exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 38 of 38 RSS Feed

Files

libc/fnmatch(3) Denial Of Service
Posted May 13, 2011
Authored by Maksymilian Arciemowicz

Multiple vendors libc/fnmatch(3) suffer from a denial of service vulnerability. Affected software includes Apache 2.2.17, NetBSD 5.1, OpenBSD 4.8, FreeBSD, Mac OS X 10.6, and Sun Solaris 10. Apache proof of concept is included.

tags | exploit, denial of service, proof of concept
systems | linux, netbsd, solaris, freebsd, openbsd, apple, osx
advisories | CVE-2011-0419
SHA-256 | 2c1ae950fb3bfed82e98d5621bda7e64d189490f5059fd8d12ecb495733b1b59

Related Files

iDEFENSE Security Advisory 2005-12-05.3
Posted Dec 9, 2005
Authored by iDefense Labs, infamous41md | Site idefense.com

iDEFENSE Security Advisory 12.05.05 - Local exploitation of a heap-based buffer overflow vulnerability in xpdf, as included by multiple vendor's software distributions, could allow attackers to cause a denial of service (DoS) condition, potentially resulting in arbitrary code execution. The vulnerability specifically exists due to insufficient input validation in the DCT stream parsing code. The DCTStream::readProgressiveSOF function from xpdf/Stream.cc takes the value of numComps from user-controllable data from within the PDF file. The numComps value is used in a loop to copy data from the file into a pre-allocated buffer in the heap. iDefense has confirmed the existence of this vulnerability in xpdf 3.01. All earlier versions of xpdf are suspected vulnerable.

tags | advisory, denial of service, overflow, arbitrary, local, code execution
advisories | CVE-2005-3191
SHA-256 | c6103f732bea5f0f3b3c1eccfb9724f0b4ae65ebb4bcbf19c83b3651216ae70d
iDEFENSE Security Advisory 2005-12-05.1
Posted Dec 9, 2005
Authored by iDefense Labs, infamous41md | Site idefense.com

iDEFENSE Security Advisory 12.05.05 - Local exploitation of a heap-based buffer overflow vulnerability in xpdf, as included by multiple vendor's software distributions, could allow attackers to cause a denial of service (DoS) condition, potentially resulting in arbitrary code execution. The vulnerability specifically exists due to insufficient input validation in the JPX Stream parsing code for decoding embedded JPEG 2000 images. iDefense has confirmed the existence of this vulnerability in xpdf 3.01. All earlier versions of xpdf are suspected vulnerable.

tags | advisory, denial of service, overflow, arbitrary, local, code execution
advisories | CVE-2005-3193
SHA-256 | 461e2c30244cb0b905fd84506412e0b22210fbc6a3c74965d22b1ee24d1e7f5f
iDEFENSE Security Advisory 2005-10-13.2
Posted Oct 15, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 10.13.05-2 - Remote exploitation of a buffer overflow vulnerability in multiple vendor's implementations of curl and wget allows attackers to execute arbitrary code. The vulnerability specifically exists due to insufficient bounds checking on user-supplied data supplied to a memory copy operation. iDEFENSE Labs has confirmed the following software versions are vulnerable: wget 1.10, curl 7.13.2, libcurl 7.13.2.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2005-3185
SHA-256 | 6ca0a080104f023ed49478d1c52cf6c338ea8b44a064333663bae90d8eb049b6
iDEFENSE Security Advisory 2005-10-13.1
Posted Oct 15, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 10.13.05-1 - Local exploitation of a buffer overflow vulnerability in XMail, as distributed with multiple vendors' operating systems, allows local attackers to execute arbitrary code with elevated privileges. iDEFENSE Labs has confirmed the existence of this vulnerability in XMail 1.21.

tags | advisory, overflow, arbitrary, local
advisories | CVE-2005-2943
SHA-256 | 1b320b689bedead02c74ee3c697b8e7f048d9d58114241bfebf418570abc25d1
iDEFENSE Security Advisory 2005-10-10.2
Posted Oct 11, 2005
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 10.10.05-2 - Remote exploitation of a buffer overflow vulnerability in Kaspersky Labs' Anti-Virus Engine allows remote attackers to execute arbitrary code. Kaspersky Anti-Virus Engine is used by multiple vendors in Linux virus scanner products and exploitation requires minimal interaction by a targeted user.

tags | advisory, remote, overflow, arbitrary, virus
systems | linux
advisories | CVE-2005-2937
SHA-256 | 687cfe35f56b41da5bef27898fef324bfb17e6910d56678af39622a53cf3acf8
cybsecApps.txt
Posted Sep 5, 2005
Authored by mnunez | Site cybsec.com

Multiple vendor web scanning utilities suffer from script injection vulnerabilities. These include N-Stealth Commercial Edition versions below 5.8.0.38, N-Stealth Free Edition versions below 5.8.1.03, and Nikto versions 1.35 and below.

tags | exploit, web, vulnerability
SHA-256 | 5d0cd9d18bf2bcdf2c6d9c6188b8e53f8a16bdf7b1d3e239bb9c4656783da2e8
tcptimestamps.c
Posted May 27, 2005
Authored by Daniel Hartmeier

TCP Timestamps remote denial of service exploit that affects multiple vendors.

tags | exploit, remote, denial of service, tcp
SHA-256 | 955900a7b6e9db832f434809c3a59742c8f8ffe40bba9ee2d53f3eec46ecb241
iDEFENSE Security Advisory 2004-10-18.t
Posted Oct 26, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 10.18.04: Multiple Vendor Anti-Virus Software Detection Evasion Vulnerability. Multiple anti-virus vendors including McAfee, Computer Associates, Kaspersky, Sophos, Eset and RAV are affected. The problem specifically exists in the parsing of .zip archive headers. It is possible to modify the uncompressed size of archived files in both the local and global header without affecting functionality. An attacker can compress a malicious payload and evade detection by some anti-virus software by modifying the uncompressed size within the local and global headers to zero.

tags | advisory, local, virus
advisories | CVE-2004-0934
SHA-256 | 9e1955876761267e6f0d00cd7477263281b313c1febd690795708c4ecf029042
soapy.txt
Posted Mar 17, 2004
Authored by Amit Klein | Site SanctumInc.com

Multiple vendors suffer from a denial of service vulnerability in their SOAP servers. Products affected: Macromedia ColdFusion/MX 6.0 and 6.1, ColdFusion/MX 6.0 and 6.1 J2EE, all editions of Macromedia JRun 4.0, and Sun Java System Application Server 7 Update 2 Upgrade and prior releases.

tags | advisory, java, denial of service
SHA-256 | edfd88863f29ed6adcb5fa19d6baa42407918c5ba0a3e4f0296be2a21ea83fbd
Rapid7 Security Advisory 12
Posted Mar 14, 2003
Authored by Rapid7 | Site rapid7.com

Rapid 7 Security Advisory - In July 2001, the PROTOS protocol testing group at the University of Oulu in Finland released an LDAP protocol test suite that exposed flaws in LDAP implementations from multiple vendors. Lotus Domino R5.0.7a addressed these issues but regression testing on the R6 Beta release shows that it is still vulnerable to the issues PROTOS discovered. Vulnerable Versions: Lotus Notes/Domino R6 pre-release and beta versions, Lotus Domino R5.0.7 and earlier versions.

tags | advisory, protocol
SHA-256 | cdbcbb8ace4dd1eac056a47326a4c7d94f7ee4cee734a2d5b0c50984a1c31022
CA-2003-06.sip
Posted Feb 21, 2003
Site cert.org

CERT Advisory CA-2003-06 - Numerous vulnerabilities have been reported in multiple vendor implementations of the Session Initiation Protocol, or SIP, which may allow an attacker to gain unauthorized privileged access, cause denial-of-service attacks, or cause unstable system behavior.

tags | vulnerability, protocol
SHA-256 | 92239b658525dff1c27f48b457af32ebc807d65b174c7082d08fb4a6bf2a2743
CA-2002-36.ssh
Posted Dec 21, 2002
Site cert.org

CERT Advisory CA-2002-36 - Multiple vendors' implementations of the secure shell (SSH) transport layer protocol contain vulnerabilities that could allow a remote attacker to execute arbitrary code with the privileges of the SSH process or cause a denial of service. The vulnerabilities affect SSH clients and servers, and they occur before user authentication takes place. OpenSSH is not vulnerable. More information available here.

tags | remote, denial of service, arbitrary, shell, vulnerability, protocol
SHA-256 | fc2411c6232f4bec9861e44cc3a10cda790c69eb0b22484d00b48e73b52c0feb
teso-advisory-011.txt
Posted Jul 29, 2001
Authored by teso, scut | Site team-teso.net

TESO Security Advisory #11 - Multiple vendor Telnet Daemon vulnerability. Most current telnet daemons in use today contain a buffer overflow in the telnet option handling. Under certain circumstances it may be possible to exploit it to gain root privileges remotely. Affected systems include BSDI 4.x, FreeBSD, IRIX, Linux with netkit-telnetd < 0.14, NetBSD, OpenBSD 2.x, and Solaris.

tags | overflow, root
systems | linux, netbsd, solaris, freebsd, irix, openbsd
SHA-256 | 4849ac76d26caec6f947c4879fceb873db9d4fbf399d4ebadda0a88587f6c0ba
Page 2 of 2
Back12Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close