Searching ssl util uuencode binary software vulnerabilities

OpenLDAP 1.2.11 and earlier improperly installs

OpenLDAP |

OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse.


script command in the util-linux package before

util-linux | typescript | arbitrary | overwrite | hardlink | execute | command | package | setting | before | script | allows | system | having | users | local | files | root | 211n | then | file | any | log |

script command in the util-linux package before 2.11n allows local users to overwrite arbitrary files by setting a hardlink from the typescript log file to any file on the system, then having root execute the script command.


Multiple content security gateway and antivirus

Content-Transfer-Encoding | restrictions | non-standard | frequently | attackers | supported | antivirus | security | Multiple | messages | products | content | gateway | remote | bypass | values | allow | such | MIME | via | but | use |

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients.


The mapelf32exec function call in IRIX 6.5.20 t

mapelf32exec | function | IRIX | call |

The mapelf32exec function call in IRIX 6.5.20 through 6.5.24 allows local users to cause a denial of service (system crash) via a "corrupted binary."


Multiple stack-based buffer overflows in (1) th

stack-based | overflows | Multiple | buffer |

Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the decode_uuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing attachments with filenames.


X-Cart 3.4.3 allows remote attackers to execute

X-Cart |

X-Cart 3.4.3 allows remote attackers to execute arbitrary commands via the perl_binary argument in (1) upgrade.php or (2) general.php.


The IPv6 URI parsing routines in the apr-util l

routines | apr-util | library | parsing | Apache | IPv6 | URI |

The IPv6 URI parsing routines in the apr-util library for Apache 2.0.50 and earlier allow remote attackers to cause a denial of service (child process crash) via a certain URI, as demonstrated using the Codenomicon HTTP Test Tool.


The argument parser of the FETCH command in Cyr

argument | command | through | Server | parser | FETCH | Cyrus | IMAP | 22x |

The argument parser of the FETCH command in Cyrus IMAP Server 2.2.x through 2.2.8 allows remote authenticated users to execute arbitrary code via certain commands such as (1) "body[p", (2) "binary[p", or (3) "binary[p") that cause an index increment error that leads to an out-of-bounds memory corruption.


The binfmt functionality in the Linux kernel, w

functionality | overcommit" | enabled | service | "memory | allows | denial | kernel | binfmt | cause | Linux | local | users |

The binfmt functionality in the Linux kernel, when "memory overcommit" is enabled, allows local users to cause a denial of service (kernel oops) via a malformed a.out binary.


load_elf_binary in Linux before 2.4.26 allows l

load_elf_binary | before | Linux |

load_elf_binary in Linux before 2.4.26 allows local users to cause a denial of service (system crash) via an ELF binary in which the interpreter is NULL.


The Util_DecodeHTTPAuth function in BNBT BitTor

Util_DecodeHTTPAuth | BitTorrent | attackers | function | earlier | service | Release | Tracker | denial | remote | allows | cause | BNBT | Beta |

The Util_DecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service (crash) via a Basic Authorization HTTP request with a "A==" value.


Firefox before 1.0 and Mozilla before 1.7.5 dis

Mozilla | Firefox | before |

Firefox before 1.0 and Mozilla before 1.7.5 display the SSL lock icon when an insecure page loads a binary file from a trusted site, which could facilitate phishing attacks.


vserver in util-vserver 0.30.209 executes a com

util-vserver | vserver |

vserver in util-vserver 0.30.209 executes a command as root when the suexec userid parameter is invalid and non-numeric, which might cause local users to inadvertently execute dangerous commands as root.


Buffer overflow in the readline function in uti

util/texindexc | function | readline | overflow | Buffer | used |

Buffer overflow in the readline function in util/texindex.c, as used by the (1) texi2dvi and (2) texindex commands, in texinfo 4.8 and earlier allows local users to execute arbitrary code via a crafted Texinfo file.


The Kernel SSL Proxy service (svc:/network/ssl/

service | Kernel | Proxy | SSL |

The Kernel SSL Proxy service (svc:/network/ssl/proxy) in Sun Solaris 10 before Tuesday, September 26, 2006 allows remote attackers to cause a denial of service (system crash) via unspecified vectors related to an SSL client.


The accelerated rendering functionality of NVID

functionality | accelerated | rendering | Graphics | Driver | NVIDIA | Binary |

The accelerated rendering functionality of NVIDIA Binary Graphics Driver (binary blob driver) For Linux v8774 and v8762, and probably on other operating systems, allows local and remote attackers to execute arbitrary code via a large width value in a font glyph, which can be used to overwrite arbitrary memory locations.


Directory traversal vulnerability in SAFileUpSa

SAFileUpSamples/util/viewsrcasp | vulnerability | SoftArtisans | Directory | traversal | FileUp |

Directory traversal vulnerability in SAFileUpSamples/util/viewsrc.asp in SoftArtisans FileUp (SAFileUp) 5.0.14 allows remote attackers to read arbitrary files via a %c0%ae. (Unicode dot dot) in the path parameter, which bypasses the checks for ".." sequences.


Unsanity Application Enhancer (APE) 2.0.2 insta

Application | Enhancer | Unsanity |

Unsanity Application Enhancer (APE) 2.0.2 installs with insecure permissions for the (1) ApplicationEnhancer binary and the (2) /Library/Frameworks/ApplicationEnhancer.framework directory, which allows local users to gain privileges by modifying or replacing the binary or library files.


Buffer overflow in the sqlite_decode_binary fun

sqlite_decode_binary | function | overflow | library | bundled | before | Buffer | sqlite | PHP |

Buffer overflow in the sqlite_decode_binary function in the bundled sqlite library in PHP 4 before 4.4.5 and PHP 5 before 5.2.1 allows context-dependent attackers to execute arbitrary code via an empty value of the in parameter, as demonstrated by calling the sqlite_udf_decode_binary function with a 0x01 character.


mount and umount in util-linux call the setuid

util-linux | privileges | attackers | functions | mountnfs | helpers | return | values | setuid | setgid | umount | might | mount | allow | check | order | which | wrong | such | call | gain | via | not |

mount and umount in util-linux call the setuid and setgid functions in the wrong order and do not check the return values, which might allow attackers to gain privileges via helpers such as mount.nfs.


Software vulnerabilities results 1 to 20 of 195     
Page: 12345...10