(Description Provided by CVE) : man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man.
(Description Provided by CVE) : Buffer overflow in the web interface for SOHO Routefinder 550 before firmware 4.63 allows remote attackers to cause a denial of service (reboot) and execute arbitrary code via a long GET /OPTIONS value.
(Description Provided by CVE) : Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field.
(Description Provided by CVE) : The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, has a default "admin" account with a blank password, which could allow attackers on the LAN side to conduct unauthorized activities.
HP Jetdirect 310x Print Server for Fast Ethernet contains an unspecified flaw that may allow a remote attacker to cause a denial of service or gain unauthorized access. No further details have been provided by the vendor.
(Description Provided by CVE) : Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet.
A remote overflow exists in Qpopper. The server fails to properly check the length of macronames supplied to the pop_msg() function resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service or potentially execute arbitrary code. This attack requires valid user authentication credentials.
Invision Power Board allows remote attackers to include arbitrary PHP files. The issue is due to poor sanity checking on arguments supplied to the ad_member.php script. By specifying an arbitrary path, a remote attacker can include a custom configuration file from a remote system, allowing them to execute arbitrary code and more.
(Description Provided by CVE) : Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.
PunBB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate variables upon submission to certain administratively functions. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. No further details have been provided.
(Description Provided by CVE) : MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.
(Description Provided by CVE) : Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.
(Description Provided by CVE) : Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.
PHP-Ping contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to index.php not properly sanitizing user input supplied to the 'pingto' variable. This may allow an attacker to include a file from a remote host that contains arbitrary commands which will be executed by the vulnerable script.
(Description Provided by CVE) : Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file.
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names.
(Description Provided by CVE) : Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name.
SAP server-side Remote Function Call (aka RFC) API contains a flaw that may allow a malicious user to undertake a brute-force attack against accounts without inducing a lock-out. The issue is due to insufficient checking placed on the Remote Function Call API which can be used in place of the GUI for authentication. It is possible that the flaw may allow account compromise, resulting in a loss of confidentiality.
IlohaMail contains a flaw that allows a remote attacker to access files outside of the web path. The issue is due to the index.php script not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the int_lang variable. This flaw will lead to a loss of confidentiality.
(Description Provided by CVE) : Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
By default, phpWebSite installs with default admin credentials (username/password combination). The 'admin' account has a password of 'phpwebsite', which is publicly known and documented. This allows remote attackers to trivially access the program or system and gain privileged access.
The GNU Transport Layer Security Library contains a flaw that may allow a malicious user to disclose sensitive information about the information protected by the security features of the GNU Transport Layer Security Library. It is currently undocumented as to what exact conditions must be met to cause this condition. It is possible that the flaw may allow and attackers the ability to decrypted protected data resulting in a loss of information confidentiality.
(Description Provided by CVE) : Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
(Description Provided by CVE) : Unknown vulnerability in the "Automatic File Content Type Recognition (AFCTR) Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact.
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in WebLogExpert allows remote attackers to inject arbitrary web script or HTML via a crafted client domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO
warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright
holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.