Network Security News – Sunday, May 08, 2005 Events
NetTerm NetFtpd USER Command Remote Overflow
A remote overflow exists in NetTerm NetFtpd. NetFtpd fails to handle overly long input to the USER command resulting in a buffer overflow. With a specially crafted request, a remote attacker can execute arbitrary code resulting in a loss of integrity.. Read more at osvdb.org/15865
WebApp E-Cart index.cgi art Parameter Arbitrary Command Execution
WebApp E-Cart contains a flaw that may allow a remote attacker to execute arbitrary commands. The issue is due to the 'art' parameter in the 'index.cgi' script not being properly sanitized and may allow a remote attacker to execute arbitrary commands via shell metacharacters resulting in a loss of integrity.. Read more at osvdb.org/15738
GlobalScape Secure FTP Command Parsing Remote Overflow
A remote overflow exists in GlobalSCAPE Secure FTP Server. The Secure FTP Server fails to perform adequate bounds checking of user-supplied input resulting in a buffer overflow. With a specially crafted request in the format "[3000 Bytes] \r\n" , an attacker can overwrite the EIP and SEH registers and execute arbitrary code on the system, resulting in a loss of integrity.. Read more at osvdb.org/16049
CVS Unspecifed Remote Overflow
An unspecified remote overflow exists in CVS. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.. Read more at osvdb.org/15670
Leave a Reply