Sendmail 8.8.0/8.8.1 MIME Overflow CVE-1999-0206. From MIT benchmarks (models/sendmail/s3) A remote attacker can send a cleverly crafted e-mail message and trigger a buffer overflow, gaining root access on the server running Sendmail. Bad file: mime1-bad.c Bad line number: 239, 254, 266 Taxono...

Gecos Overflow: CVE-1999-0131. Patched version. From MIT benchmarks (models/sendmail/s2) A buffer overflow in the code that handles user"s gecos field (real name field) which is found in the password file. Patched file: recipient-ok.c Patched line numbers: 184, 308 Patched file: util-ok.c Pat...

Gecos Overflow: CVE-1999-0131. From MIT benchmarks (models/sendmail/s2) A buffer overflow in the code that handles user"s gecos field (real name field) which is found in the password file. Bad file: util-bad.c Bad line numbers: 184, 308 Taxonomy classification: 0000406321103

Remote Sendmail Header Processing Vulnerability: CA-2003-07 Patched version. From MIT benchmarks (models/sendmail/s1) Buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending e-mails with cleverly formatted address fields related to the sender and recipient ...

Remote Sendmail Header Processing Vulnerability: CA-2003-07 From MIT benchmarks (models/sendmail/s1) Buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending e-mails with cleverly formatted address fields related to the sender and recipient header comments. ...

IQUERY-BUG CA-98.05, CVE-1999-0009. Patched version. From MIT benchmarks (models/bind/b3) A buffer overflow resulting from improperly bounds checking a memcpy call when responding to inverse query requests. Patched file: iquery-ok.c Patched line number: 142

IQUERY-BUG CA-98.05, CVE-1999-0009. From MIT benchmarks (models/bind/b3) A buffer overflow resulting from improperly bounds checking a memcpy call when responding to inverse query requests. Bad file: iquery-bad.c Bad line number: 135 Taxonomy classification: 0000301200004

NXT-BUG: CA-1999-14. Patched version. From MIT benchmarks (models/bind/b1) A buffer overflow in memcpy function in the code handling NXT resource records. Patched file: nxt-ok.c Patched line number: 455

NXT-BUG: CA-1999-14. From MIT benchmarks (models/bind/b1) A buffer overflow in memcpy function in the code handling NXT resource records. Bad file: nxt-bad.c Bad line number: 405 Taxonomy classification : 0060301212004

SIG-BUG: CA-1999-14. Patched version. From MIT benchmarks (models/bind/b2) A buffer overflow caused by improper handling of SIG records Patched file: sig-ok.c Patched line number: 538

SIG-BUG: CA-1999-14. From MIT benchmarks (models/bind/b2) A buffer overflow caused by improper handling of SIG records Bad file: sig-bad.c Bad line number: 561 Taxonomy classification : 0060301212004

nslookupComplain vulnerability: CA-2001-02. Patched version. From MIT benchmarks (models/bind/b4) Unchecked sprintf call. An attacker may be able to construct a long query that overflows the stack buffer and overwrites the return address of nslookupComplain with the address of the attacker"s she...

nslookupComplain vulnerability: CA-2001-02. From MIT benchmarks (models/bind/b4) Unchecked sprintf call. An attacker may be able to construct a long query that overflows the stack buffer and overwrites the return address of nslookupComplain with the address of the attacker"s shell code. Bad file...

Mapped CHDIR overflow CA-1999-13, CVE-1999-0878. Patched version. From MIT benchmarks (models/wu-ftpd/f1) Unchecked strcpy and strcat calls that copy tainted pathnames into a buffer. Patched file: mapped-path-ok.c Patched line number: 102, 144, 148, 167

Mapped CHDIR overflow CA-1999-13, CVE-1999-0878. From MIT benchmarks (models/wu-ftpd/f1) Unchecked strcpy and strcat calls that copy tainted pathnames into a buffer. Bad file: mapped-path-bad.c Bad line number: 107. path[] overflow. Taxonomy Classification : 0000100601130000051410 Bad line nu...

Realpath() overflow CERT advisory: CA-1999-03/CVE-1999-0368. PATCHED version. From MIT benchmarks (models/wu-ftpd/f3). A path overflow inside realpath() function that canonicalizes a pathname. To exploit this vulnerability, an attacker would first have to create a deep directory structure. Patc...

Realpath() overflow CERT advisory: CA-1999-03/CVE-1999-0368. From MIT benchmarks (models/wu-ftpd/f3) A path overflow inside realpath() function that canonicalizes a pathname. To exploit this vulnerability, an attacker would first have to create a deep directory structure. Bad file: realpath-2.4...

Off-by-one overflow in fb_realpath() CAN-2003-0466. PATCHED version. From MIT benchmarks (models/wu-ftpd/f2) An off-by-one overflow inside the fb_realpath() function that expands a condensed pathname into a fully qualified pathname. To exploit this vulnerability, an attacker would first have to ...

Off-by-one overflow in fb_realpath() CAN-2003-0466. From MIT benchmarks (models/wu-ftpd/f2) An off-by-one overflow inside the fb_realpath() function that expands a condensed pathname into a fully qualified pathname. To exploit this vulnerability, an attacker would first have to create a deep dir...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = inter-file/inter-procedural, Container = no, Pointer = no, Index complexity = N/A, Addres...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = inter-file/inter-procedural, Container = no, Pointer = no, Index complexity = N/A, Addres...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = inter-file/inter-procedural, Container = no, Pointer = no, Index complexity = N/A, Addres...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = inter-file/inter-procedural, Container = no, Pointer = no, Index complexity = N/A, Addres...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = inter-file/inter-procedural, Container = no, Pointer = no, Index complexity = N/A, Addres...

Buffer Overflow. This code has been donated by MIT. This test case has the following characteristics : write/read = Write, Which bound = Upper, Data type = character, Memory location = stack, Scope = inter-file/inter-procedural, Container = no, Pointer = no, Index complexity = N/A, Addres...