Vulnerabilities > Off-by-one Error

DATE CVE VULNERABILITY TITLE RISK
2002-08-12 CVE-2002-0844 Off-by-one Error vulnerability in Distrotech CVS
Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.
local
low complexity
distrotech CWE-193
7.8
2002-07-11 CVE-2002-0653 Off-by-one Error vulnerability in Modssl MOD SSL
Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long entries.
local
low complexity
modssl CWE-193
7.8
2002-03-15 CVE-2002-0083 Off-by-one Error vulnerability in multiple products
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
9.8
2001-12-31 CVE-2001-1496 Off-by-one Error vulnerability in Acme Thttpd
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
network
low complexity
acme CWE-193
critical
9.8
2001-08-02 CVE-2001-0609 Off-by-one Error vulnerability in Infodrom Cfingerd
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function.
network
low complexity
infodrom CWE-193
critical
9.8
2001-04-17 CVE-2001-1391 Off-by-one Error vulnerability in Linux Kernel
Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory.
local
low complexity
linux CWE-193
5.5
1999-01-01 CVE-1999-1568 Off-by-one Error vulnerability in Ncftp Ncftpd Server
Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.
network
low complexity
ncftp CWE-193
7.5