Exploit the possiblities
Showing 1 - 18 of 18 RSS Feed

Files

visnetic.dos.txt
Posted Dec 25, 2002
Authored by Peter Kruse | Site krusesecurity.dk

The VisNetic WebSite Server for Windows v3.5.13.1 and below contains a remote denial of service vulnerability which can be exploited by sending a 5000 character URL.

tags | advisory, remote, denial of service
systems | windows
MD5 | 0274e3ebdebc3d9917880a3ffc311edb
ftp.client.traversal.txt
Posted Dec 25, 2002
Authored by Steven M. Christey

FTP clients, including those that may be embedded in web clients, can be vulnerable to certain directory traversal attacks by modified FTP servers. If successful, the attacks could allow the server to overwrite or create arbitrary files outside of the client's working directory, subject to file/directory permissions and the privilege level of the client. Vulnerable clients include wget-1.8.1, OpenBSD 3.0 ftp, and Solaris 2.7 and 2.7 ftp.

tags | advisory, web, arbitrary
systems | solaris, openbsd
MD5 | 2d918118248dae7cbdde13a75490adac
12.16.02b.txt
Posted Dec 25, 2002
Authored by Blink

iDEFENSE Security Advisory 12.16.02b - The Melange chat server v1.10 and blow has a remotely exploitable buffer overflow.

tags | advisory, overflow
MD5 | 74c32b3101dc1ddd720518eb44e346b7
hyperion.2.8.11.txt
Posted Dec 24, 2002
Authored by Securma Massine

The Hyperion FTP Server v2.8.11 and below for Windows 95/98/NT/2000 contains a buffer overflow in ftpservx.dll which allows remote code execution.

tags | advisory, remote, overflow, code execution
systems | windows, 9x
MD5 | 792d44051f6dac84c2bb56401940a3d5
iDEFENSE Security Advisory 2002-12-23.t
Posted Dec 24, 2002
Authored by Zen-Parse, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 12.23.02 - Easy Software Products' Common Unix Printing System (CUPS) and Xpdf contains an integer overflow which allows local users to access to privileges of the lp user.

tags | advisory, overflow, local
systems | unix
MD5 | b9f198d095e9f137bc9fc1167f95bfe7
eeye.flash.6.0.65.0.txt
Posted Dec 21, 2002
Authored by eEye Digital Security | Site eEye.com

Macromedia Shockwave Flash Malformed Header Overflow #2 - Macromedia Flash Player versions less than 6.0.65.0 allows remote code execution via HTML email and web pages. Fix available here.

tags | advisory, remote, web, overflow, code execution
MD5 | 07549f1260ac92979135ce5c2094d948
iDEFENSE Security Advisory 2002-12-20.t
Posted Dec 21, 2002
Authored by iDefense Labs, David Zentner | Site idefense.com

iDEFENSE Security Advisory 12.20.02 - Microsoft"s Hotmail service contains cross site scripting vulnerabilities which allow session hijacking and arbitrary action execution.

tags | advisory, arbitrary, vulnerability, xss
MD5 | 290974a3d3392a0320d0db6867f654c7
real.helix.9.0.txt
Posted Dec 21, 2002
Authored by Mark Litchfield | Site ngssoftware.com

RealNetworks Helix Universal Server v9.0 and below for Windows, FreeBSD, HP-UX, AIX, Linux, Sun Solaris 2.7 & 2.8 contains buffer overflows which can cause code to be executed as SYSTEM over tcp port 554.

tags | advisory, overflow, tcp
systems | linux, windows, solaris, freebsd, aix, hpux
MD5 | 7729391bee9e9cf7396e32e856221297
enceladus-3.9.11.txt
Posted Dec 21, 2002

The Enceladus Web and FTP server suite for Windows below v3.9.11 contains a buffer overflow which allows remote command execution. More information available http://www.mollensoft.com.

tags | advisory, remote, web, overflow
systems | windows
MD5 | 71db8e5f45939231151bce066e8e5884
php-nuke_mail_crlf.patch
Posted Dec 21, 2002
Authored by Ulf Harnhammar

PHP-Nuke v6.0 allows remote users to send email to any address on the internet by entering malformed email addresses. Patch included.

tags | advisory, remote, php
MD5 | 2c9c835de4013bc2981e18fa886bfc1a
oss-00001.txt
Posted Dec 21, 2002
Authored by Burn-X | Site opensourcesecurity.com

Pine v4.44 contains a local buffer overflow in the -x command line option.

tags | advisory, overflow, local
MD5 | 0fabb0021243624bb854dcd03bb6b3bf
iDEFENSE Security Advisory 2002-12-19.t
Posted Dec 21, 2002
Authored by Zen-Parse, David Endler, iDefense Labs | Site idefense.com

iEasy Software Products' Common Unix Printing System (CUPS) vCUPS-1.1.14-5 to 1.1.17 contains an integer overflow in the CUPSd interface which allows attackers to gain the permissions of the LP user and the sys GID. In addition, a race condition allows any file to be overwritten as root. Affected systems include Red Hat 7.3, 8.0, and OS/X 10.2.2.

tags | advisory, overflow, root
systems | linux, redhat, unix, apple, osx
MD5 | 5608b00a6dc0e1cce529bb24107ca6a1
polycom.auth-bypass.txt
Posted Dec 21, 2002
Authored by Tamer Sahin | Site securityoffice.net

The Polycom ViewStation FX set top video system allows users to change configuration of the video conferencing system. A bug introduced in the Polycom ViewStation FX Release v4.2 allows users full access to the video conferencing system including changing the admin password.

tags | advisory, bypass
MD5 | 061d65a126706f6f4cb18f7b6475ed0d
Rapid7 Security Advisory 9
Posted Dec 16, 2002
Authored by Rapid7 | Site rapid7.com

Rapid 7 Security Advisory - SSH servers and clients from several vendors contain vulnerabilities in the greeting and key-exchange-initialization phases of the SSHv2 transport layer that allow denial of service attacks and/or arbitrary code execution. OpenSSH, SecureCRT, and LSH are not affected - vulnerable versions include F-Secure 3.1.0 and below for unix and v5.2 and below for Windows, SSH 3.2.2 and below for windows and unix, putty v0.53 and below, WinSCP 2.0.0 and below, and more.

tags | advisory, denial of service, arbitrary, vulnerability, code execution
systems | windows, unix
MD5 | 1e49f07cd54eedbc953d098c2ad9ae5b
eeye.png.txt
Posted Dec 14, 2002
Authored by eEye Digital Security | Site eEye.com

EEye Security Advisory - During a review of the PNG image format implemented in Microsoft Windows, pngfilt.dll, serious vulnerabilities were discovered related to the interpretation of PNG image data. The more serious bug is a heap overflow which can be exploited to execute code when the malicious PNG image is viewed. IE 5.01-6.0 is vulnerable, along with the IE web control for Outlook, Access 2000, Backoffice, Microsoft Visual Studio .NET 2002, Office 2000, Office XP pro, Project 2002 Professional, Publisher 98, SNA Server 4.0, SQL Server 7.0, Visio 2002, Visual Basic .NET Standard 2002, Visual C, Visual C++ .NET Standard 2002, Visual FoxPro 7.0, Visual Studio 6.0, Windows 2000, Windows 95, Windows 98, NT, and XP. Microsoft advisory is ms02-066.

tags | advisory, web, overflow, vulnerability
systems | windows, 2k, 9x
MD5 | 3b5ca24a44ef397fc091de50f829969c
mysql.4.0.5a.txt
Posted Dec 14, 2002
Authored by Stefan Esser | Site security.e-matters.de

The MySQL database versions <= 3.23.53a and <= 4.0.5a contains local and remote vulnerabilities allowing remote attackers to bypass the MySQL password check and execute arbitrary code with the privileges of the user running mysqld. An arbitrary size heap overflow within the mysql client library and another vulnerability which allows '\0' to be written to any memory address allow DOS attacks against or arbitrary code execution within anything linked against libmysqlclient.

tags | advisory, remote, overflow, arbitrary, local, vulnerability, code execution
MD5 | 114312aafb9aaa1a67ed499fbf95d511
fetchmail.6.1.3.txt
Posted Dec 14, 2002
Authored by Stefan Esser | Site security.e-matters.de

A heap overflow has been found in Fetchmail v6.1.3 and below which allows remote attackers to execute code with the privileges of the user running fetchmail on Linux. It is a denial of service vulnerability on BSD. Fixed in v6.2.0.

tags | advisory, remote, denial of service, overflow
systems | linux, bsd
MD5 | 0a7d1ceeda7799992af773ef4198a814
suse.grub.txt
Posted Dec 14, 2002
Authored by Matthias Andree

SuSE 8.1's "gfxmenu" which is configured into GRUB by default on many machines allows the user to pass in additional kernel boot parameters without entering the password, allowing users who can locally reboot the machine to easily spawn a root shell.

tags | advisory, shell, kernel, root
systems | linux, suse
MD5 | 650e6b033bbebf5100a6aac8cdfb930f
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close