The lookupProviders function in providerMgr.c in sblim-sfcb 1.3.4 and 1.3.18 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an empty className in a packet.
Max CVSS
5.0
EPSS Score
2.05%
Published
2015-09-28
Updated
2018-10-30
sfcb in sblim-sfcb places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.
Max CVSS
4.4
EPSS Score
0.04%
Published
2012-08-17
Updated
2012-08-17
Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB 1.3.4 through 1.3.7, when the configuration sets httpMaxContentLength to a zero value, allows remote attackers to cause a denial of service (heap memory corruption) or possibly execute arbitrary code via a large integer in the Content-Length HTTP header, aka bug #3001915. NOTE: some of these details are obtained from third party information.
Max CVSS
10.0
EPSS Score
19.10%
Published
2010-06-15
Updated
2023-02-13
Heap-based buffer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB before 1.3.8 might allow remote attackers to execute arbitrary code via a Content-Length HTTP header that specifies a value too small for the amount of POST data, aka bug #3001896.
Max CVSS
10.0
EPSS Score
1.79%
Published
2010-06-15
Updated
2010-06-18
The SSL certificate setup program (genSslCert.sh) in Standards Based Linux Instrumentation for Manageability (SBLIM) sblim-sfcb 1.3.2 allows local users to overwrite arbitrary files via a symlink attack on the (1) /var/tmp/key.pem, (2) /var/tmp/cert.pem, and (3) /var/tmp/ssl.cnf temporary files.
Max CVSS
6.9
EPSS Score
0.04%
Published
2009-02-03
Updated
2009-02-20
httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service (resource consumption) by connecting to sblim-sfcb but not sending any data.
Max CVSS
5.0
EPSS Score
0.20%
Published
2005-10-05
Updated
2008-09-05
httpAdapter.c in sblim-sfcb before 0.9.2 allows remote attackers to cause a denial of service via long HTTP headers.
Max CVSS
5.0
EPSS Score
0.95%
Published
2005-10-05
Updated
2008-09-05
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!