Searching hostname software vulnerabilities

Buffer overflow in Tetrix TetriNet daemon 1.13.

TetriNet | overflow | daemon | Buffer | Tetrix |

Buffer overflow in Tetrix TetriNet daemon 1.13.16 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by connecting to port 31457 from a host with a long DNS hostname.


spaceball program in SpaceWare 7.3 v1.0 in IRIX

environmental | privileges | SpaceWare | spaceball | HOSTNAME | variable | executed | commands | contain | program | setting | allows | local | users | IRIX | gain | root | v10 |

spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed.


Buffer overflow in nslookup for AIX 4.3 allows

arbitrary | hostname | nslookup | argument | overflow | execute | command | Buffer | allows | users | local | line | code | long | via | AIX |

Buffer overflow in nslookup for AIX 4.3 allows local users to execute arbitrary code via a long hostname command line argument.


Buffer overflows in the finger and whois demons

demonstration | arbitrary | attackers | overflows | commands | hostname | execute | scripts | remote | finger | Buffer | Server | Sambar | whois | allow | long | via |

Buffer overflows in the finger and whois demonstration scripts in Sambar Server 4.3 allow remote attackers to execute arbitrary commands via a long hostname.


The command port for PGP Certificate Server 2.5

Certificate | command | Server | port | PGP |

The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000.


The getnameinfo function in FreeBSD 4.1.1 and e

getnameinfo | function | FreeBSD |

The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname.


The line printer daemon (lpd) in the lpr packag

printer | daemon | line |

The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.


Format string vulnerability in Hylafax on FreeB

vulnerability | specifiers | arbitrary | argument | hostname | execute | Hylafax | FreeBSD | Format | string | allows | users | local | code | via |

Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter.


Buffer overflow in traceroute-nanog (aka tracer

traceroute-nanog | overflow | Buffer |

Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument.


Finjan Software SurfinGate 6.0 and 6.0 1 allows

restrictions | SurfinGate | attackers | hostname | Software | instead | address | access | allows | remote | Finjan | bypass | URL | via |

Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname.


Buffer overflow in Webresolve 0.1.0 and earlier

Webresolve | overflow | Buffer |

Buffer overflow in Webresolve 0.1.0 and earlier allows remote attackers to execute arbitrary code by connecting to the server from an IP address that resolves to a long hostname.


Directory traversal vulnerability in webfs befo

vulnerability | Directory | traversal | before | webfs |

Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header.


Multiple buffer overflows in asf_http_request o

asf_http_request | overflows | Multiple | MPlayer | before | buffer |

Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname.


The cert_TestHostName function in Mozilla befor

cert_TestHostName | Thunderbird | certificate | qualified | hostname | function | portion | Mozilla | Firefox | domain | before | checks | fully | only | name | URI | not |

The cert_TestHostName function in Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, only checks the hostname portion of a certificate when the hostname portion of the URI is not a fully qualified domain name (FQDN), which allows remote attackers to spoof trusted certificates.


The installation confirmation dialog in Firefox

confirmation | installation | Firefox | before | dialog |

The installation confirmation dialog in Firefox before 1.0.1, Thunderbird before 1.0.1, and Mozilla before 1.7.6 allows remote attackers to use InstallTrigger to spoof the hostname of the host performing the installation via a long "user:pass" sequence in the URL, which appears before the real hostname.


Konqueror can associate a cookie with multiple

ap1comexamplecom | demonstrated | search-list | associated | expansion | Konqueror | associate | attackers | accepting | expanded | operates | Internet | intranet | multiple | attacker | hostname | non-root | resolver | cookies | domains | entered | formed | allows | domain | search | ap1com | cookie | remote | steal | trick | which | site | user | list | into | has | DNS | can | web | via | its |

Konqueror can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site.


Firefox and Mozilla can associate a cookie with

ap1comexamplecom | demonstrated | search-list | associated | accepting | associate | attackers | expansion | expanded | intranet | operates | Internet | multiple | attacker | hostname | non-root | resolver | Firefox | Mozilla | domains | entered | cookies | formed | allows | domain | search | ap1com | cookie | remote | steal | trick | which | site | user | list | into | has | DNS | can | web | via | its |

Firefox and Mozilla can associate a cookie with multiple domains when the DNS resolver has a non-root domain in its search list, which allows remote attackers to trick a user into accepting a cookie for a hostname formed via search-list expansion of the hostname entered by the user, or steal a cookie for an expanded hostname, as demonstrated by an attacker who operates an ap1.com Internet web site to steal cookies associated with an ap1.com.example.com intranet web site.


Unspecified vulnerability in glFTPd before 2.01

vulnerability | Unspecified | before | glFTPd |

Unspecified vulnerability in glFTPd before 2.01 RC5 allows remote attackers to bypass IP checks via a crafted DNS hostname, possibly a hostname that appears to be an IP address.


Stack-based buffer overflow in st.c in slurpd f

Stack-based | OpenLDAP | overflow | buffer | slurpd | before | stc |

Stack-based buffer overflow in st.c in slurpd for OpenLDAP before 2.3.22 might allow attackers to execute arbitrary code via a long hostname.


SQL injection vulnerability in DataparkSearch E

DataparkSearch | vulnerability | injection | Engine | SQL |

SQL injection vulnerability in DataparkSearch Engine 4.42 and earlier allows remote attackers to execute arbitrary SQL commands via a malformed hostname in a URL.


Software vulnerabilities results 1 to 20 of 98     
Page: 12345