A buffer overflow vulnerability has been reported for CMailServer. The vulnerability exists due to insufficient bounds checking when parsing e-mail headers. Specifically, an overly long RCPT TO e-mail header will cause CMailServer to crash and corrupt sensitive memory.
A buffer overflow vulnerability has been reported for CMailServer. The vulnerability exists due to insufficient bounds checking when parsing e-mail headers. Specifically, an overly long MAIL FROM e-mail header will cause CMailServer to crash and corrupt sensitive memory.
A buffer overflow has been discovered in the setuid root program gds_inet_server, packaged with Firebird. This problem could allow a local user to execute the program with strings of arbitrary length. By using a custom crafted string, the attacker could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code as root.
Mdaemon is vulnerable to a heap overflow vulnerability when a maliciously crafted USER command is sent to the server. This exploit overwrites UnhandledExceptionFilter, and jumps to an egghunter shellcode which then scans the memory, and executes a bindshell on port 4444. The exploit is partially working on unpatched Win2k boxes, but may result in a crash or Mdaemon process shooting up to 100%.
Due to insufficient sanitization of some user-supplied variables by the 'News.php' and 'Install.php' scripts, it is possible for a remote attacker to include a malicious PHP file in a URL. Successful exploitation will result in the execution of the attacker-supplied PHP instructions with the privileges of the web server.
Microsoft SQL Server is prone to an exploitable buffer overrun vulnerability via the Jet Database Engine. This can occur while the JET 4.0 OLE DB data provider is querying data supplied via a remote source and is due to insufficient bounds checking of parameters of heterogeneous or ad hoc query methods.
Internet Explorer is reported to be vulnerable to a zone bypass issue. Allegedly, if Internet Explorer attempts to open a web page containing numerous 'file://' requests each contained in a separate Iframe, the requested file will eventually be executed in the Local Computer zone.
A memory corruption vulnerability has been reported for LTris that may result in a local attacker obtaining group 'games' privileges. The exploit code is written in Perl and contains a shellcode that is 520 bytes long. The exploit code sets the environment variable 'HOME' to the buffer containing the shellcode and executes the vulnerable application 'ltris'.
ListProc catmail has been reported prone to a buffer overflow vulnerability when handling a ULISTPROC_UMASK environment variable of excessive length. The issue is likely due to a lack of sufficient bounds checking performed when copying the contents of the ULISTPROC_UMASK environment variable into an internal memory buffer. Ultimately an attacker may exploit this vulnerability to execute arbitrary operation codes. Code execution would occur in the context of the ListProc catmail application, typically root.
It has been reported that a problem in the HappyMall E-Commerce software package could allow an attacker to pass arbitrary commands through the normal_html.cgi script. This could lead to attacks against system resources.
Services By CQR