NetTerm-NetFTPD 4.2.2 suffers from multiple buffer overflows that can cause a denial of service against the server and possibly execute arbitrary commands.
5a306efd007be6e93b46a57ca18e8723f5dbb426b9df29199030f5864f8bfe0dCERT Advisory CA-2003-16 - A buffer overflow vulnerability exists in Microsoft's Remote Procedure Call implementation. A remote attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service.
b9bb753690553d6b31adc50199b09cdd488ccbf24144a64753c7c243ee7add0aA massive security vulnerability has been discovered in all recent versions of the Microsoft operating systems. There is a buffer overflow vulnerability that exists in an integral component of any Windows operating system, the RPC interface implementing Distributed Component Object Model services, or DCOM, that allows remote attackers to obtain unauthorized access to vulnerable systems.
a2ab7e1ad93e552958685d18447336ec08b35a14099950c3e45ea405d5917eafCERT Advisory CA-2003-15 - A vulnerability in many versions of Cisco IOS could allow an intruder to execute a denial-of-service attack against a vulnerable device.
af2755db813b1d4f9af9eda1bf413ce515f313ada93635dacefd03868b8b3d34Advisory that discusses exploitation of the University of Minnesota Gopherd version 3.0.5 and below that makes use of the do_command() buffer overflow vulnerability.
41cd532c2317311e30c49cbcf529fbe61127eae9f335f83232fabbf1837663edCisco Security Advisory: Cisco routers and switches running the IOS software are vulnerable to a denial of service attack. A rare sequence of crafted IPv4 packets sent directly to the device may cause the input interface to stop processing traffic once the input queue is full.
ef0504594a7ab6822dce58c8ba0c82480259ebe0b5d86f0f970b4e558f0f7b36omniHTTPD 2.10 suffers from cross site scripting vulnerabilities that could lead to session hijacking.
52b5848c269b6da5f3724ecbe6e5ea940b8b8a3fbcfd5bff25bae930f4ebc792SGI Security Advisory 20030702-01-P - It has been reported that logging into an IRIX 6.5 machine while particular environment variables are set can lead to /usr/lib/iaf/scheme dumping core. Since scheme is suid root, this could potentially lead to a root compromise.
cf55ec3e1e580ca7b85e91d22604fd9c68c6799680b2b730027f68cf4fe308deSGI Security Advisory 20030701-01-P - Multiple vulnerabilities have been found in the Name Service Daemon, or nsd, on IRIX below version 6.5.21.
b6218821e51de97c515742f76bc0a7393297d398e8dfbefd71584ac16e407becThe Microsoft Internet Security and Acceleration, or ISA, server contains a default error page that can be used to conduct cross site scripting attacks against a legitimate user.
28d4e09c66a69895f688844fb1bccd3d2a1a91ee3d29b78564222eda4b3156f0The Microsoft Internet Security and Acceleration, or ISA, server contains a default error page that can be used to conduct cross site scripting attacks against a legitimate user.
051076503bc72c2b87f59aeb4ad73074c982cd00eb77cfd9f35afb69941adc65Citadel/UX BBS versions 6.07 and below have faulty boundary checking that allows arbitrary code execution, poor random number seeding that allows predictable authentication tokens, and do not keep a user from filling up the harddrive when entering in data via the biography section.
85126978760da416df1927103a59644cf4487bcea2d8fd64641318e7d07a0eb7Secure Network Operations, Inc. Advisory SRT2003-07-16-0358 - Backup and Restore Utility for Unix, aka BRU, has buffer overflow and formatting issues that allow a local user to escalate to root privileges due to poor usage of vsprintf().
78b6927c404e9221ca05fc1f8d33bab549bfa2eea16bf5b41e2c50ba75a66ad3Secure Network Operations, Inc. Advisory SRT2003-07-08-1223 - IBM U2 UniVerse version 10.0.0.9 and below allows the uvadm user to escalate to root privileges via a buffer overflow in uvadmsh.
07bee1686a0c83e96b5a7d0c30fcdc0f47ba477ddd22842dd3e50400b4aa78c6nfs-utils version 1.0.3 and below for Linux has an off-by-one bug that allows a local or remote attacker to send an RPC request to mountd that could execute arbitrary code or cause a denial of service.
3fe1bcb8239cc8b00c2dfcf354fa601b0b377cb56afd088883e8b2af3724d591A buffer overflow has been discovered in the IMAP4rev1 MDaemon v6.7.9 and below that can allow malicious users to remotely crash this application and commit code execution with SYSTEM privileges.
abf6ce1c4d9bf7f8ca7fe731e42afda03ebc4f4ddfc1cbcedb749995121a265cThe TurboFTP client version 3.85 Build 304 is vulnerable to a buffer overflow attack from a malicious FTP server that can result in a denial of service and possibly remote command execution.
f666e3f6258f9bbb643fec3e3b0a1981eba0a2e3fab1c7aec152a14da0621a2dMABRY ftpd is vulnerable to buffer overflows that result in a denial of service via the CWD, STAT, MKD, LIST, and RMD commands when an excess of 3200 bytes are sent.
2bd66cc50e84bb2b6524a75df67d487708d102ac22c134345b076c0ea1a49942Cisco Security Advisory: After receiving eight TCP connection attempts using a non-standard TCP flags combination, a Catalyst switch will stop responding to further TCP connections to that particular service. In order to re-establish functionality of that service, the switch must be rebooted. CatOS for the following models is affected: 4000 Series including models 2948G and 2980G/2980G-A, 5000 Series including models 2901, 2902 and 2926, and the 6000.
43e0117dba1a5cf8c123455025e2ce7fb4995a48d74dcb66f65cba5b74ca7a5fAddition to Atstake Security Advisory A070803-1 clarifying that the named pipe vulnerability discussed lies within the Windows NT/XP/2000 platform and that SQL Server 7.0 can be used as an attack vector along with potentially many other applications.
26389446575344782062c92749190328e8a6e10abf5b4d0f5b30a7cea7e76538Atstake Security Advisory A070803-1 - By specifying the name of a named pipe instead of a file, as an argument to Microsoft SQL Server's xp_fileexist extended stored procedure, one can impersonate the user account Microsoft SQL Server is running under. This is due to the behavior of the CreateFile system call and Windows named pipe impersonation. This is not limited to Microsoft SQL Server, but a system wide problem.
a0e2cd066322faccbeda17b525edc1bfe19a840681e371d62018efeea6586415In 2001, Elcomsoft discovered serious security flaws in Adobe Acrobat where pdf files could load malicious plug-ins and have Acrobat believe they were digitally signed. A plug-in loaded in this manner can perform any file operations on the system. Adobe slacked on doing anything about this until CERT released an advisory on it in March of 2003. With the new releases from Adobe, these issues were supposed to be addressed but vulnerabilities still remain.
97736473454a303c89f45f58b292c5e56504cf1a2f5382462a575fa2f759cfc4IglooFTP PRO 3.8 and possibly earlier versions suffers from multiple client side vulnerabilities including the banner, username, password, and account SMTP parameters. Related proof of concept exploit here.
be6ba59a065b4bbfe9a8f5feb2cda1345218b4d6b7fbaca76ce60f31f06aaf3dLinux eXtremail versions 1.5-8 and below hold a format string vulnerability in its logging mechanism. Exploiting this can allow for arbitrary code execution or a denial of service on the server.
9f300aec91de3f79ec8ad7dea040e62aded97cd4340b3ea05a7067bc03e93163DTORS Security - First Security Agent, the first screen locking tool for win32 is vulnerable to a local user changing or disabling the password via the system registry.
658980c23c1c70311de70e308d4e010c29a4e526b9221aee3b44e87b040fb2ef
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed