TYPSoft FTP Server version 1.10 is susceptible to denial of service attacks via most standard FTP commands.
9896cd1b5ce2e75750ee8ad25c0668ceb68ffb05d3a115a758fc7e382ab93b2eLam3rZ Security Advisory #3/2004 - Confirm versions 0.62 and below allow for forged email headers to execute arbitrary code as the uid the script runs under for procmail.
634b2b6e2e473082e8c96998040c28f72299b5f0b7d63fbea545f69d86f36438Team Factor versions 1.25 and below are susceptible to a remote server crash. Both the Windows and Linux platforms are affected.
ecf6ae877cd6f230a6ca6cfcb248d330cfbe231379638e55923f3b71bcf037f3nCipher Security Advisory No. 9 - On certain models and firmware combinations, an attacker who is able to issue commands to an HSM may be able to access secret data stored in the module, including critical application keys.
071a6375bd388973a762bfda42b19fa6b55931c003c9e7b6bbc847b7f457b7e1ezBoard versions 7.3u and below are vulnerable to a cross site scripting attack.
d7714aa52da52294665bc90ddc567c7e8aa96717cf6a345c626fc5e63110407bLam3rZ Security Advisory #2/2004 - Load Sharing Facility, or LSF, versions 4.x through 6.x, has a remotely accessible vulnerability. The eauth binary can be exploited to send commands to LSF on behalf of a different user. In this way a user could submit and control jobs on behalf of other users.
9d66fa78163f5f238d88d57528f15373ea708f46a350fadeeb078178ee161498Lam3rZ Security Advisory #1/2004 - Load Sharing Facility, or LSF, versions 4.x through 6.x, has a remotely accessible vulnerability. Specific input data strings can be constructed and can cause failure of the eauth binary, leading to the code execution under root privileges.
58257ee84cc0f3a4b4da905c95ef59378739eb3959c2f197c95472f65121bfe3Avirt SOHO version 4.3 is susceptible to a remote buffer overflow via a large GET request passed on ports 1080 and 8080.
fa337ad84fab68b63c9aa4c38e16a4ec1e1a58db540216c7ba87a16e222016f1Avirt Voice version 4.0 is susceptible to a remote buffer overflow via a large GET request passed on port 1080.
5243e3bc2e2a8e9bc2c784387ebbc2fe0735347130db3f4e932b123f0c378a19The image preview code that explorer uses in Microsoft Windows XP allows a malformed .emf file to cause an exploitable heap overflow in shimgvw.dll.
205eda6775bac41865b84ea94bf6a0bdf829845ac610f431a277d822b365e384Detailed analysis on how the MS ASN library has stack overflows as well as integer overflows.
8137f224477e7ea1c4b1106a733fe24279c482a6489a01cf4789e7f6d4c93c28The PSOProxy server version 0.91 has a buffer overflow vulnerability when handling large GET requests.
edf86b53ff11239616d1a14447565f881efada7b316c8782e6d6d05cac20048cLiveJournal is vulnerable to a cross site scripting vulnerability.
e2bd55f0a0a4e2972b6c8dfa544ca52dfb99d026d93895bb270c2dbe222537b3eEye Security Advisory - Zonelabs Pro/Plus/Integrity versions 4.0 and above are susceptible to a stack based buffer overflow within vsmon.exe that can be exploited to execute code with the context of the SYSTEM account. The vulnerability exists within the component responsible for processing the RCPT TO command argument.
a0725e7ec08055483e5b54ac2703231057838074d0fb3f3ce1007b83e9fe049dCisco Security Advisory 20040219 - Multiple vulnerabilities exist in the Cisco ONS 15327 Edge Optical Transport Platform, the Cisco ONS 15454 Optical Transport Platform, the Cisco ONS 15454 SDH Multiplexer Platform, and the Cisco ONS 15600 Multiservice Switching Platform. With one vulnerability, the TFTP service on UDP port 69 is enabled by default to allow both GET and PUT commands to be executed without any authentication. Another allows for an ACK Denial of Service (DoS) attack on TCP port 1080. Another involves telnet, where access to the underlying VxWorks operating system, by default, is restricted to Superusers only. Due to this vulnerability, a superuser whose account is locked out, disabled, or suspended is still able to login into the VxWorks shell, using their previously configured password.
32a2786afd8b1d4f23e63ddf0cf563f8acc92fe2ccb101ffa711694f296aa609AOL Instant Messenger (AIM) being used in conjunction with Internet Explorer on Windows XP allows for remote command execution.
aaf2fe5ced94509c99511b2235bf3c36deb4069be23e451e4b50c8b79cb9d291A security vulnerability exists in specific versions of ZoneAlarm,ZoneAlarm Pro, ZoneAlarm Plus and the Zone Labs Integrity client. This vulnerability is caused by an unchecked buffer in Simple Mail Transfer Protocol (SMTP) processing which could lead to a buffer overflow. In order to exploit the vulnerability without user assistance, the target system must be operating as an SMTP server.
a51d268547556e424ab64f13858af48698b174a1963e715659d2179f18b08318APC's hardware-based network management cards could be compromised by non-privileged users via Telnet or the local serial port using a static factory password.
8721683bdfae530b9c7c52a5073b4f4cc91992965d5a0b9b9e962cbab3042af5There exist several vulnerabilities in one of Windows XP kernel's native API functions which allow any user with the SeDebugPrivilege privilege to execute arbitrary code in kernel mode, and read from and write to any memory address, including kernel memory. Tested against Windows XP Pro SP1.
7c215bd6570aadab9e31d52d0278b4b39f64273e984aba6f43be2e44e5b56689Two format string bugs and two buffer overflows exist in Metamail versions 2.2 through 2.7. Patch and test scripts to test for these vulnerabilities are available here.
f87cacd3242fbcf612c56f4eaf1a98087ff149f8e0193954c91e2f2045ff1a8fA critical security vulnerability has been found in the Linux kernel memory management code inside the mremap(2) system call due to missing function return value check. This bug is completely unrelated to the mremap bug disclosed on 05-01-2004 except concerning the same internal kernel function code. Versions affected: 2.2 up to 2.2.25, 2.4 up to 2.4.24, 2.6 up to 2.6.2.
15e57e93f04e6f6e219e6d6e4da2f41a33f772b68029df65fa0dcaf3e0bde0a7Smallftpd version 1.0.3 crashes when an attempted directory traversal occurs.
8b1b388ec05b9893cdb5d7f90a34b8907effe5a85849dd156f134277faecfab8CesarFTP version 0.99e has a bug that can cause the system to employ 100 percent of its resources.
4b04ba38e82870ad4792db56db6b431739ed950e806c67c5781759b3db7a7eacThe Linksys WAP55AG does not properly secure SNMP community strings.
eed2646ff388cc27ab5bf280bec121467db92fd7e214aff558d444761f0aeb7eVizer webserver version 1.9.1 is susceptible to a denial of service attack due to mismanaging input strings for HTTP requests.
534c5ea7ecea03af87dd45347a8ba886262115cbd03e67aabb72552920180ebc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed