Vulnerability in StackGuard before 1.21 allows remote attackers to bypass the Random and Terminator Canary security mechanisms by using a non-linear attack which directly modifies a pointer to a return address instead of using a buffer overflow to reach the return address entry itself.

BID:786 | URL:http://www.securityfocus.com/bid/786 | BUGTRAQ:19911109 ImmuniX OS Security Alert: StackGuard 1.21 Released | URL:http://marc.info/?l=bugtraq&m=94218618329838&w=2 | XF:immunix-stackguard-bo(3524) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/3524

Windows 95 and Windows 98 systems, when configured with multiple TCP/IP stacks bound to the same MAC address, allow remote attackers to cause a denial of service (traffic amplification) via a certain ICMP echo (ping) packet, which causes all stacks to send a ping response, aka TCP Chorusing.

BID:225 | URL:http://www.securityfocus.com/bid/225 | NTBUGTRAQ:19990206 New Windows 9x Bug: TCP Chorusing | URL:http://marc.info/?l=ntbugtraq&m=91849617221319&w=2 | XF:win-multiple-ip-dos(7542) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/7542

Windows NT 4.0 before SP3 allows remote attackers to bypass firewall restrictions or cause a denial of service (crash) by sending improperly fragmented IP packets without the first fragment, which the TCP/IP stack incorrectly reassembles into a valid session.

BUGTRAQ:19970710 A New Fragmentation Attack | URL:http://www.securityfocus.com/archive/1/7219 | XF:nt-frag(528) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/528

Management information base (MIB) for a 3Com SuperStack II hub running software version 2.10 contains an object identifier (.1.3.6.1.4.1.43.10.4.2) that is accessible by a read-only community string, but lists the entire table of community strings, which could allow attackers to conduct unauthorized activities.

BUGTRAQ:19990830 One more 3Com SNMP vulnerability | URL:http://marc.info/?l=bugtraq&m=93616983223090&w=2

Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level of abstraction than is typical for CVE.

BID:2022 | URL:http://www.securityfocus.com/bid/2022 | BINDVIEW:20001130 The NAPTHA DoS vulnerabilities | URL:http://razor.bindview.com/publish/advisories/adv_NAPTHA.html | CERT:CA-2000-21 | URL:http://www.cert.org/advisories/CA-2000-21.html | MS:MS00-091 | URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-091 | WIN2KSEC:20001204 NAPTHA Advisory Updated - BindView RAZOR | URL:http://archives.neohapsis.com/archives/win2ksecadvice/2000-q4/0105.html

The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC addresses, as demonstrated by ARPNuke.

BID:3113 | URL:http://www.securityfocus.com/bid/3113 | BUGTRAQ:20010730 ARPNuke - 80 kb/s kills a whole subnet | URL:http://www.securityfocus.com/archive/1/200323 | XF:win-arp-packet-flooding-dos(6924) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/6924

The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote attackers who provide an incorrect username or password, which makes it easier to break into the server via brute force password guessing.

BID:3034 | URL:http://www.securityfocus.com/bid/3034 | BUGTRAQ:20010712 3Com TelnetD | URL:http://www.securityfocus.com/archive/1/196957 | XF:3com-telnetd-brute-force(6855) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/6855

Stack-based buffer overflow in the comprexx function for ncompress 4.2.4 and earlier, when used in situations that cross security boundaries (such as FTP server), may allow remote attackers to execute arbitrary code via a long filename argument.

CERT-VN:VU#176363 | URL:http://www.kb.cert.org/vuls/id/176363 | GENTOO:GLSA-200410-08 | URL:http://security.gentoo.org/glsa/glsa-200410-08.xml | REDHAT:RHSA-2004:536 | URL:http://www.redhat.com/support/errata/RHSA-2004-536.html | VULN-DEV:20010621 New bugs, old bugs | URL:http://seclists.org/lists/vuln-dev/2001/Nov/0202.html | XF:ncompress-filename-bo(10619) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/10619

Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not reproduce the problem.

BUGTRAQ:20011202 Stack overflow in all Internet Explorer Versions!! | URL:http://archives.neohapsis.com/archives/bugtraq/2001-12/0008.html | BUGTRAQ:20011204 RE: Stack overflow in all Internet Explorer Versions!! | URL:http://archives.neohapsis.com/archives/bugtraq/2001-12/0034.html | XF:ie-settimeout-dos(7661) | URL:http://www.iss.net/security_center/static/7661.php

PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack and modifies packets in ICMP error messages in a way that allows remote attackers to determine that the system is running PGPfire.

BID:3961 | URL:http://www.securityfocus.com/bid/3961 | BUGTRAQ:20020125 Identifying PGP Corporate Desktop 7.1 with PGPfire Personal Desktop Firewall installed (no need to be enabled) on Microsoft Windows Based OSs | URL:http://online.securityfocus.com/archive/1/252407 | XF:pgpfire-icmp-fingerprint(8008) | URL:http://www.iss.net/security_center/static/8008.php

Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the web_access.html file, which allows the user to change the switch's configuration and modify the administrator password.

BID:4062 | URL:http://www.securityfocus.com/bid/4062 | BUGTRAQ:20020208 Hewlett Packard AdvanceStack Switch Managment Authentication Bypass Vulnerability | URL:http://marc.info/?l=bugtraq&m=101318469216213&w=2 | HP:HPSBUX0202-185 | URL:http://online.securityfocus.com/advisories/3870 | VULNWATCH:20020208 Hewlett Packard AdvanceStack Switch Managment Authentication Bypass Vulnerability | XF:hp-advancestack-bypass-auth(8124) | URL:http://www.iss.net/security_center/static/8124.php

Vignette Story Server 4.1 and 6.0 allows remote attackers to obtain sensitive information via a request that contains a large number of '"' (double quote) and and '>' characters, which causes the TCL interpreter to crash and include stack data in the output.

ATSTAKE:A040703-1 | URL:http://www.atstake.com/research/advisories/2003/a040703-1.txt | BID:7296 | URL:http://www.securityfocus.com/bid/7296 | XF:storyserver-tcl-information-disclosure(11725) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/11725

Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.

BID:4813 | URL:http://www.securityfocus.com/bid/4813 | BID:4814 | URL:http://www.securityfocus.com/bid/4814 | BID:4815 | URL:http://www.securityfocus.com/bid/4815 | CISCO:20020523 CBOS - Improving Resilience to Denial-of-Service Attacks | URL:http://www.cisco.com/warp/public/707/CBOS-DoS.shtml | XF:cisco-cbos-dhcp-dos(9151) | URL:http://www.iss.net/security_center/static/9151.php | XF:cisco-cbos-tcpip-dos(9153) | URL:http://www.iss.net/security_center/static/9153.php | XF:cisco-cbos-telnet-cpe-dos(9152) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/9152

The HTTP administration interface for HP Procurve 4000M Switch firmware before C.09.16, with stacking features and remote administration enabled, does not authenticate requests to reset the device, which allows remote attackers to cause a denial of service via a direct request to the device_reset CGI program.

BID:5784 | URL:http://www.securityfocus.com/bid/5784 | BUGTRAQ:20020924 HP Procurve 4000M Stacked Switch HTTP Reset Vulnerability | URL:http://marc.info/?l=bugtraq&m=103287951910420&w=2 | HP:HPSBUX0209-219 | URL:http://online.securityfocus.com/advisories/4501 | MISC:http://www.tech-serve.com/research/advisories/2002/a092302-1.txt | XF:hp-procurve-http-reset-dos(10172) | URL:http://www.iss.net/security_center/static/10172.php

Stack-based buffer overflow in the Microsoft Java implementation, as used in Internet Explorer, allows remote attackers to cause a denial of service via a long class name through (1) Class.forName or (2) ClassLoader.loadClass.

BID:6134 | URL:http://www.securityfocus.com/bid/6134 | BUGTRAQ:20021108 Technical information about unpatched MS Java vulnerabilities | URL:http://marc.info/?l=bugtraq&m=103682630823080&w=2 | NTBUGTRAQ:20021108 Technical information about unpatched MS Java vulnerabilities | URL:http://marc.info/?l=ntbugtraq&m=103684360031565&w=2 | XF:msvm-class-loader-bo(10580) | URL:http://www.iss.net/security_center/static/10580.php

Unknown vulnerability related to stack corruption in the TGA daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 may allow attackers to obtain access to system files.

BID:5459 | URL:http://www.securityfocus.com/bid/5459 | HP:HPSBUX0208-211 | URL:http://archives.neohapsis.com/archives/hp/2002-q3/0050.html | XF:hp-vvos-tga-corruption(9846) | URL:http://www.iss.net/security_center/static/9846.php

Stack-based buffer overflow in SQLData Enterprise Server 3.0 allows remote attacker to execute arbitrary code and cause a denial of service via a long HTTP request.

BID:3778 | URL:http://www.securityfocus.com/bid/3778 | SECTRACK:1003123 | URL:http://securitytracker.com/id?1003123 | XF:sqldata-enterprise-bo(7821) | URL:http://www.iss.net/security_center/static/7821.php

mosix-protocol-stack in Multicomputer Operating System for UnIX (MOSIX) 1.5.7 allows remote attackers to cause a denial of service via malformed packets.

BID:4580 | URL:http://www.securityfocus.com/bid/4580 | BUGTRAQ:20020423 Denial of Service in Mosix 1.5.x | URL:http://archives.neohapsis.com/archives/bugtraq/2002-04/0327.html | XF:mosix-malformed-packet-dos(8927) | URL:http://www.iss.net/security_center/static/8927.php

Stack-based buffer overflow in the parse_field function in cgi_lib.c for LIBCGI 1.0.2 and 1.0.3 allows remote attackers to execute arbitrary code via a long argument.

BID:6270 | URL:http://www.securityfocus.com/bid/6270 | BUGTRAQ:20021128 Remote Multiple Buffer Overflow(s) vulnerability in Libcgi-tuxbr. | URL:http://archives.neohapsis.com/archives/bugtraq/2002-11/0346.html | XF:libcgi-cgilibc-parsefield-bo(10722) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/10722

TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling.

MISC:VU#464113 | URL:https://www.kb.cert.org/vuls/id/464113 | MISC:[oss-security] 20120203 Re: CVE Request (2002): Linux TCP stack could accept invalid TCP flag combinations | URL:http://www.openwall.com/lists/oss-security/2012/02/03/7 | MISC:[oss-security] 20120529 Re: CVE Request (2002): Linux TCP stack could accept invalid TCP flag combinations | URL:http://www.openwall.com/lists/oss-security/2012/05/29/8 | MISC:[oss-security] 20120530 CVE Request -- kernel: tcp: drop SYN+FIN messages | URL:http://www.openwall.com/lists/oss-security/2012/05/30/2 | MISC:[oss-security] 20120530 Re: CVE Request -- kernel: tcp: drop SYN+FIN messages | URL:http://www.openwall.com/lists/oss-security/2012/05/30/11 | MISC:[oss-security] 20120530 Re: CVE Request -- kernel: tcp: drop SYN+FIN messages | URL:http://www.openwall.com/lists/oss-security/2012/05/30/12 | MISC:[oss-security] 20120530 Re: CVE Request -- kernel: tcp: drop SYN+FIN messages | URL:http://www.openwall.com/lists/oss-security/2012/05/30/13 | MISC:[oss-security] 20120530 Re: CVE Request -- kernel: tcp: drop SYN+FIN messages | URL:http://www.openwall.com/lists/oss-security/2012/05/30/4 | MISC:[oss-security] 20120530 Re: CVE Request -- kernel: tcp: drop SYN+FIN messages | URL:http://www.openwall.com/lists/oss-security/2012/05/30/8 | MISC:[oss-security] 20120530 Re: CVE Request -- kernel: tcp: drop SYN+FIN messages | URL:http://www.openwall.com/lists/oss-security/2012/05/30/9 | MISC:[oss-security] 20120531 Re: CVE Request -- kernel: tcp: drop SYN+FIN messages | URL:http://www.openwall.com/lists/oss-security/2012/05/31/3 | MISC:[oss-security] 20140212 Re: Old CVE ids, public, but still "RESERVED" | URL:http://www.openwall.com/lists/oss-security/2014/02/12/8 | MISC:https://bugzilla.suse.com/show_bug.cgi?id=744994%2C | URL:https://bugzilla.suse.com/show_bug.cgi?id=744994%2C | MISC:https://security.netapp.com/advisory/ntap-20210727-0003/ | URL:https://security.netapp.com/advisory/ntap-20210727-0003/ | MISC:https://www.kb.cert.org/vuls/id/464113%2C | URL:https://www.kb.cert.org/vuls/id/464113%2C | MISC:https://www.openwall.com/lists/oss-security/2012/02/03/7 | URL:https://www.openwall.com/lists/oss-security/2012/02/03/7

Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.

BID:6627 | URL:http://www.securityfocus.com/bid/6627 | BUGTRAQ:20030122 [securityslackware.com: [slackware-security] New DHCP packages available] | URL:http://archives.neohapsis.com/archives/bugtraq/2003-01/0250.html | CERT:CA-2003-01 | URL:http://www.cert.org/advisories/CA-2003-01.html | CERT-VN:VU#284857 | URL:http://www.kb.cert.org/vuls/id/284857 | CIAC:N-031 | URL:http://www.ciac.org/ciac/bulletins/n-031.shtml | CONECTIVA:CLA-2003:562 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000562 | DEBIAN:DSA-231 | URL:http://www.debian.org/security/2003/dsa-231 | MANDRAKE:MDKSA-2003:007 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2003:007 | OPENPKG:OpenPKG-SA-2003.002 | URL:http://www.openpkg.com/security/advisories/OpenPKG-SA-2003.002.html | REDHAT:RHSA-2003:011 | URL:http://www.redhat.com/support/errata/RHSA-2003-011.html | SECTRACK:1005924 | URL:http://www.securitytracker.com/id?1005924 | SUSE:SuSE-SA:2003:0006 | URL:http://www.suse.com/de/security/2003_006_dhcp.html | SUSE:SuSE-SA:2003:006 | URL:http://www.suse.com/de/security/2003_006_dhcp.html | XF:dhcpd-minires-multiple-bo(11073) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/11073

Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.

BUGTRAQ:20030331 NSFOCUS SA2003-02: Solaris lpq Stack Buffer Overflow Vulnerability | URL:http://www.securityfocus.com/archive/1/316957/30/25250/threaded | CIAC:N-068 | URL:http://www.ciac.org/ciac/bulletins/n-068.shtml | MISC:http://packetstormsecurity.org/0304-advisories/sa2003-02.txt | MISC:http://www.nsfocus.com/english/homepage/sa2003-02.htm | OSVDB:8713 | URL:http://www.osvdb.org/8713 | OVAL:oval:org.mitre.oval:def:4383 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4383 | SUNALERT:52443 | URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-52443-1 | VULNWATCH:20030331 NSFOCUS SA2003-02: Solaris lpq Stack Buffer Overflow Vulnerability | URL:http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0162.html

Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter.

BID:7453 | URL:http://www.securityfocus.com/bid/7453 | BUGTRAQ:20030429 Oracle Database Server Buffer Overflow Vulnerability (#NISR29042003) | URL:http://marc.info/?l=bugtraq&m=105162831008176&w=2 | CIAC:N-085 | URL:http://www.ciac.org/ciac/bulletins/n-085.shtml | CONFIRM:http://otn.oracle.com/deploy/security/pdf/2003alert54.pdf | NTBUGTRAQ:20030429 Oracle Database Server Buffer Overflow Vulnerability (#NISR29042003) | URL:http://marc.info/?l=ntbugtraq&m=105163376015735&w=2 | XF:oracle-database-link-bo(11885) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/11885

The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses.

BUGTRAQ:20030609 Linux 2.0 remote info leak from too big icmp citation | URL:http://marc.info/?l=bugtraq&m=105519179005065&w=2 | CERT-VN:VU#471084 | URL:http://www.kb.cert.org/vuls/id/471084 | MISC:http://www.cartel-securite.fr/pbiondi/adv/CARTSA-20030314-icmpleak.txt

Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," and possibly other statements, which causes LSASS.EXE to crash.

BID:7930 | URL:http://www.securityfocus.com/bid/7930 | BUGTRAQ:20030702 CORE-2003-0305-03: Active Directory Stack Overflow | URL:http://marc.info/?l=bugtraq&m=105716669921775&w=2 | CERT-VN:VU#594108 | URL:http://www.kb.cert.org/vuls/id/594108 | MSKB:Q319709 | URL:http://support.microsoft.com/default.aspx?kbid=319709 | SECUNIA:9171 | URL:http://secunia.com/advisories/9171

Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.

BID:10108 | URL:http://www.securityfocus.com/bid/10108 | BUGTRAQ:20040429 MS04011 Lsasrv.dll RPC buffer overflow remote exploit (PoC) | URL:http://marc.info/?l=bugtraq&m=108325860431471&w=2 | CERT:TA04-104A | URL:http://www.us-cert.gov/cas/techalerts/TA04-104A.html | CERT-VN:VU#753212 | URL:http://www.kb.cert.org/vuls/id/753212 | CIAC:O-114 | URL:http://www.ciac.org/ciac/bulletins/o-114.shtml | EEYE:AD20040413C | URL:http://www.eeye.com/html/Research/Advisories/AD20040413C.html | FULLDISC:20040413 EEYE: Windows Local Security Authority Service Remote Buffer Overflow | URL:http://lists.grok.org.uk/pipermail/full-disclosure/2004-April/020069.html | MS:MS04-011 | URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-011 | OVAL:oval:org.mitre.oval:def:883 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A883 | OVAL:oval:org.mitre.oval:def:898 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A898 | OVAL:oval:org.mitre.oval:def:919 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A919 | XF:win-lsass-bo(15699) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/15699

Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures.

APPLE:APPLE-SA-2004-01-26 | URL:http://lists.apple.com/archives/security-announce/2004/Jan/msg00000.html | BID:8911 | URL:http://www.securityfocus.com/bid/8911 | BID:9504 | URL:http://www.securityfocus.com/bid/9504 | BUGTRAQ:20031028 [OpenPKG-SA-2003.046] OpenPKG Security Advisory (apache) | URL:http://www.securityfocus.com/archive/1/342674 | BUGTRAQ:20031031 GLSA: apache (200310-04) | URL:http://marc.info/?l=bugtraq&m=106761802305141&w=2 | CERT-VN:VU#434566 | URL:http://www.kb.cert.org/vuls/id/434566 | CERT-VN:VU#549142 | URL:http://www.kb.cert.org/vuls/id/549142 | CONFIRM:http://docs.info.apple.com/article.html?artnum=61798 | CONFIRM:http://httpd.apache.org/dist/httpd/Announcement2.html | CONFIRM:http://lists.apple.com/mhonarc/security-announce/msg00045.html | HP:HPSBOV02683 | URL:http://marc.info/?l=bugtraq&m=130497311408250&w=2 | HP:HPSBUX0311-301 | URL:http://www.securityfocus.com/advisories/6079 | HP:SSRT090208 | URL:http://marc.info/?l=bugtraq&m=130497311408250&w=2 | IMMUNIX:IMNX-2003-7+-025-01 | MANDRAKE:MDKSA-2003:103 | URL:http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:103 | MLIST:[httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/54a42d4b01968df1117cea77fc53d6beb931c0e05936ad02af93e9ac@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/5df9bfb86a3b054bb985a45ff9250b0332c9ecc181eec232489e7f79@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20200401 svn commit: r1058586 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/r0276683d8e1e07153fc8642618830ac0ade85b9ae0dc7b07f63bb8fc@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20200401 svn commit: r1058587 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/r8828e649175df56f1f9e3919938ac7826128525426e2748f0ab62feb@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ | URL:https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073139 [2/13] - in /websites/staging/httpd/trunk/content: ./ security/json/ | URL:https://lists.apache.org/thread.html/re028d61fe612b0908595d658b9b39e74bca56f2a1ed3c5f06b5ab571@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073140 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/r5419c9ba0951ef73a655362403d12bb8d10fab38274deb3f005816f5@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073140 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/cvejsontohtml.py security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/r2cb985de917e7da0848c440535f65a247754db8b2154a10089e4247b@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073143 [2/3] - in /websites/staging/httpd/trunk/content: ./ security/ | URL:https://lists.apache.org/thread.html/r9e8622254184645bc963a1d47c5d47f6d5a36d6f080d8d2c43b2b142@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [1/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ | URL:https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1073149 [3/13] - in /websites/staging/httpd/trunk/content: ./ security/ security/json/ | URL:https://lists.apache.org/thread.html/raa117ef183f0da9b3f46efbeaa66f7622bd68868a450cae4fd8ed594@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210330 svn commit: r1888194 [2/13] - /httpd/site/trunk/content/security/json/ | URL:https://lists.apache.org/thread.html/r7035b7c9091c4b665a3b7205364775410646f12125d48e74e395f2ce@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210606 svn commit: r1075470 [1/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/rf2f0f3611f937cf6cfb3b4fe4a67f69885855126110e1e3f2fb2728e@%3Ccvs.httpd.apache.org%3E | MLIST:[httpd-cvs] 20210606 svn commit: r1075470 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/json/CVE-2020-13938.json security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html | URL:https://lists.apache.org/thread.html/r5001ecf3d6b2bdd0b732e527654248abb264f08390045d30709a92f6@%3Ccvs.httpd.apache.org%3E | OVAL:oval:org.mitre.oval:def:3799 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3799 | OVAL:oval:org.mitre.oval:def:863 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A863 | OVAL:oval:org.mitre.oval:def:864 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A864 | OVAL:oval:org.mitre.oval:def:9458 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9458 | REDHAT:RHSA-2003:320 | URL:http://www.redhat.com/support/errata/RHSA-2003-320.html | REDHAT:RHSA-2003:360 | URL:http://www.redhat.com/support/errata/RHSA-2003-360.html | REDHAT:RHSA-2003:405 | URL:http://www.redhat.com/support/errata/RHSA-2003-405.html | REDHAT:RHSA-2004:015 | URL:http://www.redhat.com/support/errata/RHSA-2004-015.html | REDHAT:RHSA-2005:816 | URL:http://www.redhat.com/support/errata/RHSA-2005-816.html | SCO:CSSA-2003-SCO.28 | SCO:SCOSA-2004.6 | URL:ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2004.6/SCOSA-2004.6.txt | SECUNIA:10096 | URL:http://secunia.com/advisories/10096 | SECUNIA:10098 | URL:http://secunia.com/advisories/10098 | SECUNIA:10102 | URL:http://secunia.com/advisories/10102 | SECUNIA:10112 | URL:http://secunia.com/advisories/10112 | SECUNIA:10114 | URL:http://secunia.com/advisories/10114 | SECUNIA:10153 | URL:http://secunia.com/advisories/10153 | SECUNIA:10260 | URL:http://secunia.com/advisories/10260 | SECUNIA:10264 | URL:http://secunia.com/advisories/10264 | SECUNIA:10463 | URL:http://secunia.com/advisories/10463 | SECUNIA:10580 | URL:http://secunia.com/advisories/10580 | SECUNIA:10593 | URL:http://secunia.com/advisories/10593 | SGI:20031203-01-U | URL:ftp://patches.sgi.com/support/free/security/advisories/20031203-01-U.asc | SGI:20040202-01-U | URL:ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc | SUNALERT:101444 | URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-101444-1 | SUNALERT:101841 | URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-101841-1 | XF:apache-modalias-modrewrite-bo(13400) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/13400

Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.

BUGTRAQ:20030729 Solaris ld.so.1 buffer overflow | URL:http://marc.info/?l=bugtraq&m=105951760418667&w=2 | IDEFENSE:20030729 Buffer Overflow in Sun Solaris Runtime Linker | URL:http://www.idefense.com/advisory/07.29.03.txt | OSVDB:8722 | URL:http://www.osvdb.org/8722 | OVAL:oval:org.mitre.oval:def:3601 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3601 | SUNALERT:55680 | URL:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/55680 | XF:sun-ldso1-ldpreload-bo(12755) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/12755

Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name.

BID:8267 | URL:http://www.securityfocus.com/bid/8267 | BUGTRAQ:20030725 Oracle Extproc Buffer Overflow (#NISR25072003) | URL:http://marc.info/?l=bugtraq&m=105914979629857&w=2 | BUGTRAQ:20030725 question about oracle advisory | URL:http://marc.info/?l=bugtraq&m=105916455814904&w=2 | CERT-VN:VU#936868 | URL:http://www.kb.cert.org/vuls/id/936868 | CONFIRM:http://otn.oracle.com/deploy/security/pdf/2003alert57.pdf | NTBUGTRAQ:20030725 Oracle Extproc Buffer Overflow (#NISR25072003) | URL:http://marc.info/?l=ntbugtraq&m=105915485303327&w=2 | VULNWATCH:20030912 Update to the Oracle EXTPROC advisory | URL:http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0105.html | XF:oracle-extproc-bo(12721) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/12721

Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL.

BID:8828 | URL:http://www.securityfocus.com/bid/8828 | BUGTRAQ:20031016 Microsoft PCHealth 2003/XP Buffer Overflow (#NISR15102003) | URL:http://marc.info/?l=bugtraq&m=106631908105696&w=2 | CERT:CA-2003-27 | URL:http://www.cert.org/advisories/CA-2003-27.html | CERT-VN:VU#467036 | URL:http://www.kb.cert.org/vuls/id/467036 | MISC:http://www.ngssoftware.com/advisories/ms-pchealth.txt | MS:MS03-044 | URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-044 | NTBUGTRAQ:20031016 Microsoft PCHealth 2003/XP Buffer Overflow (#NISR15102003) | URL:http://marc.info/?l=ntbugtraq&m=106632194809632&w=2 | OVAL:oval:org.mitre.oval:def:217 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A217 | OVAL:oval:org.mitre.oval:def:3685 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3685 | OVAL:oval:org.mitre.oval:def:3889 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3889 | OVAL:oval:org.mitre.oval:def:4706 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4706

Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.

BID:8514 | URL:http://www.securityfocus.com/bid/8514 | BUGTRAQ:20030830 Multiple integer overflows in XFree86 (local/remote) | URL:http://marc.info/?l=bugtraq&m=106229335312429&w=2 | CONECTIVA:CLA-2004:821 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000821 | CONFIRM:http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm | DEBIAN:DSA-380 | URL:http://www.debian.org/security/2003/dsa-380 | MANDRAKE:MDKSA-2003:089 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2003:089 | NETBSD:NetBSD-SA2003-015 | URL:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2003-015.txt.asc | REDHAT:RHSA-2003:286 | URL:http://www.redhat.com/support/errata/RHSA-2003-286.html | REDHAT:RHSA-2003:287 | URL:http://www.redhat.com/support/errata/RHSA-2003-287.html | REDHAT:RHSA-2003:288 | URL:http://www.redhat.com/support/errata/RHSA-2003-288.html | REDHAT:RHSA-2003:289 | URL:http://www.redhat.com/support/errata/RHSA-2003-289.html | SECUNIA:24168 | URL:http://secunia.com/advisories/24168 | SECUNIA:24247 | URL:http://secunia.com/advisories/24247 | SGI:20031101-01-U | URL:ftp://patches.sgi.com/support/free/security/advisories/20031101-01-U.asc | SUNALERT:102803 | URL:http://sunsolve.sun.com/search/document.do?assetkey=1-26-102803-1 | VUPEN:ADV-2007-0589 | URL:http://www.vupen.com/english/advisories/2007/0589

The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.

BID:8677 | URL:http://www.securityfocus.com/bid/8677 | BUGTRAQ:20030923 Multiple PAM vulnerabilities in portable OpenSSH | URL:http://www.securityfocus.com/archive/1/338617 | BUGTRAQ:20030923 Portable OpenSSH 3.7.1p2 released | URL:http://www.securityfocus.com/archive/1/338616 | CERT-VN:VU#209807 | URL:http://www.kb.cert.org/vuls/id/209807 | CONFIRM:http://www.openssh.com/txt/sshpam.adv | FULLDISC:20030924 [OpenPKG-SA-2003.042] OpenPKG Security Advisory (openssh) | URL:http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010812.html

Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API.

BID:9011 | URL:http://www.securityfocus.com/bid/9011 | BUGTRAQ:20031111 EEYE: Windows Workstation Service Remote Buffer Overflow | URL:http://marc.info/?l=bugtraq&m=106859247713009&w=2 | BUGTRAQ:20031112 Proof of concept for Windows Workstation Service overflow | URL:http://marc.info/?l=bugtraq&m=106865197102041&w=2 | CERT:CA-2003-28 | URL:http://www.cert.org/advisories/CA-2003-28.html | CERT-VN:VU#567620 | URL:http://www.kb.cert.org/vuls/id/567620 | CISCO:20040129 Buffer Overrun in Microsoft Windows 2000 Workstation Service (MS03-049) | URL:http://www.cisco.com/warp/public/707/cisco-sa-20040129-ms03-049.shtml | MS:MS03-049 | URL:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-049 | OVAL:oval:org.mitre.oval:def:331 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A331 | OVAL:oval:org.mitre.oval:def:575 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A575

Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname.

DEBIAN:DSA-392 | URL:http://www.debian.org/security/2003/dsa-392

Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command.

BUGTRAQ:20031001 ptl-2003-01: IBM DB2 LOAD Command Stack Overflow Vulnerability | MISC:https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2003-0836

Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command.

BID:8743 | URL:http://www.securityfocus.com/bid/8743 | BUGTRAQ:20031001 ptl-2003-02: IBM DB2 INVOKE Command Stack Overflow Vulnerability | URL:http://marc.info/?l=bugtraq&m=106503709914622&w=2 | XF:db2-invoke-bo(13331) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/13331

Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header.

BUGTRAQ:20030601 Mod_gzip Debug Mode Vulnerabilities | URL:http://marc.info/?l=bugtraq&m=105457180009860&w=2

OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow.

BID:8978 | URL:http://www.securityfocus.com/bid/8978 | CONFIRM:http://marc.info/?l=openbsd-security-announce&m=106808820119679&w=2 | CONFIRM:http://marc.info/?l=openbsd-security-announce&m=106917441524978&w=2 | FULLDISC:20031104 OpenBSD kernel overflow, yet still *BSD much better than windows | URL:http://lists.grok.org.uk/pipermail/full-disclosure/2003-November/013315.html | MISC:http://www.guninski.com/msuxobsd2.html | OPENBSD:20031104 010: RELIABILITY FIX: November 4, 2003 | URL:http://www.openbsd.org/errata33.html | OPENBSD:20031105 005: RELIABILITY FIX: November 4, 2003 | URL:ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/005_exec.patch

Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute.

BUGTRAQ:20031126 FreeRADIUS <= 0.9.3 rlm_smb module stack overflow vulnerability | URL:http://marc.info/?l=bugtraq&m=106986437621130&w=2

Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.

BID:8658 | URL:http://www.securityfocus.com/bid/8658 | BUGTRAQ:20030919 uninitialized buffer in midnight commander | URL:http://archive.cert.uni-stuttgart.de/bugtraq/2003/09/msg00309.html | BUGTRAQ:20040405 [OpenPKG-SA-2004.009] OpenPKG Security Advisory (mc) | URL:http://marc.info/?l=bugtraq&m=108118433222764&w=2 | CALDERA:CSSA-2004-014.0 | URL:ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2004-014.0.txt | CONECTIVA:CLA-2004:833 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000833 | DEBIAN:DSA-424 | URL:http://www.debian.org/security/2004/dsa-424 | FEDORA:FEDORA-2004-058 | URL:http://fedoranews.org/updates/FEDORA-2004-058.shtml | FEDORA:FLSA:1224 | URL:http://www.redhat.com/archives/fedora-legacy-announce/2004-May/msg00002.html | GENTOO:GLSA-200403-09 | URL:http://security.gentoo.org/glsa/glsa-200403-09.xml | MANDRAKE:MDKSA-2004:007 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2004:007 | OVAL:oval:org.mitre.oval:def:822 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A822 | REDHAT:RHSA-2004:034 | URL:http://rhn.redhat.com/errata/RHSA-2004-034.html | REDHAT:RHSA-2004:035 | URL:http://rhn.redhat.com/errata/RHSA-2004-035.html | SECUNIA:10645 | URL:http://secunia.com/advisories/10645 | SECUNIA:10685 | URL:http://secunia.com/advisories/10685 | SECUNIA:10716 | URL:http://secunia.com/advisories/10716 | SECUNIA:10772 | URL:http://secunia.com/advisories/10772 | SECUNIA:10823 | URL:http://secunia.com/advisories/10823 | SECUNIA:11219 | URL:http://secunia.com/advisories/11219 | SECUNIA:11262 | URL:http://secunia.com/advisories/11262 | SECUNIA:11268 | URL:http://secunia.com/advisories/11268 | SECUNIA:11296 | URL:http://secunia.com/advisories/11296 | SECUNIA:9833 | URL:http://secunia.com/advisories/9833 | SGI:20040201-01-U | URL:ftp://patches.sgi.com/support/free/security/advisories/20040201-01-U.asc | SGI:20040202-01-U | URL:ftp://patches.sgi.com/support/free/security/advisories/20040202-01-U.asc | XF:midnight-commander-vfssresolvesymlink-bo(13247) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/13247

Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code via a long HTTP request.

BID:9099 | URL:http://www.securityfocus.com/bid/9099 | BUGTRAQ:20031124 Monit 4.1 HTTP interface multiple security vulnerabilities | URL:http://www.securityfocus.com/archive/1/345417 | CERT-VN:VU#623854 | URL:http://www.kb.cert.org/vuls/id/623854 | CONFIRM:http://www.tildeslash.com/monit/dist/CHANGES.txt | GENTOO:GLSA-200403-14 | URL:http://security.gentoo.org/glsa/glsa-200403-14.xml | SECUNIA:10280 | URL:http://secunia.com/advisories/10280 | XF:monit-http-bo(13817) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/13817

Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request.

BID:8965 | URL:http://www.securityfocus.com/bid/8965 | MISC:http://www.elitehaven.net/iawebmail.txt | MISC:http://www.securiteam.com/windowsntfocus/6B002158UQ.html | OSVDB:2757 | URL:http://www.osvdb.org/2757 | SECTRACK:1008075 | URL:http://securitytracker.com/id?1008075 | SECUNIA:10107 | URL:http://secunia.com/advisories/10107 | VULNWATCH:20031103 IA WebMail Server 3.x Buffer Overflow Vulnerability | URL:http://www.derkeiler.com/Mailing-Lists/VulnWatch/2003-11/0001.html | XF:iawebmailserver-get-bo(13580) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/13580

Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi.

BID:9317 | URL:http://www.securityfocus.com/bid/9317 | BUGTRAQ:20031229 [Hat-Squad] Remote buffer overflow in Mdaemon Raw message Handler | URL:http://www.securityfocus.com/archive/1/348454 | BUGTRAQ:20040314 Rosiello Security's exploit for MDaemon | URL:http://marc.info/?l=bugtraq&m=107936753929354&w=2 | MISC:http://hat-squad.com/bugreport/mdaemon-raw.txt | OSVDB:3255 | URL:http://www.osvdb.org/3255 | SECUNIA:10512 | URL:http://secunia.com/advisories/10512 | XF:mdaemon-form2raw-from-bo(14097) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/14097

Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attackers to execute arbitrary code via (1) a long response to a PWD command, which triggers a stack-based overflow, and (2) a long line in a response to a file LIST command, which triggers a heap-based overflow.

BID:7858 | URL:http://www.securityfocus.com/bid/7858 | BID:7861 | URL:http://www.securityfocus.com/bid/7861 | BUGTRAQ:20030608 [SmartFTP] Two Buffer Overflow Vulnerabilities | URL:http://archives.neohapsis.com/archives/bugtraq/2003-06/0083.html | MISC:http://security.nnov.ru/docs4679.html | SECTRACK:1006956 | URL:http://securitytracker.com/id?1006956 | SECUNIA:8998 | URL:http://secunia.com/advisories/8998 | XF:smartftp-long-list-bo(12231) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/12231 | XF:smartftp-pwd-directory-bo(12228) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/12228

Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command.

BID:7842 | URL:http://www.securityfocus.com/bid/7842 | BUGTRAQ:20030606 Multiple Buffer Overflow Vulnerabilities Found in MERCUR Mail server v.4.2 (SP2) - IMAP protocol | URL:http://www.securityfocus.com/archive/1/324136 | XF:mercur-multiple-bo(12203) | URL:http://www.iss.net/security_center/static/12203.php

Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453.

BID:7887 | URL:http://www.securityfocus.com/bid/7887 | CONFIRM:http://bugs.mysql.com/bug.php?id=564 | FULLDISC:20030612 libmysqlclient 4.x and below mysql_real_connect() buffer overflow. | URL:http://archives.neohapsis.com/archives/fulldisclosure/2003-q2/1303.html | XF:mysql-mysqlrealconnect-bo(12337) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/12337

Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201.

MISC:http://www.securiteam.com/exploits/5TP0M2AAKS.html | REDHAT:RHSA-2003:096 | URL:http://www.redhat.com/support/errata/RHSA-2003-096.html | XF:samba-reply-nttrans-bo(12749) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/12749

Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll.

BUGTRAQ:20031207 eZ Multiple Packages Stack Overflow Vulnerability | URL:http://marc.info/?l=bugtraq&m=107090390002654&w=2 | BUGTRAQ:20031211 eZ and eZphotoshare fixes | URL:http://seclists.org/bugtraq/2003/Dec/0195.html | EXPLOIT-DB:133 | URL:https://www.exploit-db.com/exploits/133 | MISC:http://www.governmentsecurity.org/archive/t5390.html | SECTRACK:1008412 | URL:http://securitytracker.com/id?1008412

Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long pathname.

BID:6822 | URL:http://www.securityfocus.com/bid/6822 | BUGTRAQ:20030211 SECURITY.NNOV: Far buffer overflow | URL:http://www.securityfocus.com/archive/1/311334 | SREASON:3281 | URL:http://securityreason.com/securityalert/3281 | XF:far-long-path-bo(11293) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/11293

Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.

BID:9691 | URL:http://www.securityfocus.com/bid/9691 | CIAC:O-082 | URL:http://www.ciac.org/ciac/bulletins/o-082.shtml | CONECTIVA:CLA-2004:820 | URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000820 | DEBIAN:DSA-479 | URL:http://www.debian.org/security/2004/dsa-479 | DEBIAN:DSA-480 | URL:http://www.debian.org/security/2004/dsa-480 | DEBIAN:DSA-481 | URL:http://www.debian.org/security/2004/dsa-481 | DEBIAN:DSA-482 | URL:http://www.debian.org/security/2004/dsa-482 | DEBIAN:DSA-489 | URL:http://www.debian.org/security/2004/dsa-489 | DEBIAN:DSA-491 | URL:http://www.debian.org/security/2004/dsa-491 | DEBIAN:DSA-495 | URL:http://www.debian.org/security/2004/dsa-495 | FEDORA:FEDORA-2004-079 | URL:http://fedoranews.org/updates/FEDORA-2004-079.shtml | MANDRAKE:MDKSA-2004:015 | URL:http://www.mandriva.com/security/advisories?name=MDKSA-2004:015 | OVAL:oval:org.mitre.oval:def:1035 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1035 | OVAL:oval:org.mitre.oval:def:11388 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11388 | OVAL:oval:org.mitre.oval:def:835 | URL:https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A835 | REDHAT:RHSA-2004:065 | URL:http://www.redhat.com/support/errata/RHSA-2004-065.html | REDHAT:RHSA-2004:069 | URL:http://www.redhat.com/support/errata/RHSA-2004-069.html | REDHAT:RHSA-2004:188 | URL:http://www.redhat.com/support/errata/RHSA-2004-188.html | SUSE:SuSE-SA:2004:005 | URL:http://www.novell.com/linux/security/advisories/2004_05_linux_kernel.html | TURBO:TLSA-2004-05 | URL:http://www.securityfocus.com/advisories/6759 | XF:linux-ncplookup-gain-privileges(15250) | URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/15250