Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics: write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = same, Container = no, Pointer = no, Index complexity = function re...

TXT Record Overflow: CVE-2002-0906. Patched version. From MIT benchmarks (models/sendmail/s7) A buffer overflow poses the risk of a denial of service attack or possibly execution of arbitrary code via a malicious DNS server. Patched file: txt-dns-file-ok.c Patched line number: 315, 317

TXT Record Overflow: CVE-2002-0906. From MIT benchmarks (models/sendmail/s7) A buffer overflow poses the risk of a denial of service attack or possibly execution of arbitrary code via a malicious DNS server. Bad file: txt-dns-file-bad.c Bad line number: 328, 330 Taxonomy Classification: 000134...

tTflag Buffer Underrun: CVE-2001-0653. Patched version. From MIT benchmarks (models/sendmail/s6) Due to a type casting side effect (assigning unsigned int to signed int), it is possible to write data to a negative index of a buffer. Patched file: tTflag-ok.c Patched line number: 169

tTflag Buffer Underrun: CVE-2001-0653. From MIT benchmarks (models/sendmail/s6) Due to a type casting side effect (assigning unsigned int to signed int), it is possible to write data to a negative index of a buffer. Bad file: tTflag-bad.c Bad line number: 170 To fix, declare indexes as unsigne...

prescan() overflow: CA-2003-12 Patched version. From MIT benchmarks (models/sendmail/s5) The buffer overflow results from an unintended type cast from a signed character to a signed integer. Patched file: prescan-overflow-ok.c Patched line number: 404, 431, 535

prescan() overflow: CA-2003-12 From MIT benchmarks (models/sendmail/s5) The buffer overflow results from an unintended type cast from a signed character to a signed integer. Bad file: prescan-overflow-bad.c Bad line number: 399, 420, 519 Taxonomy Classification: 0000506111404

Sendmail 8.8.3/8.8.4 MIME Overflow CVE-1999-0047. Patched version. From MIT benchmarks (models/sendmail/s4) A remote attacker can send a cleverly crafted e-mail message and trigger a buffer overflow, gaining root access on the server running Sendmail. Patched file: mime2-ok.c Patched line numbe...

Sendmail 8.8.3/8.8.4 MIME Overflow CVE-1999-0047. From MIT benchmarks (models/sendmail/s4) A remote attacker can send a cleverly crafted e-mail message and trigger a buffer overflow, gaining root access on the server running Sendmail. Bad file: mime2-bad.c Bad line number: 203, 216, 230, 234, 2...

Sendmail 8.8.0/8.8.1 MIME Overflow CVE-1999-0206. Patched version. From MIT benchmarks (models/sendmail/s3) A remote attacker can send a cleverly crafted e-mail message and trigger a buffer overflow, gaining root access on the server running Sendmail. Patched file: mime1-ok.c Patched line numbe...

Sendmail 8.8.0/8.8.1 MIME Overflow CVE-1999-0206. From MIT benchmarks (models/sendmail/s3) A remote attacker can send a cleverly crafted e-mail message and trigger a buffer overflow, gaining root access on the server running Sendmail. Bad file: mime1-bad.c Bad line number: 239, 254, 266 Taxono...

Gecos Overflow: CVE-1999-0131. Patched version. From MIT benchmarks (models/sendmail/s2) A buffer overflow in the code that handles user"s gecos field (real name field) which is found in the password file. Patched file: recipient-ok.c Patched line numbers: 184, 308 Patched file: util-ok.c Pat...

Gecos Overflow: CVE-1999-0131. From MIT benchmarks (models/sendmail/s2) A buffer overflow in the code that handles user"s gecos field (real name field) which is found in the password file. Bad file: util-bad.c Bad line numbers: 184, 308 Taxonomy classification: 0000406321103

Remote Sendmail Header Processing Vulnerability: CA-2003-07 Patched version. From MIT benchmarks (models/sendmail/s1) Buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending e-mails with cleverly formatted address fields related to the sender and recipient ...

Remote Sendmail Header Processing Vulnerability: CA-2003-07 From MIT benchmarks (models/sendmail/s1) Buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending e-mails with cleverly formatted address fields related to the sender and recipient header comments. ...

IQUERY-BUG CA-98.05, CVE-1999-0009. Patched version. From MIT benchmarks (models/bind/b3) A buffer overflow resulting from improperly bounds checking a memcpy call when responding to inverse query requests. Patched file: iquery-ok.c Patched line number: 142

IQUERY-BUG CA-98.05, CVE-1999-0009. From MIT benchmarks (models/bind/b3) A buffer overflow resulting from improperly bounds checking a memcpy call when responding to inverse query requests. Bad file: iquery-bad.c Bad line number: 135 Taxonomy classification: 0000301200004

NXT-BUG: CA-1999-14. Patched version. From MIT benchmarks (models/bind/b1) A buffer overflow in memcpy function in the code handling NXT resource records. Patched file: nxt-ok.c Patched line number: 455

NXT-BUG: CA-1999-14. From MIT benchmarks (models/bind/b1) A buffer overflow in memcpy function in the code handling NXT resource records. Bad file: nxt-bad.c Bad line number: 405 Taxonomy classification : 0060301212004

SIG-BUG: CA-1999-14. Patched version. From MIT benchmarks (models/bind/b2) A buffer overflow caused by improper handling of SIG records Patched file: sig-ok.c Patched line number: 538

SIG-BUG: CA-1999-14. From MIT benchmarks (models/bind/b2) A buffer overflow caused by improper handling of SIG records Bad file: sig-bad.c Bad line number: 561 Taxonomy classification : 0060301212004

nslookupComplain vulnerability: CA-2001-02. Patched version. From MIT benchmarks (models/bind/b4) Unchecked sprintf call. An attacker may be able to construct a long query that overflows the stack buffer and overwrites the return address of nslookupComplain with the address of the attacker"s she...

nslookupComplain vulnerability: CA-2001-02. From MIT benchmarks (models/bind/b4) Unchecked sprintf call. An attacker may be able to construct a long query that overflows the stack buffer and overwrites the return address of nslookupComplain with the address of the attacker"s shell code. Bad file...

Mapped CHDIR overflow CA-1999-13, CVE-1999-0878. Patched version. From MIT benchmarks (models/wu-ftpd/f1) Unchecked strcpy and strcat calls that copy tainted pathnames into a buffer. Patched file: mapped-path-ok.c Patched line number: 102, 144, 148, 167

Mapped CHDIR overflow CA-1999-13, CVE-1999-0878. From MIT benchmarks (models/wu-ftpd/f1) Unchecked strcpy and strcat calls that copy tainted pathnames into a buffer. Bad file: mapped-path-bad.c Bad line number: 107. path[] overflow. Taxonomy Classification : 0000100601130000051410 Bad line nu...