62 results (0.009 seconds)

CVSS: 10.0EPSS: 63%CPEs: 28EXPL: 4

07 Mar 2003 — Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c. Desbordamiento de búfer en Sendmail 5.79 a la 8.12.7 que permite a atacantes remotos la ejecución arbitraria de código mediante ciertos campos de dirección formateados, relativos a comentarios de cabecera de emisor y receptor, procesados por la función crackaddr del fichero heade... • https://www.exploit-db.com/exploits/411 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 9.8EPSS: 32%CPEs: 37EXPL: 1

11 Dec 2002 — Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query. Desbordamiento de búfer en la rutina Dispatch() en el servidor de fuentes XFS (fs.auto) en Solaris 2.5.1 a 9 permite a atacantes remotos causar una denegación de servicio (caída) o ejecutar código arbitrario mediante una cierta petición XFS. • https://www.exploit-db.com/exploits/22036 •

CVSS: 10.0EPSS: 70%CPEs: 22EXPL: 0

05 Sep 2002 — Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure. Desbordamiento de búfer en el servidor de bases de datos RPC ToolTalk (rpc.ttdbserverd) de Common Desktop Environment (CDE) permite a atacantes remotos ejecutar código arbitrario mediante un argumento al procedimiento T_TT_CREATE_FILE. • http://marc.info/?l=bugtraq&m=102917002523536&w=2 •

CVSS: 7.2EPSS: 0%CPEs: 47EXPL: 0

23 Jul 2002 — CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure. El servidor de bases de datos CDE ToolTalk (ttdbserver) permite a usuarios locales sobreescribir ficheros arbitrarios mediante un ataque en enlaces simbólicos (symlink attack) en el fichero de registro (log) de transacciones usado por el procedimiento RPC _TT_TRANSACTION • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt •

CVSS: 9.8EPSS: 19%CPEs: 46EXPL: 0

12 Jul 2002 — CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure. El sevidor de bases de datos CDE ToolTalk (ttdbserver) permite a atacantes remotos sobrescribir posiciones arbitrarias de memoria con ceros, y posiblemente ganar privilegios, mediante un arguemnte de descriptor de fichero en una llamada al... • ftp://ftp.caldera.com/pub/updates/OpenUNIX/CSSA-2002-SCO.28/CSSA-2002-SCO.28.txt •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

31 Dec 2001 — setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space. • http://archives.neohapsis.com/archives/hp/2001-q3/0000.html •

CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0

15 Dec 2001 — RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option. RLPDaemon en HP-UX 10.20 y 11.0 permite a usuarios locales la sobreescritura de ficheros arbitrarios y la obtención de privilegios, especificando el fichero objeto en la opción '-L'. • http://www.iss.net/security_center/static/7729.php •

CVSS: 10.0EPSS: 85%CPEs: 43EXPL: 9

12 Dec 2001 — Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. Desbordamiento de búfer en la entrada a varios sistemas operativos basados en System V, permite a atacantes remotos la ejecución de comandos arbitrarios mediante un gran número de argumentos a través de servicios como telnet y rlogin. • https://www.exploit-db.com/exploits/16928 •

CVSS: 10.0EPSS: 5%CPEs: 5EXPL: 0

22 Nov 2001 — Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request. • http://archives.neohapsis.com/archives/hp/2001-q4/0047.html •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0

12 Oct 2001 — Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges. • http://archives.neohapsis.com/archives/hp/2001-q2/0044.html •