Security
Headlines
HeadlinesLatestCVEs

Tag

#perl

CVE-2003-0789

mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.

CVE
#apache#perl
CVE-2001-1583: 'Solaris LPD Exploit (fwd)' - MARC

lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.

CVE-1999-0880: IBM X-Force Exchange

Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.

CVE-1999-0813: IBM X-Force Exchange

Cfingerd with ALLOW_EXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges.

CVE-1999-0602

A network intrusion detection system (IDS) does not properly reassemble fragmented packets.

CVE-1999-0667: 'Redir games with ARP and ICMP'

The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service.