2 results (0.003 seconds)

CVSS: 7.5EPSS: 25%CPEs: 15EXPL: 0

Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request. • http://marc.info/?l=bugtraq&m=110797179710695&w=2 http://secunia.com/advisories/13608 http://securitytracker.com/id?1012650 http://www.idefense.com/application/poi/display?id=175&type=vulnerabilities&flashstatus=false http://www.kb.cert.org/vuls/id/647438 http://www.securityfocus.com/bid/12077 https://exchange.xforce.ibmcloud.com/vulnerabilities/18636 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5701 •

CVSS: 10.0EPSS: 17%CPEs: 111EXPL: 2

The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. • https://www.exploit-db.com/exploits/24 https://www.exploit-db.com/exploits/22442 ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2003-016.0.txt ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-03:07.sendmail.asc ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.11/SCOSA-2004.11.txt ftp://patches.sgi.com/support/free/security/advisories/20030401-01-P http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000614 http://lists.apple.com/mhonarc/secur •