(Description Provided by CVE) : Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs.
(Description Provided by CVE) : The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially setting up a loop, aka Snork.
Check Point Firewall-1 contains a flaw that is triggered when information sent to the session agent module is not encrypted. This may allow an attacker to spoof a valid session agent and gain access to user credentials.
SLMail contains a flaw that may allow a remote denial of service. The issue is triggered when sending commands containing open parentheses ('('), and will result in loss of availability for the smtp service.
PHP is prone to an overflow condition. The program fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted imap_header or header_info header line that is larger than 1024 characters, an attacker can potentially cause a loss of availability.
PHP contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an error message displays user credential information. In some cases, it may be the full username and password, and in other cases it may be obscured but reveal the length of each making enumeration a bit easier.
(Description Provided by CVE) : SMTP server in SLmail 3.1 and earlier allows remote attackers to cause a denial of service via malformed commands whose arguments begin with a "(" (parenthesis) character, such as (1) SEND, (2) VRFY, (3) EXPN, (4) MAIL FROM, (5) RCPT TO.
(Description Provided by CVE) : The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE.
Cisco PIX and IOS Firewall extensions contain a flaw that may allow a REMOTE denial of service. The issue is triggered when a large number of fragmented packets are sent to a protected host, and will result in loss of availability for the targeted host.
Microsoft Internet Explorer contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a user visits a malicious web site, which could read files on the local file system.
A local overflow exists in bash. The rl_redisplay() function fails to perform proper bounds checking resulting in a buffer overflow. The issue is triggered when creating a overly long directory name containing more than 1024 bytes, which is inserted into the password prompt via the '\w' option in the PS1 environmental variable when another user changes into that directory. It is possible for a malicious user to gain elevated privileges resulting in a loss of integrity.
The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO
warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright
holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.