(Description Provided by CVE) : Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response Center Predictive systems.
(Description Provided by CVE) : dumpreg in Red Hat Linux 5.1 opens /dev/mem with O_RDWR access, which allows local users to cause a denial of service (crash) by redirecting fd 1 (stdout) to the kernel.
(Description Provided by CVE) : Eudora and Eudora Light before 3.05 allows remote attackers to cause a crash and corrupt the user's mailbox via an e-mail message with certain dates, such as (1) dates before 1970, which cause a Divide By Zero error, or (2) dates that are 100 years after the current date, which causes a segmentation fault.
A remote overflow exists in several mail user agents (MUAs). The MUAs fail to properly cope with tags that identify an attachment, resulting in a buffer overflow. With a specially crafted e-mail, an attacker can potentially execute arbitrary code resulting in a loss of confidentiality and/or integrity.
Exchange contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends an invalid very long address, or specific sequences of AUTH and XAUTH commands, and will result in loss of availability for the service.
Exchange contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker connects to the NNTP port and issues a specific sequence of AUTHINFO commands, and will result in loss of availability for the service.
Microsoft Exchange contains a flaw that may allow a remote attacker to cause a denial of service. The issue is due to the Internet Mail Service (IMS) not properly sanitizing user-supplied input. By passing overly long data to the AUTH or AUTHINFO commands, an attacker can trigger a buffer overflow and crash the service.
(Description Provided by CVE) : Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information.
IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user tricks ioconfig, which does not use absolute paths in its system calls, into running arbitrary programs. This flaw may lead to a loss of integrity.
IRIX contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user tricks the disk_bandwidth program into running a malicious binary or a malicious script, due to its failure to use an absolute path in a system function call. This flaw may lead to a loss of integrity.
(Description Provided by CVE) : NBase switches NH208 and NH215 run a TFTP server which allows remote attackers to send software updates to modify the switch or cause a denial of service (crash) by guessing the target filenames, which have default names.
A remote overflow exists in the University of Washington IMAP server. The IMAP server fails to validate the argument passed to the AUTHENTICATE command resulting in a stack overflow. With a specially crafted request, an attacker can gain remote root privileges resulting in a loss of integrity.
(Description Provided by CVE) : Power management (Powermanagement) on Solaris 2.4 through 2.6 does not start the xlock process until after the sys-suspend has completed, which allows an attacker with physical access to input characters to the last active application from the keyboard for a short period after the system is restoring, which could lead to increased privileges.
Cisco PIX Firewall contains a flaw that may allow a malicious remote user to connect to any port on a system where limited connections are explicitly allowed. The issue is triggered when the "established" command is used along with a normal conduit. The conduit is used to allow inbound traffic to a specific port on a host, for example port 25 on a mail server. The "established" command provides support for multiconnection protocols, where a host makes connection to an external host on one port, and the external host responds with an inbound connection on another port. If the firewall is configured with both a conduit and an "established" command for a host, it would be possible for a remote attacker to make a connection to the allowed port through the conduit, and then make a connection to any other port, bypassing normal firewall restrictions. If an attacker is able to make a connection to an FTP server that supports the PORT command, it is possible that the flaw may allow subsequent connections to any host behind the firewall, resulting in a potential loss of integrity.
Verity Search97 contains a flaw that may allow a remote denial of service. This issue is triggered due to the tasmgr service not requiring authorization for administrative commands. This will result in loss of availability for the program.
(Description Provided by CVE) : cmdtool in OpenWindows 3.0 and XView 3.0 in SunOS 4.1.4 and earlier allows attackers with physical access to the system to display unechoed characters (such as those from password prompts) via the L2/AGAIN key.
Verity Search97 contains a flaw that allows an attacker to traverse outside of a restricted path. The issue is due to the search97.vts script not properly sanitizing user input, specifically directory traversal style attacks (e.g., ../../) supplied via the 'ResultTemplate' parameter. This directory traversal attack would allow the attacker to gain access to arbitrary files.
SCO Open Server is prone to an overflow condition. The POP server fails to properly sanitize user-supplied input resulting in a buffer overflow. This may allow a remote attacker to execute arbitrary code or cause a denial of service.
(Description Provided by CVE) : login in Slackware Linux 3.2 through 3.5 does not properly check for an error when the /etc/group file is missing, which prevents it from dropping privileges, causing it to assign root privileges to any local user who logs on to the server.
(Description Provided by CVE) : KMail in KDE 1.0 provides a PGP passphrase as a command line argument to other programs, which could allow local users to obtain the passphrase and compromise the PGP keys of other users by viewing the arguments via programs that list process information, such as ps.
(Description Provided by CVE) : ePerl 2.2.12 allows remote attackers to read arbitrary files and possibly execute certain commands by specifying a full pathname of the target file as an argument to bar.phtml.
The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO
warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright
holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.