Eeye Advisory - The "SQL Sapphire" worm is spreading quickly among unpatched Microsoft SQL Server 2000 pre SP 2 systems on the internet with are accessible over port 1434 udp. Includes a detailed analysis of the worms payload.
1fd78f476cf00ccc0de6101ec49913f97a341524cce0732945250de296f1ea4cEeye Advisory - Both Macromedia Coldfusion 6.0 and Macromedia JRun 4.0 along with their prior versions are vulnerable to various heap overflows when handling URI filenames larger than 4096 bytes..
90b2b823b8a467f8fa059878b381391c6e1fa419031b09b61b9981944581ebd7Eeye Security Advisory - iPlanet Web Server 4.1 and 6.0 contains a remotely exploitable heap overflow in the transfer chunking which allows remote code execution as SYSTEM/root on all platforms.
d2375ece94681f4833e85dbe34daf64ab6bdd23cbce71013a58fa28a9d8b5faeEeye Advisory - All versions of Macromedia Shockwave Flash for Windows and Unix contains remotely exploitable overflows in the handling of SWF files. Since this is a browser based bug, it makes it trivial to bypass firewalls and attack the user at his desktop. Also, application browser bugs allow you to target users based on the websites they visit, the newsgroups they read, or the mailing lists they frequent.
ef61f5c7bb22a7f1570c610ede3c3d279065fdc8c0930aa34c2231c4cd2e2ea9Eeye Advisory - The NAI PGP Outlook plug-in in NAI PGP Freeware 7.0.3, PGP Personal Security 7.0.3, and PGP Desktop Security 7.0.4 contains a remotely exploitable heap overflow which can lead to code execution. NAI patch available here.
e7216236aa140bde90e0b6a185d4054a32eb6585e3527ebacfa7d3f1141d1b94Eeye Advisory - IIS 4.0 and 5.0 for Windows NT and 2000 contain a remotely exploitable heap overflow which allows remote code execution. The bug is in transfer chunking in combination with the processing of HTR request sessions.
48ccb83f54a8646059f912592e5f6d519b887ca5833838d10ec76f21014b6fa0A buffer overflow vulnerability has been found by eEye in the parameter handling of the MSN Messenger OCX and can allow remote code execution on affected systems.
76df0e68a796ea743a0cc568c84f1055d8df681f7945e0a436d49f5ed4e21b47Macromedia Flash ActiveX Buffer overflow - Flash ActiveX Ocx Version 6, revision 23 and below contains a remotely exploitable buffer overflow which leads to the execution of attacker supplied code via email, web or any other avenue in which Internet Explorer is used to display html that an attacker can supply. All users of Internet Explorer are potentially vulnerable.
c6c8ca1f7b23f1726dfc2ae5a03d47ea1e5728d9a0f6a3cd3a1e16082fa3c47fEeye Security Advisory - Windows 2000 IIS 5.0 Remote buffer overflow vulnerability (Remote SYSTEM Level Access). Affects Microsoft Windows 2000 Internet Information Services 5.0 + Service Pack 1. The vulnerability arises when a buffer of aprox. 420 bytes is sent within the HTTP Host: header for a .printer ISAPI request. Successful attacks are not logged in the IIS access logs.
823ece01e6bb14f8b3fbea2b4d268322ebb462e32c5dedd81802824820639ecfA buffer overflow has been discovered in the IIS 4.0 and 5.0 .asp file parsing mechanism. When IIS reads a malformed .asp file, code can be executed to take control of the local server as system. This can be exploited remotely by combining with the unicode bug or by paying for a web hosting account.
55452aba2566040a0d3cd658472e5693c9fb1752803985a1aceccb5a5abe6090eeye.98-10-01.ie4_custom_folders
e358f1f0991f9c99805e7c8f0d2fcad32c0c7819573f5eb466cd11d9537ca419eeye.99-01-24.iis.ftp.dos
313a91c047aaa495766db56db33ac885570263bb6fe6d57d0e16f761138ec8a4eeye.99-02-02.ws_ftp
cade8a21583465f43b7dc1f78fee0e6d47a781dd93b537712b19ba0acf25ba00eeye.99-02-04.slmail
4cd275a14892817e2f3545a1461e3ff37bc6e5a5c8addb37c5a22de478cc38efeeye.99-02-20.mdaemon_dos
367f53a3e1c1cf4af9867f9aabb502047c682b336619dd3153731e9c1c6c939eeeye.99-02-21.mercur_mail
cd8416601a7bdc853e7df178e5ecbaaa8c8cf226455e3b7d68a01231a69446f2eeye.99-02-22.wingate
75296fecb26152a52ce6f1a407ca4f483e0f650876e01f1ed6aab6c41f3e99a5eeye.99-03-01.imail
61b70b7edc28bf04b4e52aac409a46fa8c868c6ebbfadb429f5955bf82afa9beeeye.99-05-26.mult_web_interface
3ad3f904295e6f4482cc582b41a652a6d50b69a0dee2928c7149a825a6a4fa20eeye.99-06-08.iis_remote
ff1bd17b04e4de9f9e91d2a6632405f72fbc5f8335da525b2e680861b03f5f05
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed