NB: this is extracted of [EMAIL PROTECTED] WWWBoard Arbitrary Message Overwrite Vulnerability BugTraq ID: 1795 Remote: Yes Date Published: 1998-09-03 Relevant URL: http://www.securityfocus.com/bid/1795 Matt Wright's bugs. GnuPG Multiple Signed Message Modification Vulnerability BugTraq ID: 1797 Remote: Yes Date Published: 2000-10-12 Relevant URL: http://www.securityfocus.com/bid/1797 Summary: GnuPG is an open-source public/private key encryption system. There is a serious vulnerability in all versions of GnuPG below version 1.0.3b involving verifying the integrity of files with multiple signed messages. When verifying the integrity of these multiple-message files, GnuPG fails to verify each signature [ ... ] Elm 'filter' Arbitrary Mail Disclosure Vulnerability BugTraq ID: 1802 Remote: No Date Published: 1995-12-26 Relevant URL: http://www.securityfocus.com/bid/1802 Summary: Elm is a popular Unix mail client. A vulnerability exists in Elm's 'filter' utility which can grant an attacker access to any user's mail spool. By exploiting a race condition which exists in the creation of temporary files [ ... ] cURL Remote Buffer Overflow Vulnerability BugTraq ID: 1804 Remote: Yes Date Published: 2000-10-13 Relevant URL: http://www.securityfocus.com/bid/1804 Summary: Curl is an open-source utility for sending or receiving files using URL syntax. A vulnerability exists in the version of curl included with Debian GNU/Linux 2.2 (although cURL runs on other platforms as well, and earlier versions may be also vulnerable). Curl's error-logging feature improperly tests the size of generated error messages, which are sent from a remote client. [ ... ] xlib Buffer Overflow Vulnerability BugTraq ID: 1805 Remote: No Date Published: 2000-10-12 Relevant URL: http://www.securityfocus.com/bid/1805 Summary: A vulnerability exists in xlib, the C language interface to the X Window System protocol. When applications linked to the xlib library are run, user-supplied values for the DISPLAY environment variable (and the command-line argument -display) are stored in buffers of predefined length. It is not verified that the amount data is within the predefined size limits before it is copied onto the stack during function calls. [ ... ] cmd5checkpw Qmail Remote Password Retrieval Vulnerability BugTraq ID: 1809 Remote: Yes Date Published: 2000-10-16 Relevant URL: http://www.securityfocus.com/bid/1809 Summary: The authentication program cmd5checkpw can function as a plugin to qmail-smtpd-auth, a patch for qmail which supports the SMTP AUTH protocol. Due to improper input validation and error trapping, supplying cmd5checkpw with a non-existent username will cause it to segfault. In turn, the qmail-smtpd-auth Qmail patch incorrectly interprets this failure as a successful authentication. [ ... ] RedHat Linux ping Buffer Overflow Vulnerability BugTraq ID: 1813 Remote: No Date Published: 2000-10-18 Relevant URL: http://www.securityfocus.com/bid/1813 Summary: ping is a network diagnostic tool shipped with almost every operating system. On unix/linux systems it is usually installed setuid root because it needs to open a raw socket (to send and recieve ICMP messages). The version of ping that ships with RedHat Linux (and quite possibly, though uncomfirmed, others) is vulnerable to a buffer overflow attack. [ ... ] SAMBA Long Password Buffer Overflow Vulnerability BugTraq ID: 1816 Remote: Yes Date Published: 1997-09-25 Relevant URL: http://www.securityfocus.com/bid/1816 Summary: Samba is an open source software suite that provides seamless file and print services to SMB/CIFS clients. Certain older versions of Samba had a remotely exploitable buffer overflow vulnerability. This vulnerability was in the password function of the authentication mechanism which is to say a user could supply an overly long password to the Samba server and trigger a buffer overflow. S.u.S.E. ypbind-mt Format String Vulnerability BugTraq ID: 1820 Remote: Yes Date Published: 2000-10-18 Relevant URL: http://www.securityfocus.com/bid/1820 Summary: ypbind-mt is a rewrite of the NIS client software by Thorsten Kukuk for S.u.S.E. Linux systems. It has been reported that this version is vulnerable to a possibly remotely exploitable format string attack. The problem has to do with user input being passed as part of the format string argument for a *printf function. [ ... ] Apache mod_cookies Buffer Overflow Vulnerability BugTraq ID: 1821 Remote: Yes Date Published: 1997-01-12 Relevant URL: http://www.securityfocus.com/bid/1821 Summary: The Apache Project is a collaborative software development effort aimed at creating a robust, commercial-grade, featureful, and freely-available source code implementation of an HTTP (Web) server. Certain versions of the Apache webserver shipped with a remotely exploitable buffer overflow attack. This overflow was present in the function make_cookie, in mod_cookies.c used a 100 byte buffer. Remote attackers, if they provided more than 100 bytes, could exploit this vulnerabiltity to gain access to the server running the Apache server. -- Pour poster une annonce: [EMAIL PROTECTED]
