeyd, resulting in a format string vulnerability. Ciaran McCreesh of Gentoo Linux discover...

CVE-2001-1427

Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors...

CVE-2001-1415

vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes...

CVE-2005-0212

The Amp II engine as used by Gore: Ultimate Soldier 1.50 and earlier allows remote attackers to cause a denial of service infinite loop via a zero byte UDP packet...

Windows 9x/NT/2k/XP PEB method 35 bytes

Windows 9x/NT/2k/XP PEB method 35 bytes. Shellcode exploit for win32 platform /This is a 35 byte C implementation of the use of the PEB method to get the kernel32 base address on Windows. This is generic code designed to run on both Windows 9x and NT based systems. The code has been optimized to...

CVE-2001-1415

vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as device nodes...

Allaire ColdFusion Server contains vulnerability allowing templates to be overwritten by zero byte file of the same name

Overview A vulnerability exists in Allaire ColdFusion Server which allows an attacker to overwrite ColdFusion Server templates with zero byte files. Description A remotely exploitable vulnerability exists in the Allaire ColdFusion Server which could allow an attacker to overwrite ColdFusion Serve...

CVE-2001-1427

Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors...

CVE-2000-0866

Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes...