the original cloud security
Showing 1 - 25 of 41 RSS Feed

Files

nai.00-ftp.glob
Posted Apr 10, 2001
Authored by Covert Labs | Site nai.com

NAI Security Advisory - Multiple FTP server implementations contain buffer overflows that allow local and remote attackers to gain root privileges on affected servers. These vulnerabilities are contingent upon the remote user having the ability to create directories on the server hosting the FTP daemon, with the exception of a few cases noted below. The vulnerabilities presented are all related to the use of the glob() function, and can be divided into the following two categories - glob() expansion vulnerabilities and glob() implementation vulnerabilities. Vulnerable FTP servers include OpenBSD, NetBSD, FreeBSD, Irix, HPUX 11, and Solaris 8.

tags | remote, overflow, local, root, vulnerability
systems | netbsd, solaris, freebsd, irix, openbsd, hpux
MD5 | 779b9a6bfb8d165fb8719eea4d80f593
COVERT-2001-01.bind
Posted Jan 30, 2001
Authored by Covert Labs | Site pgp.com

Network Associates Security Advisory COVERT-2001-01 - BIND v8.2.2 to 8.2.3-T9B contains buffer overflows that allows a remote attacker to execute arbitrary code. The overflow is in the initial processing of a DNS request and therefore does not require an attacker to control an authoritative DNS server. This vulnerability not dependent upon configuration options and affects both recursive and non-recursive servers. Additional remote format string and buffer overflows affect v8.2 through 8.2.3-T9B and v4.9.3 to v4.9.7. ISC's description of the problems available here.

tags | remote, overflow, arbitrary
MD5 | 300621728056a0b531ba421eeafa6e35
COVERT-2000-09.netbios
Posted Jul 28, 2000
Authored by Covert Labs | Site nai.com

Network Associates COVERT Labs Security Advisory - The Microsoft Windows implementation of NetBIOS allows an unsolicited UDP datagram to remotely deny access to services offered by registered NetBIOS names. An attacker can remotely shut down all Domain Logins, the ability to access SMB shares, and NetBIOS name resolution services. Vulnerable systems include all versions of Microsoft Windows 95, 98, NT and 2000.

tags | udp
systems | windows, 9x
MD5 | a78582c296f1b1c6a467efce197c7b7e
COVERT-2000-08.webfind.exe
Posted Jul 26, 2000
Authored by Covert Labs | Site nai.com

Network Associates COVERT Labs Security Advisory - The indexing utility webfind.exe distributed with O'Reilly WebSite Professional contains an unchecked buffer allowing for the remote execution of arbitrary code on vulnerable hosts.

tags | remote, arbitrary
MD5 | 55b50ec5a8bef2c7e60b160dbdaa9070
COVERT-2000-07.listserv
Posted Jul 26, 2000
Authored by Covert Labs | Site nai.com

Network Associates COVERT Labs Security Advisory - The L-Soft LISTSERV web archive (wa,wa.exe) component contains an unchecked buffer allowing remote execution of arbitrary code with the privileges of the LISTSERV daemon. Vulnerable systems include L-Soft LISTSERV Web Archives 1.8d (confirmed) and 1.8c (inferred) for Windows 9x, Windows NT 3.5x, Windows NT 4.0, Windows 2000, UNIX (all vendors), and OpenVMS VAX.

tags | remote, web, arbitrary
systems | windows, 2k, 9x, unix, nt, vax
MD5 | 58af72d4575b8af155ed349ceb0f7589
nai.00-mmdf.smtp.txt
Posted Feb 24, 2000
Site nai.com

Network Associates Security Advisory - Remote Vulnerability in the MMDF SMTP Daemon. A bug in MMDF allows anyone to obtain mail management privileges via the SMTP daemon, and then root. All versions of MMDF prior to 2.43 are vulnerable, including the version included with SCO Openserver.

tags | remote, root
MD5 | ff594df66e7715fbbc276f372244ab93
nai.00-arcserve.txt
Posted Feb 18, 2000
Site nai.com

Network Associates Security Advisory - A vulnerability in the ARCserve agent script allows local attackers to obtain root privileges and overwrite/insert data into arbitrary files.

tags | arbitrary, local, root
MD5 | 0833b7e71ac6118a0de58807cd0a19ef
nai.99-12-16.lsa
Posted Dec 17, 1999

Network Associates, Inc. Security Advisory - Windows NT LSA Remote Denial of Service. An implementation flaw in the Local Security Authority subsystem of Windows NT, known as the LSA, allows both local or remote attackers to halt the processing of security information requiring the host to be restarted. This new vulnerability affects all Windows NT 4.0 hosts including those with Service packs up to and including SP6a. ms99-057 addresses this vulnerability. NAI homepage here.

tags | remote, denial of service, local
systems | windows, nt
MD5 | fe06b986ca5e0c54881b494c71b0c294
nai.28.openbsd.chpass
Posted Sep 23, 1999

Vulnerability in OpenBSD 2.3 chpass(1)

systems | openbsd
MD5 | 97d613b29b9ffb78d30d11ad21f1d528
nai.29.ToolTalk
Posted Sep 23, 1999

Tooltalk advisory.

MD5 | 1e6215ffb353b1dea0f9da59c61aad06
nai.30.nt.snmp.vulns
Posted Sep 23, 1999

Windows NT SNMP Vulnerabilities

tags | vulnerability
systems | windows, nt
MD5 | 9451acff386c796ef1fa91ecfffa4655
nai.99-02-16.nfr.web.server
Posted Sep 23, 1999

NFR web server advisory.

tags | web
MD5 | 0d7bf26c83867e6c242fe3cbe1d25ba1
nai.99-03-09.linux_tcp
Posted Sep 23, 1999

Linux TCP advisory.

tags | tcp
systems | linux
MD5 | f48dee380aaa92550682d914e205c049
nai.99-09-20.windows_ip_source_routing
Posted Sep 23, 1999

Windows IP Source Routing Vulnerability

systems | windows
MD5 | 3f729497abee472d2680394c65511905
SNI-01.BIND.advisory
Posted Sep 23, 1999

Vulnerability in Unchecked DNS Data.

MD5 | d86bb5d1b9614d1f9121b43ad883eb18
SNI-02.VIXIE_CRON.advisory
Posted Sep 23, 1999

Vulnerability in Vixie Cron

MD5 | 02f467a8a5f19aec72c7b90159366723
SNI-03.CRON_JOBS.advisory
Posted Sep 23, 1999

Vulnerabilities in Default Cron Jobs

tags | vulnerability
MD5 | 7dc62cc377a1887af88ae0b9789bd651
SNI-04.APACHE_MOD.advisory
Posted Sep 23, 1999

Vulnerabilities in the Apache httpd

tags | vulnerability
MD5 | ccc8a62fbbe02c44e2e56f4f7d0de7ec
SNI-05.WINNT_DNS.advisory
Posted Sep 23, 1999

WINNT DNS advisory.

systems | windows
MD5 | 54e2c2ea153014ebc6425d3bda18b531
SNI-06.TCP_SPOOFING.advisory
Posted Sep 23, 1999

TCP Spoofing advisory.

tags | spoof, tcp
MD5 | 6b78957074d1eaf9a604d73598943851
SNI-07.X11_OVERFLOW.advisory
Posted Sep 23, 1999

X11 overflow advisory..

tags | overflow
MD5 | 80044af577bc2e6a522e0422b9602600
SNI-08.IMAP_OVERFLOW.advisory
Posted Sep 23, 1999

IMAP overflow advisory.

tags | overflow, imap
MD5 | 95bd60ed2a0a572d12ace4fe2a4e5e71
SNI-09.LPD_OVERFLOW.advisory
Posted Sep 23, 1999

FreeBSD lpd Security Vulnerability

tags | overflow
systems | freebsd
MD5 | fd1fa099a6540971077a38d012508b31
SNI-10.BSD_FILEHANDLES.advisory
Posted Sep 23, 1999

BSD Filehandle vulnerability.

systems | bsd
MD5 | 155c7ecab7ac43e7e33c806401aaf2a9
SNI-11.PHP_OVERFLOW.advisory
Posted Sep 23, 1999

PHP overflow advisory.

tags | overflow, php
MD5 | 76a19b6964c434dfcd6879d897781fa4
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close