Page 12 of 60 results (0.003 seconds)

CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 0

Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. • http://www.cert.org/advisories/CA-2001-07.html http://www.nai.com/research/covert/advisories/048.asp http://www.securityfocus.com/bid/2550 https://exchange.xforce.ibmcloud.com/vulnerabilities/6332 • CWE-131: Incorrect Calculation of Buffer Size •

CVSS: 10.0EPSS: 1%CPEs: 51EXPL: 4

Buffer overflows in BSD-based FTP servers allows remote attackers to execute arbitrary commands via a long pattern string containing a {} sequence, as seen in (1) g_opendir, (2) g_lstat, (3) g_stat, and (4) the glob0 buffer as used in the glob functions glob2 and glob3. • https://www.exploit-db.com/exploits/20731 https://www.exploit-db.com/exploits/20732 https://www.exploit-db.com/exploits/20733 ftp://ftp.NetBSD.ORG/pub/NetBSD/misc/security/advisories/NetBSD-SA2000-018.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20010802-01-P http://archives.neohapsis.com/archives/freebsd/2001-04/0466.html http://www.cert.org/advisories/CA-2001-07.html http://www.nai.com/research/covert/advisories/048.asp http://www.securityfocus.com&#x •

CVSS: 10.0EPSS: 2%CPEs: 31EXPL: 1

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP. • https://www.exploit-db.com/exploits/19722 ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P http://rhn.redhat.com/errata/RHSA-2000-002.html http://www.atstake.com/research/advisories/2000/lpd_advisory.txt http://www.debian.org/security/2000/20000109 http://www.kb.cert.org/vuls/id/30308 http://www.l0pht.com/advisories/lpd_advisory http://www.securityfocus.com/bid/927 https://exchange.xforce.ibmcloud.com/vulnerabilities/3840 •

CVSS: 10.0EPSS: 1%CPEs: 32EXPL: 1

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file. • https://www.exploit-db.com/exploits/325 ftp://patches.sgi.com/support/free/security/advisories/20021104-01-P http://seclists.org/lists/bugtraq/2000/Jan/0116.html http://www.atstake.com/research/advisories/2000/lpd_advisory.txt http://www.debian.org/security/2000/20000109 http://www.kb.cert.org/vuls/id/39001 http://www.l0pht.com/advisories/lpd_advisory http://www.redhat.com/support/errata/RHSA-2000-002.html http://www.securityfocus.com/bid/927 https://exchange. •

CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 2

inpview in InPerson on IRIX 5.3 through IRIX 6.5.10 trusts the PATH environmental variable to find and execute the ttsession program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse ttsession program. • https://www.exploit-db.com/exploits/19304 ftp://patches.sgi.com/support/free/security/advisories/20001101-01-I http://marc.info/?l=bugtraq&m=87602167420921&w=2 http://www.securityfocus.com/bid/381 •