10 matches found
CVE-2010-0929
CVE-2010-0929 affects Perforce Server 2008.1 (p4s.exe) and is a remote denial-of-service vulnerability triggered by crafted data beginning with the byte sequence 0x4C, 0xB3, 0xFF, 0xFF, 0xFF. The Perforce service may crash a daemon when processing such input, per multiple sources. The available d...
CVE-2010-0933
The vulnerability CVE-2010-0933 affects Perforce Server 2008.1 and is a directory traversal flaw that allows remote authenticated users to create arbitrary files by supplying a .. (dot dot) sequence in the argument to the p4 add command. Core details consistently reported across sources (NVD, Red...
CVE-2008-1338
CVE-2008-1338 concerns the Perforce Server (p4s.exe) in versions 2007.3/143793 and earlier. A remote attacker can trigger a denial of service (daemon crash) by issuing a server-DiffFile command with an integer value in a certain range, which causes a loop that exhausts memory. The available sourc...
CVE-2010-0934
CVE-2010-0934 affects Perforce Server 2008.1, where the triggers functionality can be abused by remote authenticated users with super privileges to execute arbitrary operating-system commands via a p4 client invocation combined with the form-in trigger script. The Red Hat, NVD, and OpenVAS record...
CVE-2010-0931
CVE-2010-0931 affects Perforce Server 2008.1 (p4s.exe) and causes a denial of service (daemon crash) when processing crafted data, possibly involving a large sndbuf value. No explicit fixes or mitigation are provided in the documents; exploitation details are not described.
CVE-2008-1302
The CVE-2008-1302 entry affects Perforce Server 2007.3/143793 and earlier, specifically the Perforce service (p4s.exe). The vulnerability arises when handling the server-DiffFile or server-ReleaseFile commands with a large integer value, which is used in an array initialization calculation and le...
CVE-2010-0935
Perforce Server 2009.2 and earlier allows remote authenticated users to obtain super privileges via a “p4 protect” command when the protection table is empty. Root cause: empty protection table enables privilege escalation. Impact: potential full administrative access. No remediation or patch det...
CVE-2010-0930
The vulnerability CVE-2010-0930 affects Perforce Server 2008.1 (p4s.exe). A crafted data sequence containing 0xDC 0xFF 0xFF 0xFF immediately before the client protocol version number can cause a denial of service (infinite loop). Connected sources consistently describe this as a DoS caused by tha...
CVE-2008-1303
The CVE-2008-1303 issue affects the Perforce Server (p4s.exe) up to 2007.3/143793. Affected component: Perforce service commands (dm-FaultFile, dm-LazyCheck, dm-ResolvedFile, dm-OpenFile, crypto, and possibly others). Root cause: missing parameter handling triggers a NULL pointer dereference, pro...
CVE-2010-0932
The CVE-2010-0932 entry concerns Perforce Server 2008.1, where the FTP server component is vulnerable to a denial of service via a crafted MKD command that triggers a NULL pointer dereference and daemon crash. The cited Red Hat and NVD records confirm the same description and indicate the impact ...