Foundstone Research Labs Advisory - 112002 - MDAC : Microsoft Data Access Components (MDAC) is a collection of components that provide the back-end technology which enables database access for Windows platforms. One of the components within MDAC, Remote Data Services (RDS), enables controlled Internet access to remote data resources through Internet Information Services (IIS). Such access allows users to execute files including .dll and .exe extensions, thereby providing increased site functionality. In general RDS embodies two functional technologies: Data Space and Data Control. The technology exploited within MDAC utilizes the DataSpace object of RDS which acts as a middle layer between the local command execution and the web front end. Due to incorrect string handling within the RDS interface, it is possible for a malicious user to gain control of the remote system via over-running a buffer.
b459f3412c2d95369b0424fdc5ce3c56decc698c701bb274121447dc85d55650Foundstone Labs Advisory 091802-ISSC - A vulnerability found in the manner used by Internet Scanner to parse certain types of non-standard HTTP responses can result in a remotely exploitable buffer overflow condition. This affects Internet Scanner version 6.2.1 for Windows (NT/2000) and has been corrected with X-Press Update 6.17.
655c1b08b83654c57d4a7f81aaac0806532b8ff0621b06ad39c9e03d7f841c8bFoundstone Security Advisory FS-091002-SVWS - A buffer overflow exists in versions 3.1 and previous of Savant Web Server. Exploitation of this vulnerability allows remote execution of arbitrary code with daemon privileges. Sending a GET request containing a URL of approximately 291 characters or more causes Savant Web Server to crash. Exploitation is possible and proof of concept code has been authored to demonstrate this problem.
70f37fc074e30ee6045d809d83b646df568badcf9e022b3ef37bb31966b9d22cFoundstone Labs Advisory 090502-PCRO - A remotely exploitable buffer overflow has been found in PGP Corporate Desktop 7.1.1 for Windows 2000 and XP which allows remote code execution and sometimes allows the attacker to find the passphrase of the target user. PGP crashes immediately after the decryption of the malicious file and before the memory containing the passphrase is overwritten. Fix available here.
b85ba0b3f8e2234fe41b2359e1b0e504b243c85b1156adf2448cf464c29aa774Foundstone Security Advisory FS-080902-APIL - An information leakage vulnerability exists in Orinoco and Compaq OEM access points, disclosing the unique SNMP community string. As a result, an attacker can query the community string and gain the ability to change system configuration including Wired Equivalent Privacy (WEP) keys and Domain Name Service (DNS) information.
93bb4611df6258bb85088f96f054d538a059f3dce90a559ee60b6ab52ea16725The Sun Java Web Server for Solaris and NT allows a remote attacker to execute arbitrary commands on the target system.
7e166134b58769d37f36676b0bf22e6d1441b8e8c0f517e924ab4f42458c30b7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed