A local overflow exists in xmindpath, a FreeBSD port. It fails to check bounds when the "-f" argument is passed, resulting in a local buffer overflow. With a specially crafted request, an attacker can execute arbitrary shellcode with the privileges of suid uucp resulting in a loss of integrity.
A local overflow exists in angband, a FreeBSD port. This game fails to check bounds when command line arguments "-u" and "-d" are passed, resulting in a buffer overflow. With a specially crafted request, an attacker can obtain the privileges of setgid games resulting in a loss of integrity.
A local overflow exists in FreeBSD. The gdc fails to check boundaries resulting in a buffer overflow. With a specially crafted request, in which the -t flag (time) in a gdc argument exceeds its predefined buffer length, an attacker who is in the wheel group can execute arbitrary code resulting in a loss of integrity.
FreeBSD contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when a malicious user creates a symbolic link which is traversed by gdc when writing its debug ouput to a file, typically and inappropriately redirected to "/var/tmp/gated_dump" or "/var/tmp/gdb_dump". This flaw can be used to overwrite any file on the victim system as gdc runs setuid root and may consequently lead to a loss of integrity.
A remote overflow exists in Qpopper. The Qpopper fails to check the boundary in "pop_msg.c" function, resulting in a buffer overflow. With a specially crafted request, a remote attacker can overflow a buffer and gain root privileges on the system, resulting in a loss of confidentiality and integrity.
(Description Provided by CVE) : A Windows NT user can use SUBST to map a drive letter to a folder, which is not unmapped after the user logs off, potentially allowing that user to modify the location of folders accessed by later users.
(Description Provided by CVE) : Ultimate Bulletin Board stores data files in the cgi-bin directory, allowing remote attackers to view the data if an error occurs when the HTTP server attempts to execute the file.
The Microsoft NTMail 4 and 5 SMTP server allows anyone to use it as a mail relay, provided that the source address is set to '<>'. This could allow an intruder to use this host to send unsolicited emails.
Symantec Mail-Gear contains a flaw that allows a remote attacker to view arbitrary files outside of the web path. The issue is due to the "Display" not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the "what" variable.
NTMail contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by a failure to disable the VRFY command even if an administrator has explicitly done so, which will disclose user information resulting in a loss of confidentiality.
A local overflow exists in SCO UnixWare. UnixWare fails to check the boundary of arguments supplied to the "Xsco" command, resulting in a buffer overflow. By passing an overly long argument (argv) to Xsco, an local attacker can cause a buffer overflow and gain superuser privileges, resulting in a loss of integrity.
SCO UnixWare is prone to an overflow condition. This issue is triggered when xlock fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted username, a local attacker can potentially execute arbitrary code.
(Description Provided by CVE) : Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle 200 ARP requests per second allowing a denial of service attack to succeed with a flood of ARP requests exceeding that limit.
(Description Provided by CVE) : Buffer overflow in Netscape Navigator/Communicator 4.7 for Windows 95 and Windows 98 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long argument after the ? character in a URL that references an .asp, .cgi, .html, or .pl file.
(Description Provided by CVE) : Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, which allows arbitrary remote attackers to access the server.
(Description Provided by CVE) : Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation.
A remote overflow exists in Vermillion FTPD. The daemon fails to perform proper bounds checking resulting in a buffer overflow. By sending an overly long CWD command containing 504 or more characters three times in a row, a remote attacker can cause the daemon to crash resulting in a loss of availability for the service.
Microsoft Internet Explorer contains a flaw that is triggered during the handling of specially crafted data element within an XML request. This may allow a remote attacker to gain access to arbitrary files.
Solaris is prone to an overflow condition. This issue is triggered when rpc.ttdbserver fails to properly sanitize user-supplied input resulting in a buffer overflow. When handling a function 15 request, a remote attacker can potentially cause a loss of availability.
The Tektronix PhaserLink Printer 930 and earlier web interface allows unauthenticated users to obtain administrator access by accessing restricted URLs directly. An attacker can use this interface to reconfigure the printer or cause a denial of service condition.
(Description Provided by CVE) : ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command.
The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO
warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright
holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.