Showing 1 - 5 of 5

Files Date: 2000-09-22 to 2000-09-23

cisco.00-09-21.ciscosecure_acs: Posted Sep 22, 2000; Site cisco.com; Cisco Security Advisory - This advisory highlights three vulnerabilities found in the CiscoSecure Access Control Server for Windows NT. The first bug is a buffer overflow in the CSAdmin module that allows a malicious user to execute arbitrary code or crash the module by sending an oversized packet to TCP port 2002. The second vulnerability involves sending an oversized TACACS+ packet to the CiscoSecure ACS thereby creating an unstable condition within the system conducive to denial of service attacks. Lastly, the enable password can be bypassed to gain unauthorized access to a router or switch if the interaction is between an LDAP server that allows null passwords and a CiscoSecure ACS for Windows NT. All releases of CiscoSecure ACS for Windows NT Server up to and including 2.1(x), 2.3(3), and 2.4(2) are vulnerable. CiscoSecure ACS for UNIX is not affected.; tags | denial of service, overflow, arbitrary, tcp, vulnerability; systems | cisco, windows, unix; SHA-256 | c230ea8e43185ba2ece9c31b2ac308f4498d45ee881a3a4a2f35e0351d9bdc5f; Download | Favorite | View

ms00-067: Posted Sep 22, 2000; Microsoft Security Bulletin (MS00-067) - Microsoft has released a patch for the "Windows 2000 Telnet Client NTLM Authentication" vulnerability in the telnet client that ships with Microsoft Windows 2000. The vulnerability allows a malicious user to obtain cryptographically protected NTLM logon credentials from another user by creating a HTML document that, when opened, attempts to initiate a Telnet session to a rogue telnet server. Microsoft FAQ on this issue available here. By; systems | windows; SHA-256 | 34c0e50c48ca898fba0caa41c3a1760910f4f14b482584bf5b5a60d7a1017fb5; Download | Favorite | View

vpnd-1.1.0.tar.gz: Posted Sep 22, 2000; Site sunsite.auc.dk; The virtual private network daemon vpnd is a daemon which connects two networks on network level either via TCP/IP or a (virtual) leased line attached to a serial interface. All data transfered between the two networks are encrypted using the unpatented free Blowfish encryption algorithm. Functional overview available here.; Changes: Minor fixes, FreeBSD Port.; tags | tool, tcp, firewall; systems | unix; SHA-256 | 06c9ef950e12a1ff05a6ef5cb69bbc937c548492d3d5baa9cec8315e126f9cd6; Download | Favorite | View

webonycer.zip: Posted Sep 22, 2000; Authored by Fox Mulder; Webonycer is a tool to assist newbies in chaining proxies.; SHA-256 | d3e7b4559630143fbdf0e9a515c0715a6f02fdb5b46438a0828b187a92b994f6; Download | Favorite | View

tco.txt: Posted Sep 22, 2000; Authored by synnergy, Dethy | Site synnergy.net; Synnergy Laboratories Advisory SLA-2000-14 - The BSD/Linux telnet client has a stack overflow which is not usually a security problem, except in the case of a restricted shell environment which allows users to set environment variables and run telnet. Perl proof of concept exploit included.; tags | exploit, overflow, shell, perl, proof of concept; systems | linux, bsd; SHA-256 | edc44b44131a6f19bee4f950cce7723477469f167ee3406d25923487214db406; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days