Page 34 of 170 results (0.005 seconds)

CVSS: 7.5EPSS: 0%CPEs: 105EXPL: 1

CVE-2003-0681 – Sendmail 8.12.9 - 'Prescan()' Variant Remote Buffer Overrun

https://notcve.org/view.php?id=CVE-2003-0681

A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. Un "desbordamiento de búfer potencial en el análisis de reglas" (ruleset parsing) en Sendmail 8.12.9 cuando se usan los conjuntos de reglas no estándar: (1) receptor, (2) final, o (3) receptores de envoltorio específicos del enviador de correo, tienen consecuencias desconocidas. • https://www.exploit-db.com/exploits/23154 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000742 http://marc.info/?l=bugtraq&m=106383437615742&w=2 http://marc.info/?l=bugtraq&m=106398718909274&w=2 http://www.debian.org/security/2003/dsa-384 http://www.kb.cert.org/vuls/id/108964 http://www.mandriva.com/security/advisories?name=MDKSA-2003:092 http://www.redhat.com/support/errata/RHSA-2003-283.html http://www.securityfocus.com/bid/8649 http://www •

CVSS: 10.0EPSS: 79%CPEs: 8EXPL: 7

CVE-2003-0466 – FreeBSD 4.8 - 'realpath()' Off-by-One Buffer Overflow

https://notcve.org/view.php?id=CVE-2003-0466

Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. Error de fuera-por-uno (off-by-one) en la función fb_realpath(), derivada de la función realpath de BSD, pude permitir a atacantes ejecutar código arbitrario, como se ha demostrado en wu-ftpd 2.5.0 a 2.6.2 mediante comandos que causan que nombres de rutas de tamaño MAXPATHLEN+1 disparen un desbordamiento de búfer, incluyendo: (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, y (8) RNTO. • https://www.exploit-db.com/exploits/22976 https://www.exploit-db.com/exploits/78 https://www.exploit-db.com/exploits/74 https://www.exploit-db.com/exploits/22974 https://www.exploit-db.com/exploits/22975 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-011.txt.asc http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0065.html http://download.immunix.org/ImmunixOS/7+/Updates/errata/IMNX-2003-7+-019-01 http://isec.pl/vulnerabilities/isec-0011-wu • CWE-193: Off-by-one Error •

CVSS: 4.6EPSS: 0%CPEs: 14EXPL: 0

CVE-2003-0518

https://notcve.org/view.php?id=CVE-2003-0518

The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow. El salvapantallas de MacOS X permite a usuarios con acceso físico a la máquina hacer que el salvapantallas se caiga y ganar acceso a la sesión subyacente mediante un número de caracteres largo en el campo de contraseña, posiblemente disparando un desbordamiento de búfer. • http://archives.neohapsis.com/archives/bugtraq/2003-07/0034.html http://archives.neohapsis.com/archives/bugtraq/2003-07/0187.html http://docs.info.apple.com/article.html?artnum=120232 •

CVSS: 4.6EPSS: 0%CPEs: 1EXPL: 0

CVE-2003-0420

https://notcve.org/view.php?id=CVE-2003-0420

Information leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 allows local users to obtain the username and password of the account running the tool. • http://secunia.com/advisories/9025 http://www.auscert.org.au/render.html?it=3165 http://www.kb.cert.org/vuls/id/JPLA-5NTL8E http://www.securityfocus.com/bid/7894 https://exchange.xforce.ibmcloud.com/vulnerabilities/12342 •

CVSS: 9.8EPSS: 13%CPEs: 3EXPL: 0

CVE-2002-1347

https://notcve.org/view.php?id=CVE-2002-1347

Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string. Desbordamiento de búfer en la librería Cyrus SASL 2.1.9 y anteriores permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante entradas largas durante la canonización de nombre de usuario caractéres que necesitan ser escapados durante autenticación LDAP usando saslauth, o un error por uno en el escritor del log, que no asigna espacio para el carácter nulo que termina la cadena. • http://archives.neohapsis.com/archives/linux/suse/2002-q4/1275.html http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000557 http://lists.apple.com/archives/security-announce/2005/Mar/msg00000.html http://marc.info/?l=bugtraq&m=103946297703402&w=2 http://www.debian.org/security/2002/dsa-215 http://www.redhat.com/support/errata/RHSA-2002-283.html http://www.securityfocus.com/advisories/4826 http://www.securityfocus.com/bid/6347 http://www.securityfocus.com/bid/6348 • CWE-131: Incorrect Calculation of Buffer Size •