ISC Bind 4 nslookupComplain() Buffer Overflow Vulnerability

Description BIND is a server program that implements the domain name service protocol. It is in extremely wide use on the Internet, in use by most of the DNS servers. Version 4 of BIND contains a stack overflow that may be exploitable to remote attackers. The vulnerability is due to unsafe use of...

Netscape Enterprise Server DoS Vulnerability

Description A specially crafted GET request composed of approx 1344 '../', will cause Netscape Enterprise Server to stop responding. A restart of the server service is required in order to gain normal functionality. Technologies Affected Netscape Enterprise Server 4.1.0 SP5 Currently the...

GoodTech FTP Server Denial of Service

Description GoodTech FTP Server is subject to a denial of service. If an attacker successfully makes an unusually large number of connections, the server will crash. Technologies Affected GoodTech FTP Server 95/98 3.0.1 GoodTech FTP Server NT/2000 3.0.1 GoodTech has addressed this issue in a new...

AIX digest Buffer Overflow Vulnerability

...

AIX setsenv Buffer Overflow Vulnerability

...

Winsock FTPd Directory Transversal Vulnerability

Description Winsock FTPd is a popular FTP server from Texas Imperial Software. A vulnerability exists in Winsock FTPd that could allow an unauthorized user to browse the root directory of the drive where Winsock FTPd has been installed. During install, Winsock FTPd allows the administrator to...

Lotus Notes Client R5 File Existence Verification Vulnerability

Description Lotus Notes Client R5 is a messaging and collaboration tool that contains a built in web browser. The web browser implements a Java Virtual Machine VM designed specifically for Lotus Notes. A security vulnerability exists in the Execution Control List ECL feature within the Java VM th...

Quikstore File Disclosure Vulnerability

...

Joe Text Editor DEADJOE Symbolic Link Vulnerability

...

Kenny Carruthers Postmaster 1.0 Buffer Overflow Vulnerability

Description Postmaster is a GUI based email client for the BeOS platform. In the event that Postmaster receives an email containing a URL consisting of over 512 bytes, the application will crash when attempting to create a link within the body of the message. Postmaster will continue to crash upo...

McAfee VirusScan 4.5 Unquoted ImagePath Vulnerability

Description The default installation of McAfee VirusScan excludes quotes around the image path eg. ImagePath=C:\Program Files\Common Files\Network Associates\McShield\McShield.exe. Therefore, if a malicious user were to insert a hostile VB executable file named common.exe in C:\Program Files, it...

Microsoft Windows 9x / Me Share Level Password Bypass Vulnerability

Description Share level password protection for the File and Print Sharing service in Windows 95/98/ME can be bypassed. Share level access provides peer to peer networking capabilities in the Windows 9x/ME environment. It depends on password protection in order to grant or deny access to resource...

Microsoft Windows 9x / Me IPX NMPI Packet DoS Vulnerability

Description If NWLink which enables Microsoft Windows to interoperate with Novell stations is enabled on a Windows 9x or ME system, it is possible to create broadcast storms which could severely impede upon network operations or cause certain targeted machines to fail. IPX/SPX Internetworked Pack...

Microsoft WebTV DoS Vulnerability

Description If a remote user sends a UDP packet to any port in the 22701 - 22705 range to a system running WebTV for Windows, the system may crash entirely or at the least the program will stop responding. As well, sending a UDP packet to port 22703 specifically has been known to cause automatic...

iCat Carbo Server File Disclosure Vulnerability

Description iCat Electronic Commerce Suite is an application which enables a user to create and manage web based catalogues. A remote user may retrieve known files on a target system running iCat Electronic Commerce Suite. The Carbo Server component of the Electronic Commerce Suite does not...

OReilly WebSite 1.x/2.0 win-c-sample.exe Buffer Overflow Vulnerability

Description O'Reilly WebSite Pro is a Windows 95/NT Web Server package. Versions 2.0 and below contained a vulnerable sample script, win-c-sample.exe, placed by default in /cgi-shl/ off the web root directory. This program is vulnerable to a buffer overflow, allowing for execution of arbitrary...

Sendmail IDENT Remote root Vulnerability

Description A vulnerability in the IDENT function of sendmail 8.6.9 allows attackers to obtain remote root access. Very little other information on this vulnerability is currently available; this is an old vulnerability. Technologies Affected Eric Allman Sendmail 8.6.9 Upgrade to at least version...