Ncsa: Security Vulnerabilities
MyProxy 5.0 through 5.2, as used in Globus Toolkit 5.0.0 through 5.0.2, does not properly verify the (1) hostname or (2) identity in the X.509 certificate for the myproxy-server, which allows remote attackers to spoof the server and conduct man-in-the-middle (MITM) attacks via a crafted certificate when executing (a) myproxy-logon or (b) myproxy-get-delegation.
CVSS Score
4.3
EPSS Score
0.008
Published
2011-02-02
Heap-based buffer overflow in the env_opt_add function in telnet.c for various BSD-based Telnet clients allows remote attackers to execute arbitrary code via responses that contain a large number of characters that require escaping, which consumers more memory than allocated.
CVSS Score
7.5
EPSS Score
0.525
Published
2005-05-02
Buffer overflow in the slc_add_reply function in various BSD-based Telnet clients, when handling LINEMODE suboptions, allows remote attackers to execute arbitrary code via a reply with a large number of Set Local Character (SLC) commands.
CVSS Score
7.5
EPSS Score
0.478
Published
2005-05-02
Buffer overflow in NCSA HTTP daemon v1.3 allows remote command execution.
CVSS Score
7.5
EPSS Score
0.066
Published
1997-09-23
The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file.
CVSS Score
7.5
EPSS Score
0.053
Published
1997-07-15
phf CGI program allows remote command execution through shell metacharacters.
CVSS Score
10.0
EPSS Score
0.918
Published
1996-03-20
Buffer overflow in NCSA WebServer (1.4.1 and below) gives remote access.
CVSS Score
10.0
EPSS Score
0.041
Published
1995-02-17
The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify arbitrary files.
CVSS Score
7.5
EPSS Score
0.006
Published
1991-09-10