Page 2 of 59 results (0.006 seconds)

CVSS: 2.1EPSS: 0%CPEs: 32EXPL: 2

Buffer overflow in the PerlIO implementation in Perl 5.8.0, when installed with setuid support (sperl), allows local users to execute arbitrary code by setting the PERLIO_DEBUG variable and executing a Perl script whose full pathname contains a long directory tree. • https://www.exploit-db.com/exploits/791 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=001056 http://fedoranews.org/updates/FEDORA--.shtml http://marc.info/?l=bugtraq&m=110737149402683&w=2 http://marc.info/?l=full-disclosure&m=110779721503111&w=2 http://secunia.com/advisories/14120 http://secunia.com/advisories/55314 http://www.digitalmunition.com/DMA%5B2005-0131b%5D.txt http://www.gentoo.org/security/en/glsa/glsa-200502-13.xml http://www.mandriva. •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail. IBM AIX 5.2 y anteriores, distribuyen Sendmail con un fichero de configuración (sendmail.cf) con varias caracteristicas habilitadas, lo que permite a Sendmail ser utilizado como emisor de correo para spam. Las caracteristicas habilitadas son: promiscuous_relay. accept_unresolvable_domains. accept_unqualified_senders. • http://marc.info/?l=bugtraq&m=105284689228961&w=2 http://security.sdsc.edu/advisories/2003.05.13-AIX-sendmail.txt http://www.kb.cert.org/vuls/id/814617 http://www.securityfocus.com/bid/7580 https://exchange.xforce.ibmcloud.com/vulnerabilities/11993 •

CVSS: 7.5EPSS: 96%CPEs: 165EXPL: 1

Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. Desbordamiento de entero en la función xdrmem_getbytes(), y posiblemente otras funciones, de librerias XDR (representación de datos externos) derivadas de SunRPC, incluyendo libnsl, libc y glibc permite a atacantes remotos ejecutar código arbitrario mediante ciertos valores enteros en campos de longitud. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-008.txt.asc http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0140.html http://marc.info/?l=bugtraq&m=104810574423662&w=2 http://marc.info/?l=bugtraq&m=104811415301340&w=2 http://marc.info/?l=bugtraq&m=104860855114117&w=2 http://marc.info/?l=bugtraq&m=104878237121402&w=2 http://marc.info/? •

CVSS: 10.0EPSS: 0%CPEs: 87EXPL: 3

Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function. • https://www.exploit-db.com/exploits/21018 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:49.telnetd.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2001-012.txt.asc ftp://patches.sgi.com/support/free/security/advisories/20010801-01-P ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.10/CSSA-2001-SCO.10.txt http://archives.neohapsis.com/archives/hp/2001-q4/0014.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000413 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0

AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program. • http://www.kb.cert.org/vuls/id/17566 https://exchange.xforce.ibmcloud.com/vulnerabilities/6432 •