what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 14 of 14 RSS Feed

Files from Peter Grundl

First Active2002-02-05
Last Active2002-09-21
Posted Sep 21, 2002
Authored by Peter Grundl | Site kpmg.dk

A malicious user can issue a malformed HTTP request and cause the IBM Websphere webserver v4.0.3 and below to crash. Tested against Windows 2000 Server. Patch available here.

tags | web
systems | windows
SHA-256 | 73edcf7610e2a16e3516da49227b994a97becdd7d1f75b60517877ec6095d46e
Posted Sep 20, 2002
Authored by Peter Grundl | Site kpmg.dk

KPMG security advisory 2002035 - IBM Websphere 4.0.3 on Windows 2000 Server does not process large HTTP headers received from connected clients correctly. This can be used to remotely crash the application. The advisory contains patch information that can be used to counter this vulnerability.

tags | web
systems | windows
SHA-256 | 42521d9ce42e9706532fdcd6ca4eb3e092a3f4f38c91caeec71e5b5a37a532d4
Posted Jul 10, 2002
Authored by Peter Grundl | Site kpmg.dk

The Bea Weblogic server v5.1.x - 7.0 on on Windows 2000 and NT s vulnerable to a data/connection flooding vulnerability that will result in the web service crashing with a report of an error in NTDLL.DLL.

tags | web
systems | windows
SHA-256 | dd160476ade9f37a3ffeb6de0034fa4f92660fc33d0466f882498e45e0c25e92
Posted Jul 10, 2002
Authored by Peter Grundl, Andreas Sandor | Site kpmg.dk

Watchguard Firebox Dynamic VPN Configuration Protocol Denial of Service - Malicious users can crash the Dynamic VPN Configuration Protocol service (DVCP) by sending a malformed packet to the listener service on TCP port 4110. Watchguard Firebox firmware v5.x.x is vulnerable.

tags | denial of service, tcp, protocol
SHA-256 | f7fefdb893755ef161385dc353bea35abe34c677710fe9ef1b8f81eb0e3212b7
Posted May 5, 2002
Authored by Peter Grundl, Andreas Sandor

Several issues with the Snapgear Lite+ Firewall v1.5.3 and 1.5.4 allows malicious users to cause a Denial of Service situation, where part of or all of the Firewall would cease to function.

tags | denial of service
SHA-256 | ea5aadf5bae1bc169cd38590efe537ef0df81deca563defaf5c777f035e00c64
Posted May 1, 2002
Authored by Peter Grundl

The Bea Weblogic server v4.1 sp2 on Windows 2000 incorrectly parses certain types of URL requests, resulting in the physical path being revealed, a Denial of Service situation and revealing of .jsp sourcecode.

tags | denial of service
systems | windows
SHA-256 | 5238686bc453229b4aceceb879e2d11abd43881bf84eafdc99cb6eaafadf1cac
Posted Apr 25, 2002
Authored by Peter Grundl

Microsoft Distributed Transaction Coordinator DoS - A flaw in the way MSDTC handles malformed packets could allow an attacker to hang the service and exhaust resources on the Server. If an attacker sends 20200 null characters to the MSDTC service, which listens on TCP port 3372, server resources are allocated poorly. This attack can result in MSDTC.EXE spiking at 100% cpu usage, MSDTC refusing connections and kernel resources being exhausted. This was fixed with MS02-018, although the security bulletin does not mention this vulnerability.

tags | kernel, tcp
SHA-256 | 56dd249e53673e98d3a0139b8cf8aa106a4ee865cfe40d1c24f7be6f85c089c5
Posted Apr 25, 2002
Authored by Peter Grundl

A format string bug in Foundstone Fscan v1.12 for Windows can result in a malicious service banner overwriting the stack and the EIP on the PC performing the scanning, if banner grabbing is enabled. Fix available here.

systems | windows
SHA-256 | 48240b9faf31846718310f57a76c6e7c7d0a140705f914f460b711509490f1c7
Posted Apr 23, 2002
Authored by Peter Grundl

Cold Fusion v5.0 on Windows 2000 w. IIS5 contains a bug because requests for certain DOS-devices are parsed by the isapi filter that handles .cfm and .dbm result in error messages containing the physical path to the web root.

tags | web, root
systems | windows
SHA-256 | e1c8dfbb628e1242d3787672e22d4588966e1ef76382598ce80d04e1ad70f7e9
Posted Apr 23, 2002
Authored by Peter Grundl

The Sambar Webserver v5.1p on Windows 2000 contains a flaw in the serverside URL parsing that allows malicious users to bypass serverside fileparsing and display the sourcecode of scripts. The same flaw could allow a malicious user to crash the web service. Example URL's included. Fix available here.

tags | web
systems | windows
SHA-256 | 7bff33cd3a2c799145ed9e3a6b0e19f2ba86cc4529efcc24ac878157fb592ca0
Posted Apr 23, 2002
Authored by Peter Grundl

Windows 2000 microsoft-ds Denial of Service - The default LANMAN registry settings on Windows 2000 could allow a malicious user, with access to TCP port 445 on your Windows 2000, to cause a Denial of Service on Windows 2000 server, advanced server, and processional with SP0, SP1, and SP2. An attack could be something as simple as sending a continuous stream of 10k null chars to TCP port 445.

tags | denial of service, registry, tcp
systems | windows
SHA-256 | 7fe2f78f85a4b46727a496296575d34dab9432bafa9cfa3c252c2610e27d4ae9
Posted Apr 11, 2002
Authored by Peter Grundl

Microsoft IIS 4.0 and 5.0 contains a buffer overrun condition in the isapi extension that handles .htr extensions that allows attackers to crash the service and/or execute arbitrary code on the server. A flaw in ism.dll which handles files with the .htr extension is the cause of this vulnerability. Microsoft advisory on this vulnerability here.

tags | overflow, arbitrary
SHA-256 | d27278de1182e49dc003e21db2c36a8adea55112733bdca6d516e9cfd57786bf
Posted Apr 11, 2002
Authored by Peter Grundl

A flaw in internal object interaction allows malicious users to bring down Internet Information Server 4.0, 5.0 and 5.1 with FP2002. Frontpage contains URL parsers for dynamic components (shtml.exe/dll). If a malicious user issues a request for /_vti_bin/shtml.exe where the URL for the dynamic contents is replaced with a long URL, the submodule will filter out the URL, and return a null value to the web service URL parser, crashing IIS. Microsoft advisory on this vulnerability here.

tags | web
SHA-256 | 2c7f22d92ba1efc6894fb32573cb90993ce6539d8792aa6eb6822d2b40b8c827
Posted Feb 5, 2002
Authored by Peter Grundl

Lotus Domino Webserver prior to 5.0.9a on Windows 2000 contains two remote denial of service vulnerabilities which use up all 400 threads.

tags | remote, denial of service, vulnerability
systems | windows
SHA-256 | 74494345d0050afcc9a1b76fbcc1eae4b85b26f913bb9c3d397a1db280296da0
Page 1 of 1

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By