Vulnerabilities > Incorrect Calculation of Buffer Size
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-12-18 | CVE-2002-1347 | Incorrect Calculation of Buffer Size vulnerability in multiple products Multiple buffer overflows in Cyrus SASL library 2.1.9 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) long inputs during user name canonicalization, (2) characters that need to be escaped during LDAP authentication using saslauthd, or (3) an off-by-one error in the log writer, which does not allocate space for the null character that terminates a string. | 9.8 |
| 2002-05-16 | CVE-2002-0184 | Incorrect Calculation of Buffer Size vulnerability in multiple products Sudo before 1.6.6 contains an off-by-one error that can result in a heap-based buffer overflow that may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded. | 7.8 |
| 2001-06-27 | CVE-2001-0334 | Incorrect Calculation of Buffer Size vulnerability in Microsoft Internet Information Server FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. | 7.5 |
| 2001-06-18 | CVE-2001-0249 | Incorrect Calculation of Buffer Size vulnerability in multiple products Heap overflow in FTP daemon in Solaris 8 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the LIST command, which uses glob to generate long strings. | 9.8 |
| 2001-06-18 | CVE-2001-0248 | Incorrect Calculation of Buffer Size vulnerability in multiple products Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. | 9.8 |