Platforms: AIX, HPUX, IRIX, Solaris, SCO, NCR MP-RAS. Status:CandidateĪCCEPT(8) Baker, Cole, Collins, Dik, Hill, Northcutt, Shostack, Wallįrech> This vulnerability also manifests itself for the following This may also be a duplicate with CVE-1999-0306.Ĭommand execution in Sun systems via buffer overflow in the at program. Information about vulnerabilities in xlock. Levy> Notice that this xlock overflow is the same as inĬhristey> As pointed out by Elias, CA-97.21 states: "For more Reference: CERT:CA-97.21.sgi_buffer_overflowĪs per xlock-bo, also appears on AIX, BSDI, DG/UX, FreeBSD, Solaris, andĪlso, don't you mean to cite SGI:19970502-02-PX? The one you list is Root privileges via buffer overflow in xlock command on SGI IRIX systems. REJECT(2) Baker, Christey Voter Comments:Ĭhristey> DUPE CVE-1999-0032, which includes XF:lpr-bo Name: CVE-1999-0030 Description: All references and descriptions in this candidate have been removed to prevent accidental usage.
Notes: All CVE users should reference CVE-1999-0032 instead of this candidate. Reason: This candidate is a duplicate of CVE-1999-0032. Problems keep separate candidates because one problem appearsĬonsider BUGTRAQ:19971113 Linux IP fragment overlap bugĭO NOT USE THIS CANDIDATE NUMBER. Reference: OVAL:oval::def:5579Ĭhristey> Not sure how many separate "instances" of Teardrop there are.
#Doshttp 2.5.1 download pro
This suggestion, I will not be devastated.) :-)Ĭhristey> This issue seems to have been rediscovered inīUGTRAQ:20000515 Eudora Pro & Outlook Overflow - too long filenames againīUGTRAQ:19990320 Eudora Attachment Buffer OverflowĬVE-2000-0415 may be a later rediscovery of this problemĬhristey> BUGTRAQ:19980730 Long Filenames & Lotus Products Reference: CERT:CA-98.10.mime_buffer_overflowsĪCCEPT(8) Baker, Cole, Collins, Dik, Landfield, Magdych, Northcutt, Wallįrech> Extremely minor, but I believe e-mail is the correct term. MIME buffer overflow in email clients, e.g. CERT:CA-1998-13 is too vague to be sure withoutįurther analysis. This assignment was based solely on references to the CERT advisory.Ĭhristey> The description for BID:190, which links to CVE-1999-0052 (aįreeBSD advisory), notes that the patches provided by FreeBSD inĬERT:CA-1998-13 suggest a connection between CVE-1999-0001 andĬVE-1999-0052. So, CVE-1999-0257 and CVE-1999-0052 may be the same, thoughĬVE-1999-0052 should be RECAST since this bug affects Linux
#Doshttp 2.5.1 download Patch
The FreeBSD patch for CVE-1999-0052 is in line 750. The patch for nestea is in ip_input.c around line 750.
To nestea (CVE-1999-0257) and probably the one described inīUGTRAQ:19981023 nestea v2 against freebsd 3.0-Release "short packets with certain options set," so the descriptionīut is this the same as CVE-1999-0052? That one is related Reference: CERT:CA-98-13-tcp-denial-of-serviceĬhristey> A Bugtraq posting indicates that the bug has to do with Reference: BUGTRAQ:19981223 Re: CERT Advisory CA-98.13 - TCP/IP Denial of Service Ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets.
0 kommentar(er)
