iDEFENSE Security Advisory 01.28.03 - It has been found that several SSH clients leave authentication data unprotected in the system memory while connecting to a remote host using the SSH2 protocol. Anyone with read access to the system memory can retrieve and abuse this information.
f96e214d26eae0377c74c3630c49679d41e66ba1f20315afe47ab9a17bed5cd3Solaris 2.7 x86's sacadm has a buffer overflow in the processing of command line arguments. Perl code to test for the bug included.
3a600355f3aad555bb91e5d3bf28689c25c62071e1846b2ddf751c180bc9efd9acFreeProxy (aka "acfp") is an HTTP/1.x proxy for Microsoft Windows that generates error pages when unable to reach a destination host. The results of the error page do not have any input validation leaving it vulnerable to cross-site scripting attacks.
b73cb37d7003a95b03e17334931602a4021c36c50e68d3f36d09ad572bddca2dThe problem described on this advisory certifies BIND versions 4 and 8 do not prevent sending of two or more resolution requests for the same domain name allowing DNS Spoofing attacks with significant probability of success.
1ff0291e103cffab6d704722eb3a1553d6877ea3f7896be778483fcaf7956ec1NGSSoftware Insight Security Research Advisory #NISR22112002 - Multiple Buffer Overruns in RealOne / RealPlayer / RealOne Enterprise. Three remotely exploitable overruns exist: two being heap based overflows and the other being a stack based overflow. On exploitation of these overruns any supplied code would execute in the security context of the logged on user.
4c45143df7581f419149bb29354b7898f743178a4437690f3558d6fdc69fb9cbGuardeonic Solutions Security Advisory #03-2002 - ClearCase 4.1 is susceptible to a remote denial of service. Performing two simple nmap scans against ClearCase, which listens on port 371, causes the daemon to die upon the second scan.
e6c47ca7ad4afa168fe736998824176be31474662b7598ab7802b94381355094INetCop Security Advisory #2002-0x82-001 - A directory traversal vulnerability has been found in Tiny HTTPd 1.0. Basic exploitation is documented.
a49d55847f0e0b697cc4797e61934daffcf7b2aaf646fca37369ef068a3705ceThe Hyperion FTP Server for Windows 95/98/NT/2000 has a vulnerability which allows remote attackers to traverse through directories of a target host. Versions tested against that are vulnerable are Hyperion Ftp Server v2.8.1 / Windows 2000 sp3 and Hyperion Ftp Server v2.8.1 / Windows 98 SE.
f2e3dc440c3dc9d6c71656d2e0914613fa308ff83b4f72614aed8ac43457c54eiDEFENSE Security Advisory 11.11.02 - KDE, the open source graphical desktop environment, has a buffer overflow that is locally exploitable via the kdenetwork module using the LAN browsing implementation known as LISa.
dd52f45e6d2d46ffd6d77f77e4dc9480426f8ca8373e076992cad002f3b6c589A buffer overflow has been found in the iSMTP Gateway version 5.0.1 by Incognito. By injecting an overly long MAIL FROM: command, the server will crash. The support for the underlying operating system and the gateway software has been discontinued.
f204c71e48d4825113845c421b993db385df8737e682da300148cd3825e84dedMicrosoft IIS 4.0, 5.0, and 5.1 has a vulnerability in dllhost.exe which allows local users to gain SYSTEM privilege. This vulnerability arises from the fact that the process of dllhost.exe harbors an impersonation token of SYSTEM account while processing user's request.
59f0eed38e0b61e096b9411bafd55ca8111563286a592ed9bc74f3da943e5263iDEFENSE Security Advisory 11.04.02b - Northern Solutions' Xeneo Web Server v2.1.0.0 (PHP version) is vulnerable to a remote denial of service attack making the server crash with a Microsoft Visual C++ runtime error message. Fix available here.
6666bb2c685153ee0151cae36a27b81d2f2a4710105f318be7fe42b918d20de4iDEFENSE Security Advisory 11.04.02a - Pablo Software Solutions' FTP Server v1.5 and below is a multi-threaded FTP server for Windows 98, NT 4.0, 2000 and XP that contains a remotely exploitable buffer overflow vulnerability. Fix available here.
baa01c7e8344ba2565fc81e13b9f3b233aad068c7e8e6a3fb844674096cd92e8iDEFENSE Security Advisory 10.31.2002c - PHP-Nuke v5.6 contains a SQL injection vulnerability which allows remote attackers to compromise other system accounts.
a3d04f97e2f31f8823e8e0cf99005677ccda51bd844d3419d9e572c3c01b74d9iDEFENSE Security Advisory 10.31.2002b - Prometheus v6.0 and below is a web application framework written in PHP which allows remote attackers to execute arbitrary commands.
8a9f3b109a813e90ba5162e210fa2e3db32c9299a4328fbb8c040f64e6b82ff2iDEFENSE Security Advisory 10.31.2002 - The Linksys BEFSR41 EtherFast Cable/DSL Router contains a remote denial of service vulnerability if the remote management is enabled. Exploit URL included.
02f580994b98ab9b30d3c28cb952de728cb78181fc1ac40e5a4e56e0d134a86eWS_FTP v3.13 and below is vulnerable to the classic FTP bounce attack as well as PASV connection hijacking. Examples and solutions included.
a32a5fa264703e56db66786e30814b463e79b578ff79f6776efc9d9d2e9399a2A denial of service vulnerability found in Alt-n MDaemon v6.0.7 can allow malicious users to remotely crash this application. This vulnerability, which may also affect earlier MDaemon versions, resides in the method used by MDaemon's POP3 service to process user input that is received with the DELE or UIDL commands.
07650faab656a8d91cb8ed724f20ad9523b77e5bbbc62b13e94dbfcd3b31d987Oracle Security Alert #43 - The Oracle9iAS Web Cache contains two denial of service vulnerabilities that can be triggered remotely by sending specially crafted HTTP requests to this service. The denial of service issues, which affect version 9.0.2.0.0 for Windows NT/2000 and XP, result in an immediate crash of the application. This vulnerability was reported to Oracle by Atstake and will be fixed in the 9.0.4 release of Oracle9i Application Server.
a2419a5a6c66d45ec168e814a00a9c5905fb30f89c06ac4215603ae759ae590cRapid 7 Advisory R7-0008 - IBM Web Traffic Express Caching Proxy server is vulnerable to cross site scripting. The Caching Proxy server allows script code to be injected into pages using standard cross-site scripting techniques. A second, variant attack allows the HTTP headers to be manipulated.
2b24d3cf784653c24b81047d80228ae940e783257cf9ce49567fa86d564bdaebRapid 7 Advisory R7-0007 - The Caching Proxy component of IBM's WebSphere Edge Server v2.0 is vulnerable to a denial-of-service attack against one of the default CGI programs. A malformed HTTP request for /cgi-bin/helpout.exe will cause ibmproxy.exe to crash and cease functioning.
d5444f4faa351e594a4559c2bf2fb5cf0491766c5ae89f6adfc2ce7c94802ffeiDEFENSE Security Advisory 10.15.02 - RadioBird Software's WebServer 4 Everyone v1.27 and below contains denial of service and directory traversal vulnerabilities allowing any file on the system to be downloaded. Fix available here.
ee7ce09231d4ce9d177866165f5d433f9b62ebfe59e76ea0613c5ecc5fd837e8The BadBlue web server v1.7 for Windows allows remote attackers to access files in password protected directories by sending a special web request. Tested on Windows 2000 Sp3 and 98SE.
99d05374da83f582e4c1a538df787b729ffaa4edb6e65cda12d5bea1cb47a8a5The Liteserve Web Server v2.0 for Windows allows remote attackers to access files in password protected directories by sending a special web request. Tested on Windows 2000 Sp3 and 98SE.
1ad0b43d131843b5736e0561fcc1a675759e988ac4a519a13fc34d067e8ed50fThe BRS WebWeaver Web Server v1.01 for Windows allows remote attackers to access files in password protected directories by sending a special web request. Tested on Windows 2000 Sp3 and 98SE.
952d6a2e38bf73ed6659426d07625a19fe392c8b246d7ec67b52f1f0b7264132
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed