Vulnerabilities > University OF Minnesota

DATE CVE VULNERABILITY TITLE RISK
2007-08-31 CVE-2007-4629 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in University of Minnesota Mapserver
Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name.
network
low complexity
university-of-minnesota CWE-119
7.5
2007-08-27 CVE-2007-4542 Cross-Site Scripting vulnerability in University of Minnesota Mapserver
Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program.
4.3
2005-09-02 CVE-2005-2772 Remote Buffer Overflow vulnerability in University of Minnesota Gopher 3.0.9
Multiple stack-based buffer overflows in University of Minnesota gopher client 3.0.9 allow remote malicious servers to execute arbitrary code via (1) a long "+VIEWS:" reply, which is not properly handled in the VIfromLine function, and (2) certain arguments when launching third party programs such as a web browser from a web link, which is not properly handled in the FIOgetargv function.
network
low complexity
university-of-minnesota
7.5
2005-08-03 CVE-2005-1853 Unspecified vulnerability in University of Minnesota Gopher 3.0.5
gopher.c in the Gopher client 3.0.5 does not properly create temporary files, which allows local users to gain privileges.
local
low complexity
university-of-minnesota
7.2
2004-12-31 CVE-2004-0561 Denial-Of-Service vulnerability in University of Minnesota Gopherd 3.0.3
Format string vulnerability in the log routine for gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
network
low complexity
university-of-minnesota
7.5
2004-12-31 CVE-2004-0560 Denial Of Service vulnerability in University of Minnesota Gopherd 3.0.3
Integer overflow in gopher daemon (gopherd) 3.0.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted content of a certain size that triggers the overflow.
network
low complexity
university-of-minnesota
7.5
2003-10-06 CVE-2003-0805 Unspecified vulnerability in University of Minnesota Gopherd
Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisText function, which calculates the view-type.
network
low complexity
university-of-minnesota
7.5
2002-07-03 CVE-2002-0371 Buffer overflow in gopher client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 allows remote attackers to execute arbitrary code via a gopher:// URL that redirects the user to a real or simulated gopher server that sends a long response.
network
low complexity
microsoft university-of-minnesota
7.5
2000-10-20 CVE-2000-0743 Unspecified vulnerability in University of Minnesota Gopherd 2.3/2.3.1
Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbitrary commands via a DES key generation request (GDESkey) that contains a long ticket value.
network
low complexity
university-of-minnesota
critical
10.0
1993-08-09 CVE-1999-0124 Unspecified vulnerability in University of Minnesota Gopherd
Vulnerabilities in UMN gopher and gopher+ versions 1.12 and 2.0x allow an intruder to read any files that can be accessed by the gopher daemon.
network
low complexity
university-of-minnesota
critical
10.0