Unsafe Signal Handling in Sendmail
RAZOR advisory: Unsafe Signal Handling in Sendmail Issue Date: May 28, 2001 Contact: Michal Zalewski <[email protected]> Topic: Sendmail signal handlers used for dealing with specific signals are vulnerable to numerous race conditions. Affected Systems: Any systems running sendmail.....
-0.1AI Score
-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2001-09 Statistical Weaknesses in TCP/IP Initial Sequence Numbers Original release date: May 01, 2001 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected * Systems using TCP...
-0.1AI Score
0.029EPSS
Hi Following the recent habits, I break the advisory into 4 parts: OVERVIEW: There is a critical bug in cfingerd daemon <= 1.4.3, (a classic format bug) that makes possible to acquire full control over the remote machine if it runs the cfingerd program, the configurable and secure finger daemon....
-0.4AI Score
Multiple TCP/IP implementations may use statistically predictable initial sequence numbers
Overview Attacks against TCP initial sequence number generation have been discussed for some time now. It has long been recognized that the ability to know or predict ISNs can lead to TCP connection hijacking or spoofing. What was not previously illustrated was just how predictable one...
-0.2AI Score
0.029EPSS
SSH authentication agent follows symlinks via a UNIX domain socket
Overview Older versions of SSH allow local attackers to to establish ssh sessions as the victim user without authentication. Description The text of this document was originally released on January 20, 1998, as SNI-23, developed by Secure Networks, Inc. (SNI). To more widely broadcast this...
-0.4AI Score
0.001EPSS
-0.2AI Score
0.012EPSS
Hi Folks, i have just compiled the well-known IIS tricks. I hope it will be helpful for securing your server. any comment,suggestion or insult...? wellcome MAB- SECURING IIS by BREAKING ===================================================== by...
-0.1AI Score
WU-FTPD 2.6.1 Вышла новая версия популярного FTP сервера WU-FTPD - WU-FTPD 2.6.1. В данной версии появилась поддержка virtual passwd/virtual shadow как в BeroFTPD. Кроме того пофиксен серьезный security баг, благодаря которому пользователь мог получить права root-а. Также пофиксен баг с возможной.....
-0.2AI Score
Linux kernel 2.2.15aa1 Вышла новая и первая версия ядра из серии Linux kernel 2.2.15aaxx. Это ядро предназначено, прежде всего, для больших и мощных серверов с большим объемом RAM. Подробнее: http://linuxtoday.com/stories/21325.html The Real Microsoft Killer: Open File Formats Cтатья обращает...
-0.2AI Score
7.4AI Score
EPSS
-0.3AI Score
-0.1AI Score
-0.3AI Score
-0.1AI Score
-0.2AI Score
-0.1AI Score
-0.4AI Score
-0.4AI Score
-0.2AI Score
-0.3AI Score