Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.

Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.

Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.

Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed.

Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.

Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (crash) via certain malformed (1) ISAKMP or (2) MEGACO packets.

Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.

netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.

Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code.

The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.

Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.

iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface.

Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address.

ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.

An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.

OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.

Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.

Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8.

The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.

Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email.