Searching procedure software vulnerabilities

ip_print procedure in Tcpdump 3.4a allows remot

procedure | attackers | infinite | ip_print | service | Tcpdump | length | packet | causes | header | denial | allows | remote | prints | which | cause | core | loop | dump | zero | 34a | via |

ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet.


cachefsd in Solaris 2.6, 7, and 8 allows remote

attackers | cachefsd | service | Solaris | denial | allows | remote | cause |

cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.


Buffer overflow in the password encryption func

encryption | Microsoft | function | overflow | password | Server | Buffer | SQL |

Buffer overflow in the password encryption function of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows remote attackers to gain control of the database and execute arbitrary code via SQL Server Authentication, aka "Unchecked Buffer in Password Encryption Procedure."


Buffer overflow in bulk insert procedure of Mic

Microsoft | procedure | overflow | Server | Buffer | insert | bulk | SQL |

Buffer overflow in bulk insert procedure of Microsoft SQL Server 2000, including Microsoft SQL Server Desktop Engine (MSDE) 2000, allows attackers with database administration privileges to execute arbitrary code via a long filename in the BULK INSERT query.


CDE ToolTalk database server (ttdbserver) allow

database | ToolTalk | server | CDE |

CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the _TT_ISCLOSE procedure.


Microsoft SQL Server 2000 SP2, when configured

Microsoft | Server | SQL |

Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure.


The installation procedure for Invision Board s

installation | information | phpinfophp | sensitive | procedure | pathnames | settings | Invision | suggests | absolute | install | program | leaks | users | Board | under | which | root | such | PHP | web |

The installation procedure for Invision Board suggests that users install the phpinfo.php program under the web root, which leaks sensitive information such as absolute pathnames, OS information, and PHP settings.


Microsoft Exchange 2000, when used with Microso

Microsoft | Exchange |

Microsoft Exchange 2000, when used with Microsoft Remote Procedure Call (MSRPC), allows remote attackers to cause a denial of service (crash or memory consumption) via malformed MSRPC calls.


Buffer overflow in rpc.cmsd in SCO UnixWare 7.1

overflow | UnixWare | rpccmsd | Buffer | SCO |

Buffer overflow in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 allows remote attackers to execute arbitrary commands via a long parameter to rtable_create (procedure 21).


Microsoft SQL Server 7, 2000, and MSDE allows l

Microsoft | Server | SQL |

Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls (LPC) port that leads to a buffer overflow.


Microsoft SQL Server before Windows 2000 SP4 al

Microsoft | Windows | before | Server | SQL |

Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file.


Integer signedness error in the decode_fh funct

signedness | decode_fh | function | nfs3xdrc | Integer | kernel | before | error | Linux |

Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.


vos24u.c in SAP database server (SAP DB) 7.4.03

database | vos24uc | server | SAP |

vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the SQLAT stored procedure.


The Local Procedure Call (LPC) interface of the

Procedure | Local | Call |

The Local Procedure Call (LPC) interface of the Windows Kernel for Windows NT 4.0, Windows 2000, Windows XP, and Windows Server 2003 does not properly validate the lengths of messages sent to the LPC port, which allows local users to gain privileges, aka "Windows Kernel Vulnerability."


Stack-based buffer overflow in Oracle 9i and 10

Stack-based | attackers | arbitrary | procedure | overflow | execute | wrapped | buffer | Oracle | remote | allows | token | text | code | long | 10g | via |

Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure.


SQL injection vulnerability in the SYS.DBMS_CDC

SYSDBMS_CDC_IPUBLISHCREATE_SCN_CHANGE_SET | CHANGE_SET_NAME | vulnerability | attackers | arbitrary | injection | parameter | procedure | commands | Database | execute | Server | Oracle | remote | allows | via | SQL | 10g |

SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure in Oracle Database Server 10g allows remote attackers to execute arbitrary SQL commands via the CHANGE_SET_NAME parameter.


Buffer overflow in the Advanced Replication com

Replication | component | overflow | Database | Advanced | Server | Buffer | Oracle |

Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows database users to execute arbitrary code via the VERIFY_LOG procedure of the DBMS_SNAPSHOT_UTL package, aka Vuln# DB03.


Unspecified vulnerability in Microsoft Visual B

vulnerability | Unspecified | Microsoft | Visual | Basic |

Unspecified vulnerability in Microsoft Visual Basic (VB) 6 has an unknown impact ("overflow") via a project that contains a certain Click event procedure, as demonstrated using the msgbox function and the VB.Label object.


Buffer overflow in the pfs_mountd.rpc RPC daemo

pfs_mountdrpc | overflow | Portable | daemon | Buffer | System | File | RPC |

Buffer overflow in the pfs_mountd.rpc RPC daemon in the Portable File System (PFS) in HP-UX B.11.00, B.11.11, and B.11.23 allows remote attackers to execute arbitrary code by sending "a call to procedure 5, followed by a crafted payload to procedure 2."


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in SiteScape Forum before 7.3 allow remote attackers to inject arbitrary web script or HTML via the user name field in the login procedure, and other unspecified vectors.


Software vulnerabilities results 1 to 20 of 49     
Page: 123