[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97389

 
 

909

 
 

78730

 
 

109

 
 
Paid content will be excluded from the download.

Filter
Matches : 97233 Download | Alert*

Buffer overflow in LinuxNode (node) before 0.3.2 allows remote attackers to execute arbitrary code.

Format string vulnerability in LinuxNode (node) before 0.3.2 may allow attackers to cause a denial of service or execute arbitrary code.

Buffer overflow in the whois client, which is not setuid but is sometimes called from within CGI programs, may allow remote attackers to execute arbitrary code via a long command line option.

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0743. Reason: This candidate is a duplicate of CVE-2003-0743. Notes: All CVE users should reference CVE-2003-0743 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code.

The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not associated with any specific security issue. Notes: none.

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate has been revoked by its Candidate Numbering Authority (CNA) because it was internally assigned to a problem that was not reachable (the affected routine was not used by the software). Notes: none.

Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the setuid helper applications (1) RunTCPDump, which calls tcpdump, and (2) RunTCPFlow, which calls tcpflow.

Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow.


Pages:      Start    9673    9674    9675    9676    9677    9678    9679    9680    9681    9682    9683    9684    9685    9686    ..   9723

© 2013 SecPod Technologies