Exploit the possiblities
Showing 1 - 25 of 377 RSS Feed

Files

CA-2003-14.mswin.txt
Posted Jul 17, 2003
Site cert.org

CERT Advisory CA-2003-14 - A buffer overflow vulnerability exists in a shared HTML conversion library included in Microsoft Windows. An attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service.

tags | denial of service, overflow, arbitrary
systems | windows
MD5 | 8c5b5e631a493151fcc60504744b1dc0
CA-2003-13.snort
Posted Apr 18, 2003
Site cert.org

CERT Advisory CA-2003-13 - Two remote vulnerabilities in the Snort IDS, versions 1.8 through 2.0 RC allow remote execution of code as root. It is not necessary for the attacker to know the IP address of the Snort device they wish to attack; merely sending malicious traffic where it can be observed by an affected Snort sensor is sufficient to exploit these vulnerabilities. Fix available here.

tags | remote, root, vulnerability
MD5 | 30fa60b771ff2e6ee35376d17f2619f4
CA-2003-12.sendmail
Posted Apr 1, 2003
Site cert.org

CERT Advisory CA-2003-12 - A remote stack overflow in Sendmail 8.12.8 and below was discovered by Michal Zalewski which allows remote code execution as root. This bug is in the prescan code and is different than the recent sendmail bug described in CA-2003-07. Patch available here.

tags | remote, overflow, root, code execution
MD5 | 5f9042c50705af2bf508c8b6bf27dc38
CA-2003-11.lotus.domino
Posted Mar 27, 2003
Site cert.org

CERT Advisory CA-2003-11 - Multiple vulnerabilities have been reported to affect Lotus Notes clients and Domino servers v5.0.12 through 6.0.1 including six exploitable buffer overflows. TCP port 1352 is a likely conduit for attack, however Lotus Notes often listens to Netbios, SPX, or XPC ports.

tags | overflow, tcp, vulnerability
MD5 | faf6d46160e65b496113291bafcb82ee
CA-2003-10.rpcxdr
Posted Mar 25, 2003
Site cert.org

CERT Advisory CA-2003-10 - A buffer overflow vulnerability in SunRPC-derived XDR libraries causes several applications which use the rpcbind service to allow execution of arbitrary code or disclosure of sensitive information. In addition, intruders may be able to crash the MIT KRB5 kadmind or cause it to leak sensitive information, such as secret keys. Vulnerable code includes GNU Glibc 2.3.1 and below, Solaris 2.6, 7, 8 and 9, AIX 4.3.3 through 5.2.0, and MIT Kerberos vulnerabilities.

tags | overflow, arbitrary, vulnerability
systems | solaris, aix
MD5 | a1dc824b3db44b8751af7ba3c83beb73
CA-2003-09.iis-webdav
Posted Mar 18, 2003
Site cert.org

CERT Advisory CA-2003-09 - A buffer overflow vulnerability exists in Microsoft IIS 5.0 running on Microsoft Windows 2000. An overflow in ntdll.dll of WebDAV allows remote users to execute code in the local system context. See also ms03-007.

tags | remote, overflow, local
systems | windows, 2k
MD5 | ffa2899810162a68e9c91d8cae8f7803
CA-2003-08.winshares
Posted Mar 18, 2003
Site cert.org

CERT Advisory CA-2003-08 - There is increased activity targeting Windows shares over ports 137, 138, 139, and 445.

systems | windows
MD5 | c6a335f230856f5bc465110717f36e8d
CA-2003-07.sendmail
Posted Mar 4, 2003
Site cert.org

CERT Advisory CA-2003-07 - Sendmail prior to 8.12.8 has a remote root vulnerability which can be exploited by a malicious mail message, allowing non-vulnerable MTA's to relay the exploit message to unpatched MTA's on an internal network. A successful attack against an unpatched sendmail system will not leave any messages in the logs. All Sendmail Pro, Sendmail Switch, and Sendmail for NT are also vulnerable. Fix available here.

tags | remote, root
advisories | CVE-2002-1337
MD5 | 137522a297a47bd898379d3ef460199c
CA-2003-06.sip
Posted Feb 21, 2003
Site cert.org

CERT Advisory CA-2003-06 - Numerous vulnerabilities have been reported in multiple vendor implementations of the Session Initiation Protocol, or SIP, which may allow an attacker to gain unauthorized privileged access, cause denial-of-service attacks, or cause unstable system behavior.

tags | vulnerability, protocol
MD5 | 967409fbce6d95e1ba77b3f2800714d8
CA-2003-05.oracle
Posted Feb 20, 2003
Site cert.org

CERT Advisory CA-2003-05 - Systems running Oracle8 Database v 8.0.6, 8.1.7, Oracle9i Database (Release 1 and 2), and Oracle9i Application Server (Release 9.0.2 and 9.0.3) contain multiple remote vulnerabilities which can lead to the execution of arbitrary code, allow users to modify database records, or cause a denial of service, breaking the database.

tags | remote, denial of service, arbitrary, vulnerability
MD5 | 22a4447df0df965497ab612a64c1a15a
CA-2003-04.mssql.worm
Posted Jan 26, 2003
Site cert.org

CERT Advisory CA-2003-04 - A quickly spreading Microsoft SQL worm exploits two vulnerabilities in Microsoft SQL Server 2000 over udp port 1434.

tags | worm, udp, vulnerability
MD5 | 9a3232db2280856d044de3dc8eaac1af
CA-2003-03.windows.locator
Posted Jan 24, 2003
Site cert.org

CERT Advisory CA-2003-03 - Windows NT, 2000, and XP contains a buffer overflow in the Windows Locator service that allows remote attackers to execute arbitrary code via the netbios ports. More information available ms03-001.

tags | remote, overflow, arbitrary
systems | windows, nt
MD5 | e25389d4f4430a44f678578aad102a83
CA-2003-02.cvs
Posted Jan 23, 2003
Site cert.org

CERT Advisory CA-2003-02 - Systems running CVS Home project versions of CVS prior to 1.11.5 allow non-authenticated remote attackers with read only access to execute arbitrary code. Vendor status information available here.

tags | remote, arbitrary
MD5 | 96bcee114c70021a72d131f47f8011d4
CA-2003-01.dhcpd
Posted Jan 17, 2003
Site cert.org

CERT Advisory CA-2003-01 - There are multiple stack-based buffer overflows in ISC DHCP that are exploitable by sending a DHCP message containing a large hostname value allowing remote attackers to execute code with the privileges of the user running dhcpd.

tags | remote, overflow
MD5 | d17c624c49bad511e5dac22b8cce69a6
CA-2002-37.windows.shell
Posted Dec 21, 2002
Site cert.org

CERT Advisory CA-2002-37 - A buffer overflow vulnerability in the Microsoft Windows Shell allows remote attackers to execute arbitrary code via malicious email message, malicious web page, or browsing through a folder containing a malicious .MP3 or .WMA file. More information available here.

tags | remote, web, overflow, arbitrary, shell
systems | windows
MD5 | e94145ac24db820aa7d84da855aa5755
CA-2002-36.ssh
Posted Dec 21, 2002
Site cert.org

CERT Advisory CA-2002-36 - Multiple vendors' implementations of the secure shell (SSH) transport layer protocol contain vulnerabilities that could allow a remote attacker to execute arbitrary code with the privileges of the SSH process or cause a denial of service. The vulnerabilities affect SSH clients and servers, and they occur before user authentication takes place. OpenSSH is not vulnerable. More information available here.

tags | remote, denial of service, arbitrary, shell, vulnerability, protocol
MD5 | 393e90df79d2e0d58203125c9bb58ff0
CA-2002-35.raq4
Posted Dec 12, 2002
Site cert.org

CERT Advisory CA-2002-35 - Cobalt Raq4 systems with the Security Hardening Package installed allow remote attackers to execute code as root because overflow.cgi does not adequately filter input destined for the email variable.

tags | remote, overflow, cgi, root
MD5 | 026cbf3d80a30a687e152121d00ddeb6
CS-2002-04
Posted Nov 30, 2002
Site cert.org

CERT Quarterly Summary CS-2002-04 - Popular vulnerabilities being exploited by attackers these days include an Apache/mod_ssl worm, OpenSSL bugs, Trojan horse sendmail, libpcap, and tcpdump, multiple BIND bugs, and a heap overflow in Microsoft MDAC.

tags | worm, overflow, trojan, vulnerability
MD5 | b577896ae5b0e164f58fb07ec0cc609e
CA-2002-34.xfs
Posted Nov 30, 2002
Site cert.org

CERT Advisory CA-2002-34 - The Solaris X Window Font Service (XFS) daemon (fs.auto) on Solaris 2.5.1 - 9 contains a remotely exploitable user nobody buffer overflow on Sparc and X86. More information available here.

tags | overflow, x86
systems | solaris
MD5 | e6268b7f2e6e9e048615738ffeb05c49
CA-2002-33.MDAC
Posted Nov 24, 2002
Site cert.org

CERT Advisory CA-2002-33 - Heap Overflow Vulnerability in Microsoft Data. A routine in the RDS component, specifically the RDS Data Stub function, contains an unchecked buffer. The RDS Data Stub function's purpose is to parse incoming HTTP requests and generate RDS commands. This unchecked buffer could be exploited to cause a heap overflow.

tags | web, overflow
MD5 | b5c22892f43bdc3b7483e26eba6523ce
CA-2002-32.alcatel
Posted Nov 24, 2002
Site cert.org

CERT Advisory CA-2002-32 - Backdoor in Alcatel OmniSwitch 7700 and 7800 AOS version 5.1.1. A telnet server listens on TCP port number 6778, a backdoor that was originally used during development to access the Wind River Vx-Works operating system. Due to an oversight, this access was not removed prior to product release.

tags | tcp
MD5 | bb91a5a0f11171433192ade8fc82b9cc
CA-2002-31.bind
Posted Nov 15, 2002
Site cert.org

CERT Advisory CA-2002-31 - BIND 8 has vulnerabilities that may allow remote attackers to execute arbitrary code with the privileges of the user running named which is usually root, or with the privileges of vulnerable client applications. The other vulnerabilities will allow remote attackers to disrupt the normal operation of DNS name service running on victim servers.

tags | remote, arbitrary, root, vulnerability
MD5 | 7911dbfee02e3e41e0f329b0d8fdff46
CA-2002-30.trojan
Posted Nov 15, 2002
Site cert.org

CERT Advisory CA-2002-30 - Released source code distributions of the libpcap and tcpdump packages were modified by an intruder and contain a trojan horse which, upon compile time, remote grabs a file from a fixed IP address which it then compiles and runs. The binary then goes to a fixed IP address and gets a one character response which enables the remote machine to trigger the spawning of a shell to the remote machine. The backdoor also explicitly ignores all traffic on port 1963.

tags | remote, shell, trojan
MD5 | e54c4be958885a0de93635a5937a757f
CA-2002-29.kerberos
Posted Oct 30, 2002
Site cert.org

CERT Advisory CA-2002-29 - Multiple Kerberos distributions contain a remotely exploitable buffer overflow in the Kerberos administration daemon. A remote attacker could exploit this vulnerability to gain root privileges.

tags | remote, overflow, root
MD5 | 5bc3502dfd425743f5896240e081ff72
CA-2002-28.sendmail
Posted Oct 10, 2002
Site cert.org

CERT Advisory CA-2002-28 - Sendmail 8.12.6 was backdoored on September 28, 2002 to include a trojan which executes commands via outbound port 6667 connections.

tags | trojan
MD5 | f6a94b46de29c16173327843a102489e
Page 1 of 16
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close