Low: Red Hat Security Advisory: dovecot security and bug fix update

An updated dovecot package that corrects two security flaws and various bugs is now available for Red Hat Enterprise Linux 5. This update has been rated as having low security impact by the Red Hat Security Response Team. Dovecot is an IMAP server for Linux and UNIX-like systems, primarily writte...

APC AP7932 unauthorized access

Logical error in authentication process...

ragnarok-bypass.txt

VaLiuS has reported a vulnerability in Ragnarok Online Control Panel, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the authentication process when checking page access. This can be exploited to bypass the...

PPPoE authentication and use-vulnerability and early warning-the black bar safety net

This article is based on the Black anti-2 0 0 5, No. 8, issue of the PPPoE authentication risks with the use of the original author: the knife）rewritten, or republished, column reader Mo laugh to. One, Foreword In recent years, Internet data traffic has developed rapidly, broadband users showed...

Apple Mac OS X多个安全漏洞

Apple Mac OS X是苹果家族机器所使用的操作系统。 最新的Mac OS X更新修复了多个漏洞，具体如下： CVE-2006-1472 AFP Server中的漏洞允许在搜索结果中包含执行搜索用户无权访问的文件和文件夹。如果文件名本身就是敏感信息的话，就可能导致信息泄露；如果权限允许的话，攻击者还可以访问文件内容。 CVE-2006-1473 已认证用户可以触发AFP Server中的整数溢出漏洞，导致拒绝服务或以系统权限执行任意代码。AFP Server在Mac OS X中不是默认启用的。 CVE-2006-3495 在Mac OS X Server上，AFP...

mod_pubcookie -- Empty Authentication Security Advisory

Nathan Dors, Pubcookie Project reports: An Abuse of Functionality vulnerability in the Pubcookie authentication process was found. This vulnerability allows an attacker to appear as if he or she were authenticated using an empty userid when such a userid isn't expected. Unauthorized access to web...

CVE-2006-3679

FatWire Content Server 5.5.0 allows remote attackers to bypass access restrictions and obtain administrative privileges via unspecified attack vectors in the authentication process...

CVE-2006-3679

CVE-2006-3679 affects FatWire Content Server 5.5.0. The vulnerability allows remote attackers to bypass access restrictions and obtain administrative privileges via unspecified attack vectors in the authentication process. According to the NVD entry, exploitation requires no authentication (netwo...

CVE-2006-3679

FatWire Content Server 5.5.0 allows remote attackers to bypass access restrictions and obtain administrative privileges via unspecified attack vectors in the authentication process...

CVE-2005-0396

Desktop Communication Protocol DCOP daemon, aka dcopserver, in KDE before 3.4 allows local users to cause a denial of service dcopserver consumption by "stalling the DCOP authentication process."...

kdelibs security update

CentOS Errata and Security Advisory CESA-2005:307 Updated kdelibs packages that fix a local denial of service issue are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The kdelibs package provides libraries for the K Desktop...

dmsPOP3.txt

Summary: A buffer overflow exists in DMS POP3 Server for Windows 2000/XP 1.5.3 build 37 http://www.digitalmapping.sk.ca/pop3srv/default.asp and prior versions. Details: A buffer overflow occurs during the POP3 authentication process when an overly long username is supplied. When the username buff...

GLSA-200408-04 : PuTTY: Pre-authentication arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-200408-04 PuTTY: Pre-authentication arbitrary code execution PuTTY contains a vulnerability allowing a malicious server to execute arbitrary code on the connecting client before host key verification. Impact : When connecting to a...

Multiple bugs in Orcale

Multiple bugs including remote buffer overflow in authentication process...

Kerio Personal Firewall Administrator Authentication Handshake Packet Remote Buffer Overflow

Kerio Personal Firewall is vulnerable to a buffer overflow attack involving the administrator authentication process. An attacker may use this to crash Kerio or to execute arbitrary code on the system. C Tenable Network Security, Inc. Exploit string by Core Security Technologies References: Date:...

CVE-2003-0220

Kerio Personal Firewall (KPF) 2.1.4 and earlier contains a remote buffer overflow in the administrator authentication handshake that allows remote code execution. Evidence from CVE-2003-0220 and multiple sources confirms the vulnerability affects the admin port, enabling arbitrary code execution ...

Lotus Notes buffer overflows

Heap overflow during authentication process. Buffer overflow on oversized HTTP server reply Status: header in Web Retriever...

ProFTPd 1.2.0 rc2 - Memory Leakage

/ | Proftpd DoS | by Piotr Zurawski [email protected] | This source is just an example of memory leakage in proftpd-1.2.0rc2 | server discovered by Wojciech Purczynski. | / include include include include include include include include include include include include include define USERNAME...

Netopia Timbuktu Pro Remote Control 2.0/5.2.1 - Denial of Service

source: https://www.securityfocus.com/bid/984/info Simple connections and disconnections to Timbuktu ports can hang the authentication process and halt all Timbuktu services. To return to normal functionality, the Timbuktu process will need to be killed and the Timbuktu service is required to be...