Delphis Consulting Plc Security Team Advisory DST2K0042 - The following vulnerability in Web+ Application Server under Linux has been discovered. Severity: High. If the default example scripts are installed it is possible to execute/read any file which Web+ user (default is 'nobody') has access to using the Web+Ping example.
10156497169d749f0c7bbb71908785ef25e60f8c034c4b9d631b5d3ebeb6ffdd
Delphis Consulting Plc Security Team Advisory DST2K0037 - It is possible to bypass the quotas imposed by QuotaAdvisor by utilizing data streams alternative to the default.
1ed58d9fff73920bf7e048bdf48b1e78c46ea96d5ee17b5f33fc69a1e9e5dde5
DST2K0032: Multiple Issues with Talentsoft WebPlus Application Server. Delphis Consulting Internet Security Team (DCIST) discovered low to medium severity vulnerabilities in Webplus under Windows NT.
ffc1c16883ca0443a77b4ee6a8af25d3b21541d176140bab9d1b83fa8a7d5a3b
Delphis Consulting Plc Security Team Advisory DST2K0019 - WebBBS v1.17 for Windows NT contains multiple buffer overflows, some of which allow remote code execution.
d82eeef70f6585ce7e748912ca67a16cd5fdbba6951e5096053b19902d66b3ad
Delphis Consulting Plc Security Team Advisory DST2K0018 - WebBBS HTTP Server v1.15 under Windows NT contains remotely exploitable buffer overflow vulnerabilities.
383785cd41cf7c6f787ba8c334cf62949e753093990335612bc043a522725bef
Delphis Consulting Plc Security Team Advisory DST2K0011 - Buffer Overflow in HP Openview Network Node Manager v6.1 for Microsoft Windows NT v4.0 Workstation (SP6). By using the Alarm service which runs on port 2345 and is installed by default with HP openview network node manager, it is possible to cause a buffer overrun in OVALARMSRV, causing the EIP to be overwritten and allowing the execution of arbitry code.
53187d5cc8489d16517a4cf34b199ff2d209001ce4aa0b95b2f6e55c2e83c5b5
Delphis Consulting Plc Security Team Advisory DST2K0011 - The CMail Server v2.4.7 under Windows NT is vulnerable to a buffer overrun in NTDLL.DLL. By sending a long GET request to tcp port 8002, the EIP can be overwritten and arbitrary code execution is possible.
946d10f4fc740a5dbde0d93d04f4f2215477442195f130719d2903cf58a842de
Delphis Consulting Plc Security Team Advisory DST2K0010 - Two vulnerabilities were found in Ceilidh v2.60a for Microsoft Windows NT v4.0 Workstation (SP6). The html code which is generated by ceilidh.exe (example URL below) contains a hidden form field by the name of "translated_path", revleaing the true path. By using a specially crafted POST statement it is possible to spawn multiple copies of ceilidh.exe each taking 1% of CPU and 700k of memory. This can be sent multiple times to cause resource depletion on the remote host.
a6cda6dae6a389943157179ee378334ec7371c8e332286018cbcdb607a039b2e
Delphis Consulting Plc Security Team Advisory DST2K0003 - Buffer Overrun in NAI WebShield SMTP v4.5.44 Management Tool for Microsoft Windows NT v4.0 Server (SP6). Any user who can connect to tcp port 9999 can obtain a copy of the configuration. Secondly, if you pass an oversized buffer of 208 bytes or more within one of the configuration parameters the service will crash overwriting the stack but and the EIP with what ever was passed within the parameter.
5230eece683fd72a6c2495b32df00a21a3efe154506ea65502fe723b503ba75a
Delphis Consulting Plc Security Team Advisory DST2K0007 - Buffer Overrun in ITHouse Mail Server v1.04 for Microsoft Windows NT v4.0 Workstation (SP6). Sending an email via SMTP to an IT House Mail Server with a recipient's name in excess of 2270 bytes causes the IT House Mail Server to buffer overrun overwriting the EIP, allowing an attacker to execute arbitrary code on the the server.
04158d4a5fa3738aa4bbf98b226f6ad9e374d75fe9a62e42b5df8f4909473a59
Delphis Consulting Plc Security Team Advisory DST2K0008 - Buffer Overrun in Sambar Server 4.3 (Production). By using the default finger script shipped with Sambar server it is possible to cause an Buffer overrun in sambar.dll overwriting the EIP allowing the execution of arbitry code.
05b6dfa2ec29e75514de7fa8cbc730fb79c63434ccf49ad1b6c49e7cedffd1cb
Delphis Consulting Plc Security Team Advisory DST2K0009 - Userlisting Bug in Ipswitch WS_FTP Server 1.05E allows remote users to confuse the server manager.
c45c47e0f2f64311cef176002da746700559bf5930be62695ff30bd1c8a2b23b