Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories

Security Advisories

Here you'll find the latest security advisories from various Vendors.
Page: 12... 896 897 898 899 900 901 902 903 out of 903

Thttpd viewing of arbitrary files | SA-00:73 | November 20, 2000
The thttpd port, versions prior to 2.20, allows remote viewing of arbitrary files on the local server. The 'ssi' cgi script does not correctly restrict URL-encoded requests containing ".." in the p

Curl buffer overflow | SA-00:72 | November 20, 2000
The curl port, versions prior to 7.4.1, allows a client-side exploit through a buffer overflow in the error handling code. A malicious ftp server operator can cause arbitrary code to be executed by

Mgetty denial of service | SA-00:71 | November 20, 2000
The mgetty port, versions prior to 1.1.22.8.17, contains a vulnerability that may allow local users to create or overwrite any file on the system. This is due to the faxrunqd daemon (which usually r

ppp incorrectly denies incoming packets | SA-00:70 | November 14, 2000
However the behaviour of the ppp code was changed in the 4.x and 3.x branches prior to the release of FreeBSD 4.1 and 3.5 (on 2000-06-05 and 2000-06-03 respectively) to allow passing of packets whic

Telnetd remote system resource consumption | SA-00:69 | November 14, 2000
The telnet protocol allows for UNIX environment variables to be passed from the client to the user login session on the server. However, some of these environment variables have special meaning to th

Ncurses local privilege escalation | SA-00:68 | November 13, 2000
There exists an overflowable buffer in the libncurses library in the processing of cursor movement capabilities. An attacker can force a privileged application to use the attacker's termcap file con

Gnupg fails to correctly verify signatures | SA-00:67 | November 10, 2000
Versions of gnupg prior to 1.04 fail to correctly verify multiple signatures contained in a single document. Only the first signature encountered is actually verified, meaning that other data with i

Client vulnerability in Netscape | SA-00:66 | November 06, 2000
Versions of netscape prior to 4.76 allow a client-side exploit through a buffer overflow in html code. A malicious website operator can cause arbitrary code to be executed by the user running the nets

Xfce local X session compromise | SA-00:65 | November 06, 2000
Versions of xfce prior to 3.52 contain a startup script which incorrectly allows access to the X display to all other users on the local system. Such users are able to monitor and control the conten

Global port CGI script remote compromise | SA-00:64 | November 06, 2000
The global port, versions 3.5 through to 3.55, contains a vulnerability in the CGI script generated by the htags utility which allows a remote attacker to execute code on the local system as the use

Getnameinfo remote denial of service | SA-00:63 | November 01, 2000
An off-by-one error exists in the processing of DNS hostnames which allows a long DNS hostname to crash the getnameinfo() function when an address resolution of the hostname is performed (e.g. in resp

Top format string vulnerability | SA-00:62 | November 01, 2000
A "format string vulnerability" was discovered in the top(1) utility which allows unprivileged local users to cause the top process to execute arbitrary code. The top utility runs with increased p

Tcpdump buffer overflows | SA-00:61 | October 31, 2000
Several overflowable buffers were discovered in the version of tcpdump included in FreeBSD, during internal source code auditing. Some simply allow the remote attacker to crash the local tcpdump proce

Boa web server arbitrary file access/execution | SA-00:60 | October 30, 2000
The vulnerability is that boa does not correctly restrict URL-encoded requests containing ".." in the path.

Chpass family format string vulnerability | SA-00:58 | October 30, 2000
A "format string vulnerability" was discovered in code used by the vipw utility during an internal FreeBSD code audit in July 2000. The vipw utility does not run with increased privileges and so it

Pine4 periodic checking buffer overflow | SA-00:59 | October 30, 2000
The pine4 port, versions 4.21 and before, contains a buffer overflow vulnerability which allows a remote user to execute arbitrary code on the local client by the sending of a special-crafted email me

SNMP Username and Password Retrieval | A102600-1 | October 26, 2000
This advisory describes a vulnerability that exists in Cisco Systems' Virtual Central Office 4000 (VCO/4K). The VCO/4K is a programmable switch that provides numerous telephony capabilities including

Muh IRC bouncer remote vulnerability | SA-00:57 | October 13, 2000
This is accomplished by sending a carefully crafted exploit string containing string format operators to a user using muh but who is not connected. When the user reconnects and executes '/muh read',

LPRng root compromise | SA-00:56 | October 13, 2000
The vulnerability is due to incorrect usage of the syslog(3) function. Local and remote users can send string-formatting operators to the printer daemon to corrupt the daemon's execution, potentially

Xpdf contains multiple vulnerabilities | SA-00:55 | October 13, 2000
The xpdf port, versions prior to 0.91, contains a race condition due to improper handing of temporary files that may allow a local user to overwrite arbitrary files owned by the user running xpdf.

Fingerd remote reading of filesystem | SA-00:54 | October 13, 2000
Shortly before the release of FreeBSD 4.1.1, code was added to finger(1) intended to allow the utility to send the contents of administrator-specified files in response to a finger request. However t

All-Mail buffer overrun vulnerability | a101200-2 | October 12, 2000
Nevis System's All-Mail (http://www.n-systems.com/) is a personal and small office mail server written for the Windows platform. There are various buffer overrun vulnerabilities in this server that c

PHP3/PHP4 Logging Format String Vulnerability | a101200-1 | October 10, 2000
PHP versions 3 and 4 are vulnerabled to format string attacks in their logging functions. This can lead to remote takeover of PHP enabled webservers that have logging enabled.

TCP uses weak initial sequence numbers | SA-00:52 | October 06, 2000
It has long been known that an attacker who can guess the initial sequence number which a system will use for the next incoming TCP connection can spoof a TCP connection handshake coming from a machi

Unauthorized "Directory Listings" under IIS 5.0 | a100400-1 | October 04, 2000
Microsoft's Internet Information Server 5.0 is WebDAV (RFC 2518) enabled. As part of the extra functionality provided by the WebDAV components. Microsoft has introduced the SEARCH request method to

Page: 12... 896 897 898 899 900 901 902 903 out of 903

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »