CORE Security Advisory CORE-2003-0307 - A remotely exploitable heap overflow vulnerability has been found in the Snort stream4 preprocessor module which allows remote code execution if a snort sensor picks up an exploit packet. Vulnerable versions include Snort 2.0 versions prior to RC1, Snort 1.9.x, 1.8.x, and IDS's with snort embedded. Includes information on exploitation using hping.
dfed14afc923672fedae803a8b7cc07e21bc0d52931be34ba0d08d9c33e81c92CORE Security Advisory CORE-20020528 - Remotely exploitable Buffer overflows and Authentication bypass bugs were found on the Linksys BEFW11S4 Wireless router and other devices. Tested against Linksys BEFW11S4, BEFSR41, BEFSR11, BEFSRU31, BEFSR81, BEFN2PS4, and BEFVP41. Includes exploit information.
1b1c0be0a7f7d1da1fdec59acc0f6affc05ddea2d39f38d573b76c54accf1c30CORE Security Advisory CORE-20020528 - CORE SDI found two serious remote vulnerabilities in systems running CDE ToolTalk (rpc.ttdbserverd). The first vulnerability allows remote attackers to delete arbitrary files, cause a denial of service, or possibly execute arbitrary code or commands. The second vulnerability allows local attackers to overwrite arbitrary files with contents of the attacker's choice.
75504d1c72ac1b9946b79d6ddf007725e904b7ac631f6419d6c49bad30d4a5d3CORE Security Advisory CORE-20011001 - Another globbing problem has been discovered in Wu-FTPD, allowing a remote user to execute arbitrary code. Affected versions include: all Wu-FTPD versions through 2.6.1, Wu-FTPD 2.7.0 snapshots, and FTP server programs derived from Wu-FTPD.
b2af010437f4826bb1eed002d7911ab9a56a1c96980ee85e3944582ce2cdbcf9ORE SDI Security Advisory CORE-20010207 - SSH1 CRC-32 compensation attack detector vulnerability. In 1998 a design flaw was fixed in SSH1 which allowed an attacker to inject malicious packets into an SSH session. In fixing this bug, a new vulnerability in deattack.c was created which allows remote attackers to execute arbitrary commands on the server. OpenSSH prior to v2.3.0 is vulnerable, as are ssh.com's ssh-1.2.24 through 1.2.31, and F-Secure SSH-1.3.x.
fdc00415fdba450c4d5644f7ad33db0ce3a7dd4e86d112d5602ed9d33c296dedCORE SDI Security Advisory CORE-20010116 - SSH protocol 1.5 session key recovery vulnerability. An attacker who obtains all the encrypted packets of a session can obtain the session key and decrypt the stored session, or even alter it if it is still active. Some SSH2 servers which fall back to SSH1 are also vulnerable. OpenSSH and SSH2 from ssh.com is not vulnerable.
a78ea5475621a69079002d160cd0ae72cd81f9445059bac41af7e7560de10a54Core-SDI Advisory CORE-20001116 - A memory contents disclosure vulnerability was found on RealNetworks RealServer which will give out information about the server configuration, runtime memory data and tokens and authentication credentials. This information allows an external attacker to possibly obtain administrative access to the server or to data belonging to other user sessions. Fix available here.
c2d5b9a6f8bb847c26085737a31823a5af9c5e39178425d25ff41f683ab6f4feCore SDI Advisory CORE-20001026 - Netscape iPlanet webserver contains a directory traversal vulnerability and the administrator password is stores in clear text.
300fb8de9aa07985bdbd7012195021afed7dec5be63cb0b052c0a0dcd55162b7Core SDI Advisory CORE-20001023 - The "MySQL Database Engine" uses an authentication scheme designed to prevent the flow of plaintext passwords over the network and the storage of them in plaintext. For that purpose a challenge-response mechanism for authentication has been implemented on all versions of MySQL. The authentication mechanism is not cryptographically strong. Each time a user executes this mechanism, information allowing an attacker to recover this user's password is leaked. Fix available here.
0da0ee191f40700e2b923a6e12d334f1e0e930fd9cb2f89a2bfd92adeafda30eCORE SDI Security Advisory - SCO Unixware 7 default installation includes scohelp, an http server that listens on port 457/tcp and allows access to manual pages and other documentation files. The search CGI script provided for that purpose has a vulnerability that could allow any remote attacker to execute arbitrary code on the vulnerable machine with privileges of user "nobody".
f680f55bfc32747ee179bacde9f8d0a084560d975d1acee0c089638742207f41Core SDI Vulnerability Report For BEA Weblogic's Proxy - BEA's Weblogic server contains several buffer overflow which allow a remote attacker to execute arbitrary code on the system running the proxying web server as root on unix and as system on NT.
adc8dd33a9472b5d880597828e25334cbf516288499f6f81d3fb6a22f2279f5dCORE SDI Security Advisory - NAI Net Tools PKI Server vulnerabilities. While investigating the exploitability of a buffer overflow in the Net Tools PKI Server from Network Associates Inc. we discovered three new vulnerabilities not fixed by hotfix 1, including buffer overflows and format bugs which allow remote attackers to execute arbitrary code. Perl proof of concept exploit included.
851d469fd06907ffafd8c19e1da95cdb05443f7df3e7b6b1b7fd894c41df184fCore/SDI discovered a second buffer overflow in the implmementation of the RSA algorithm in RSAREF2 from RSA Data Security. This advisory addresses the details of the bug discovered, the details are somewhat focused on the ability to exploit the bug in SSH compiled with RSAREF2, but its extensible to any software product that uses RSAREF2.
527168062ffc62dfc807ebe43c1e9bb63bab56ab4c45d4ed0623b4acd4bf4dccbind.zip
f17e488c0c801621ecd63b74af7e652186700c4ee248b28f4257f6c42f322d1acore-sdi-04.ssh.insertion
5625eb1cba7829529def286acddcd302a0c191ff43d26442a0350d9e787e74ceSunNIS+.zip
aca03b5313ee1857f64e68fec78e5cc0390e1f9b12511ff60beb0b204f54f607
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed