Easy Homepage Creator fails to properly authenticate users who wish to edit home pages, allowing an attacker to modify any user's home page.
A buffer overflow vulnerability exists in the Lucent Access Point series of routers due to insufficient bounds checking of user-supplied input. An attacker can send a HTTP request consisting of approximately 4000 characters of data to cause the device to reboot, resulting in an interruption of service for legitimate users of the device.
KaZaA may consume large amounts of CPU when processing a sequence of large messages. It is possible for an attacker to flood a vulnerable system with a large number of messages, resulting in a denial of service condition.
The Microsoft SQL Server 2000 sp_MScopyscript stored procedure does not sufficiently validate input before passing it to the xp_cmdshell extended stored procedure. An attacker with the ability to execute a query or pass malicious input to a query may be able to execute operating system commands via xp_cmdshell with the privileges of the SQL Server. The sp_MScopyscript stored procedure may be executed by the 'public' role by default, so it is possible that a database user with privileges may potentially exploit this issue. The Microsoft SQL Server must be configured to function as a distributor for this issue to be exploited. Certain other conditions must be satisfied for exploitation to succeed, such as the SQL Server running in the context of a domain user. By supplying a malformed @scriptfile parameter an attacker can run arbitrary commands.
A vulnerability exists in Microsoft SQL Server 2000 due to a buffer overflow in the Database Consistency Checkers (DBCC) utilities. An attacker can exploit this vulnerability by sending a specially crafted request to the server, which could allow the attacker to execute arbitrary code with the privilege level of the SQL Server service account.
CacheOS is vulnerable to Cross-Site Scripting (XSS) attacks due to insufficient sanitization of user-supplied data. An attacker can construct a link for a nonexistant subdomain of a valid site, and include malicious JavaScript. If followed, the supplied script code will execute within the context of the requested domain.
Pegasus Mail is vulnerable to a buffer overflow condition when processing some long message headers. If either the 'To:' or 'From:' message headers are longer than approximately 259 characters, Pegasus may crash when displaying the message.
Pine is vulnerable to a buffer overflow when a mail is received with a blank MIME boundary. This can cause a core dump in the pine client, and could be used to deny service to legitimate users of the client.
A buffer overflow vulnerability has been reported in CodeBlue. The condition occurs when processing responses from SMTP servers. It may be possible for malicious SMTP servers to execute shellcode on hosts running CodeBlue.
A vulnerability has been reported for Cobalt Qube that may allow an attacker to bypass the authentication mechanism and obtain administrative privileges. The authentication mechanism fails to properly validate the input supplied in the client cookie. Thus it is possible for an attacker to refer to a file on the filesystem as that containing the session key. This vulnerability may be exploited by remote attackers to obtain administrative privileges on the device. An attacker can use the curl command to delete the password file and obtain administrative credentials on the vulnerable system.
Services By CQR