Delphis Consulting Plc Security Team Advisory DST2K0042 - The following vulnerability in Web+ Application Server under Linux has been discovered. Severity: High. If the default example scripts are installed it is possible to execute/read any file which Web+ user (default is 'nobody') has access to using the Web+Ping example.
10156497169d749f0c7bbb71908785ef25e60f8c034c4b9d631b5d3ebeb6ffddDelphis Consulting Plc Security Team Advisory DST2K0037 - It is possible to bypass the quotas imposed by QuotaAdvisor by utilizing data streams alternative to the default.
1ed58d9fff73920bf7e048bdf48b1e78c46ea96d5ee17b5f33fc69a1e9e5dde5DST2K0032: Multiple Issues with Talentsoft WebPlus Application Server. Delphis Consulting Internet Security Team (DCIST) discovered low to medium severity vulnerabilities in Webplus under Windows NT.
ffc1c16883ca0443a77b4ee6a8af25d3b21541d176140bab9d1b83fa8a7d5a3bDelphis Consulting Plc Security Team Advisory DST2K0019 - WebBBS v1.17 for Windows NT contains multiple buffer overflows, some of which allow remote code execution.
d82eeef70f6585ce7e748912ca67a16cd5fdbba6951e5096053b19902d66b3adDelphis Consulting Plc Security Team Advisory DST2K0018 - WebBBS HTTP Server v1.15 under Windows NT contains remotely exploitable buffer overflow vulnerabilities.
383785cd41cf7c6f787ba8c334cf62949e753093990335612bc043a522725befDelphis Consulting Plc Security Team Advisory DST2K0011 - Buffer Overflow in HP Openview Network Node Manager v6.1 for Microsoft Windows NT v4.0 Workstation (SP6). By using the Alarm service which runs on port 2345 and is installed by default with HP openview network node manager, it is possible to cause a buffer overrun in OVALARMSRV, causing the EIP to be overwritten and allowing the execution of arbitry code.
53187d5cc8489d16517a4cf34b199ff2d209001ce4aa0b95b2f6e55c2e83c5b5Delphis Consulting Plc Security Team Advisory DST2K0011 - The CMail Server v2.4.7 under Windows NT is vulnerable to a buffer overrun in NTDLL.DLL. By sending a long GET request to tcp port 8002, the EIP can be overwritten and arbitrary code execution is possible.
946d10f4fc740a5dbde0d93d04f4f2215477442195f130719d2903cf58a842deDelphis Consulting Plc Security Team Advisory DST2K0010 - Two vulnerabilities were found in Ceilidh v2.60a for Microsoft Windows NT v4.0 Workstation (SP6). The html code which is generated by ceilidh.exe (example URL below) contains a hidden form field by the name of "translated_path", revleaing the true path. By using a specially crafted POST statement it is possible to spawn multiple copies of ceilidh.exe each taking 1% of CPU and 700k of memory. This can be sent multiple times to cause resource depletion on the remote host.
a6cda6dae6a389943157179ee378334ec7371c8e332286018cbcdb607a039b2eDelphis Consulting Plc Security Team Advisory DST2K0003 - Buffer Overrun in NAI WebShield SMTP v4.5.44 Management Tool for Microsoft Windows NT v4.0 Server (SP6). Any user who can connect to tcp port 9999 can obtain a copy of the configuration. Secondly, if you pass an oversized buffer of 208 bytes or more within one of the configuration parameters the service will crash overwriting the stack but and the EIP with what ever was passed within the parameter.
5230eece683fd72a6c2495b32df00a21a3efe154506ea65502fe723b503ba75aDelphis Consulting Plc Security Team Advisory DST2K0007 - Buffer Overrun in ITHouse Mail Server v1.04 for Microsoft Windows NT v4.0 Workstation (SP6). Sending an email via SMTP to an IT House Mail Server with a recipient's name in excess of 2270 bytes causes the IT House Mail Server to buffer overrun overwriting the EIP, allowing an attacker to execute arbitrary code on the the server.
04158d4a5fa3738aa4bbf98b226f6ad9e374d75fe9a62e42b5df8f4909473a59Delphis Consulting Plc Security Team Advisory DST2K0008 - Buffer Overrun in Sambar Server 4.3 (Production). By using the default finger script shipped with Sambar server it is possible to cause an Buffer overrun in sambar.dll overwriting the EIP allowing the execution of arbitry code.
05b6dfa2ec29e75514de7fa8cbc730fb79c63434ccf49ad1b6c49e7cedffd1cbDelphis Consulting Plc Security Team Advisory DST2K0009 - Userlisting Bug in Ipswitch WS_FTP Server 1.05E allows remote users to confuse the server manager.
c45c47e0f2f64311cef176002da746700559bf5930be62695ff30bd1c8a2b23b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed