what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 41 RSS Feed

Files

nai.00-ftp.glob
Posted Apr 10, 2001
Authored by Covert Labs | Site nai.com

NAI Security Advisory - Multiple FTP server implementations contain buffer overflows that allow local and remote attackers to gain root privileges on affected servers. These vulnerabilities are contingent upon the remote user having the ability to create directories on the server hosting the FTP daemon, with the exception of a few cases noted below. The vulnerabilities presented are all related to the use of the glob() function, and can be divided into the following two categories - glob() expansion vulnerabilities and glob() implementation vulnerabilities. Vulnerable FTP servers include OpenBSD, NetBSD, FreeBSD, Irix, HPUX 11, and Solaris 8.

tags | remote, overflow, local, root, vulnerability
systems | netbsd, solaris, freebsd, irix, openbsd, hpux
SHA-256 | 14a21100e205f31e8a5af8bf40f62968749848f4653fa977060110baa1c23a96
COVERT-2001-01.bind
Posted Jan 30, 2001
Authored by Covert Labs | Site pgp.com

Network Associates Security Advisory COVERT-2001-01 - BIND v8.2.2 to 8.2.3-T9B contains buffer overflows that allows a remote attacker to execute arbitrary code. The overflow is in the initial processing of a DNS request and therefore does not require an attacker to control an authoritative DNS server. This vulnerability not dependent upon configuration options and affects both recursive and non-recursive servers. Additional remote format string and buffer overflows affect v8.2 through 8.2.3-T9B and v4.9.3 to v4.9.7. ISC's description of the problems available here.

tags | remote, overflow, arbitrary
SHA-256 | 0dc7c588880d158bf0463b6985c16a22f3debb3dc8fa15807d452573395d7286
COVERT-2000-09.netbios
Posted Jul 28, 2000
Authored by Covert Labs | Site nai.com

Network Associates COVERT Labs Security Advisory - The Microsoft Windows implementation of NetBIOS allows an unsolicited UDP datagram to remotely deny access to services offered by registered NetBIOS names. An attacker can remotely shut down all Domain Logins, the ability to access SMB shares, and NetBIOS name resolution services. Vulnerable systems include all versions of Microsoft Windows 95, 98, NT and 2000.

tags | udp
systems | windows
SHA-256 | 2d068bd5c36d3f9dd4eb851e353b34f0284a6efd67b392a3dc8c87051d4f5ad9
COVERT-2000-08.webfind.exe
Posted Jul 26, 2000
Authored by Covert Labs | Site nai.com

Network Associates COVERT Labs Security Advisory - The indexing utility webfind.exe distributed with O'Reilly WebSite Professional contains an unchecked buffer allowing for the remote execution of arbitrary code on vulnerable hosts.

tags | remote, arbitrary
SHA-256 | 36228147ba09ed48a48ec3c22b40ef8ab5a8ced86f40414d41d26c67a57aee4c
COVERT-2000-07.listserv
Posted Jul 26, 2000
Authored by Covert Labs | Site nai.com

Network Associates COVERT Labs Security Advisory - The L-Soft LISTSERV web archive (wa,wa.exe) component contains an unchecked buffer allowing remote execution of arbitrary code with the privileges of the LISTSERV daemon. Vulnerable systems include L-Soft LISTSERV Web Archives 1.8d (confirmed) and 1.8c (inferred) for Windows 9x, Windows NT 3.5x, Windows NT 4.0, Windows 2000, UNIX (all vendors), and OpenVMS VAX.

tags | remote, web, arbitrary
systems | windows, unix, vax
SHA-256 | a3eaef27c0c60ab4d4d042110fa7fbaa9e62953241047c765cb69fd3ca8bafd8
nai.00-mmdf.smtp.txt
Posted Feb 24, 2000
Site nai.com

Network Associates Security Advisory - Remote Vulnerability in the MMDF SMTP Daemon. A bug in MMDF allows anyone to obtain mail management privileges via the SMTP daemon, and then root. All versions of MMDF prior to 2.43 are vulnerable, including the version included with SCO Openserver.

tags | remote, root
SHA-256 | f2dea4a97da484464ee6e817e263cac11e46e2e3609a0b08a5ca3d921c508355
nai.00-arcserve.txt
Posted Feb 18, 2000
Site nai.com

Network Associates Security Advisory - A vulnerability in the ARCserve agent script allows local attackers to obtain root privileges and overwrite/insert data into arbitrary files.

tags | arbitrary, local, root
SHA-256 | fc4a12c72a4a1e54e091198085a56de890639e906f761c3922f184b0a5144490
nai.99-12-16.lsa
Posted Dec 17, 1999

Network Associates, Inc. Security Advisory - Windows NT LSA Remote Denial of Service. An implementation flaw in the Local Security Authority subsystem of Windows NT, known as the LSA, allows both local or remote attackers to halt the processing of security information requiring the host to be restarted. This new vulnerability affects all Windows NT 4.0 hosts including those with Service packs up to and including SP6a. ms99-057 addresses this vulnerability. NAI homepage here.

tags | remote, denial of service, local
systems | windows
SHA-256 | d0c637cd4cedf750ac593d89bda9710934543e70938f9ef2d5f35184d7963107
nai.28.openbsd.chpass
Posted Sep 23, 1999

Vulnerability in OpenBSD 2.3 chpass(1)

systems | openbsd
SHA-256 | 83b3b5c78a5198bf2082af210744d3d6e96857f9f8a827e925c9f694d076e6c8
nai.29.ToolTalk
Posted Sep 23, 1999

Tooltalk advisory.

SHA-256 | 86303cb5ffbeee7585fad03f1e8ad51c1058d3ce0a484b2d8d0e4f5e5734c656
nai.30.nt.snmp.vulns
Posted Sep 23, 1999

Windows NT SNMP Vulnerabilities

tags | vulnerability
systems | windows
SHA-256 | b45b9b7e5dc22e360435944e0f9e24bbb1b2815b879ea0387f84fc1c8ad11493
nai.99-02-16.nfr.web.server
Posted Sep 23, 1999

NFR web server advisory.

tags | web
SHA-256 | 21398862fb726565080f4645b477b379533da2e791d38ed60f4d80f2f0ead4b0
nai.99-03-09.linux_tcp
Posted Sep 23, 1999

Linux TCP advisory.

tags | tcp
systems | linux
SHA-256 | 7ebca8f7df83c4291c266cae3b7399ebd3fa970b4e66584e1f32520e7902667f
nai.99-09-20.windows_ip_source_routing
Posted Sep 23, 1999

Windows IP Source Routing Vulnerability

systems | windows
SHA-256 | 16ea019466683d13c9ef17e9f67f22ee0370454b04eb6ce7729a2370bcf37e2d
SNI-01.BIND.advisory
Posted Sep 23, 1999

Vulnerability in Unchecked DNS Data.

SHA-256 | 986561cf8dda626b98a0f039788dfdaf6a80791a93521b943099b9f155903d3b
SNI-02.VIXIE_CRON.advisory
Posted Sep 23, 1999

Vulnerability in Vixie Cron

SHA-256 | 3a49b2e88222e23fd6a07d93933c20720d38ea0249550e580500a8c6a222640b
SNI-03.CRON_JOBS.advisory
Posted Sep 23, 1999

Vulnerabilities in Default Cron Jobs

tags | vulnerability
SHA-256 | 72117cb2ca9496dce0a99c7c9397bf4ac2d034b2dca7a9eeccba1e95bc9b386a
SNI-04.APACHE_MOD.advisory
Posted Sep 23, 1999

Vulnerabilities in the Apache httpd

tags | vulnerability
SHA-256 | 3d0d75d822e60fffb98af64c1e10bad1da20f0c8fc59d0ea2c35031f0eb11f32
SNI-05.WINNT_DNS.advisory
Posted Sep 23, 1999

WINNT DNS advisory.

systems | windows
SHA-256 | f8c6bdff7b1d5fa8e698680dec95c56aead8294d4040dd35d7e5236d7499f14c
SNI-06.TCP_SPOOFING.advisory
Posted Sep 23, 1999

TCP Spoofing advisory.

tags | spoof, tcp
SHA-256 | 6263e24f33456c6fb57d813c19dbcc64e07b657cf399bd072ce013ea82a44a09
SNI-07.X11_OVERFLOW.advisory
Posted Sep 23, 1999

X11 overflow advisory..

tags | overflow
SHA-256 | 7a238bbd26cdb2336243ff97eb9c108c3efad875cf9215c85b0b51069da4f795
SNI-08.IMAP_OVERFLOW.advisory
Posted Sep 23, 1999

IMAP overflow advisory.

tags | overflow, imap
SHA-256 | c878ebfe5db610cc7831d2fadfc63d5474d30306159f6c4416f87fd71a204ee8
SNI-09.LPD_OVERFLOW.advisory
Posted Sep 23, 1999

FreeBSD lpd Security Vulnerability

tags | overflow
systems | freebsd
SHA-256 | 314ffa172340e2ee53d7aeab22c39b92067fd1c5ef08e1cb46048ed6645c3ddf
SNI-10.BSD_FILEHANDLES.advisory
Posted Sep 23, 1999

BSD Filehandle vulnerability.

systems | bsd
SHA-256 | 70133b29b21bfb68c767b723f65a09c35490de8cf8ed5a99578232d82b5aa039
SNI-11.PHP_OVERFLOW.advisory
Posted Sep 23, 1999

PHP overflow advisory.

tags | overflow, php
SHA-256 | 7fd71f1f5d4f498f121bf54e267f6f7f3ea820c26ff35c311f3075d620c01fce
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close