9 results (0.012 seconds)

CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0

MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through 5.0.2, does not properly verify the (1) hostname or (2) identity in the X.509 certificate for the myproxy-server, which allows remote attackers to spoof the server and conduct man-in-the-middle (MITM) attacks via a crafted certificate when executing (a) myproxy-logon or (b) myproxy-get-delegation. MyProxy v5.0 hasta v5.2, tal como se utiliza en Globus Toolkit v5.0.0 hasta v5.0.2, no comprueba correctamente (1) el nombre de host o (2) la identidad en el certificado X.509 para el myproxy-servidor, lo que permite a atacantes remotos suplantar el servidor y llevar a cabo ataques man-in-the-middle (MITM) a través de certificados manipulados cuando se ejecuta (a) myproxy-logon o (b) myproxy-get-delegation. • http://grid.ncsa.illinois.edu/myproxy/security/myproxy-adv-2011-01.txt http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053461.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053473.html http://lists.globus.org/pipermail/security-announce/2011-January/000018.html http://osvdb.org/70494 http://secunia.com/advisories/42972 http://secunia.com/advisories/43103 http://www.securityfocus.com/bid/45916 http://www.vupen.com/english/advisories/2011/022 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 93%CPEs: 1EXPL: 1

Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated. • https://www.exploit-db.com/exploits/25303 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc ftp://patches.sgi.com/support/free/security/advisories/20050405-01-P http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000962 http://secunia.com/advisories/14745 http://secunia.com/advisories/17899 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1 http://sunsolve •

CVSS: 7.5EPSS: 92%CPEs: 1EXPL: 0

Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:01.telnet.asc ftp://patches.sgi.com/support/free/security/advisories/20050405-01-P http://secunia.com/advisories/14745 http://secunia.com/advisories/17899 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101665-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-101671-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-57755-1 http://sunsolve.sun.com/search/document.do?assetkey=1-26-5 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2

Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution. • https://www.exploit-db.com/exploits/21050 https://www.exploit-db.com/exploits/21049 https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-1999-0267 •

CVSS: 7.5EPSS: 6%CPEs: 2EXPL: 1

The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file. • https://www.exploit-db.com/exploits/20423 http://www.securityfocus.com/bid/1975 https://exchange.xforce.ibmcloud.com/vulnerabilities/298 •