CVE-2005-3120 – Lynx 2.8.6dev.13 - Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2005-3120
Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters. • https://www.exploit-db.com/exploits/1256 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.7/SCOSA-2006.7.txt ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.47/SCOSA-2005.47.txt http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038019.html http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://secunia.com/advisories/17150 http://secunia.com/advisories/17216 http://secunia.com/advisories/17230 http://secunia.com/advisories/1723 • CWE-131: Incorrect Calculation of Buffer Size •
CVE-2005-2700
https://notcve.org/view.php?id=CVE-2005-2700
ssl_engine_kernel.c in mod_ssl before 2.8.24, when using "SSLVerifyClient optional" in the global virtual host configuration, does not properly enforce "SSLVerifyClient require" in a per-location context, which allows remote attackers to bypass intended access restrictions. • http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://marc.info/?l=apache-modssl&m=112569517603897&w=2 http://marc.info/?l=bugtraq&m=112604765028607&w=2 http://marc.info/?l=bugtraq&m=112870296926652&w=2 http://people.apache.org/~jorton/CAN-2005-2700.diff http://secunia.com/advisories/16700 http://secunia.com/advisories/16705 http://secunia.com/advisories/16714 http://secunia.com/advisories/16743 http://secunia.com/advisories/16746 http: •
CVE-2005-1527
https://notcve.org/view.php?id=CVE-2005-1527
Eval injection vulnerability in awstats.pl in AWStats 6.4 and earlier, when a URLPlugin is enabled, allows remote attackers to execute arbitrary Perl code via the HTTP Referrer, which is used in a $url parameter that is inserted into an eval function call. • http://secunia.com/advisories/16412 http://secunia.com/advisories/17463 http://securitytracker.com/id?1014636 http://www.debian.org/security/2005/dsa-892 http://www.idefense.com/application/poi/display?id=290&type=vulnerabilities&flashstatus=false http://www.novell.com/linux/security/advisories/2005_19_sr.html http://www.osvdb.org/18696 http://www.securiteam.com/unixfocus/5DP0J00GKE.html http://www.securityfocus.com/bid/14525 https://exchange.xforce.ibmcloud.com/vulnerabilities/21769 h • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2005-1689
https://notcve.org/view.php?id=CVE-2005-1689
Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier allows remote attackers to execute arbitrary code via certain error conditions. Vulnerabilidad de doble liberación de memoria en la función krb5_recvauth en MIT Kerberos 5 (krb5) 1.4.1 y anteriores permite que atacantes remotos ejecuten código arbitrario mediante ciertas condiciones de error. • ftp://patches.sgi.com/support/free/security/advisories/20050703-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000993 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://marc.info/?l=bugtraq&m=112119974704542&w=2 http://secunia.com/advisories/16041 http://secunia.com/advisories/17135 http://secunia.com/advisories/17899 http://secunia.com/advisories/22090 • CWE-415: Double Free •
CVE-2005-2088
https://notcve.org/view.php?id=CVE-2005-2088
The Apache HTTP server before 1.3.34, and 2.0.x before 2.0.55, when acting as an HTTP proxy, allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes Apache to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka "HTTP Request Smuggling." • http://docs.info.apple.com/article.html?artnum=302847 http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html http://marc.info/?l=apache-httpd-announce&m=112931556417329&w=3 http://seclists.org/lists/bugtraq/2005/Jun/0025.html http://secunia.com/advisories/14530 http://secunia.com/advisories/17319 http://secunia.com/advisories/17487 http://secunia.com/advisories/17813 http://secunia.com/advisories/19072 http://secunia.com/advisories/19073 http://secunia. • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •