Integer overflow

Integer overflow in kbdint.c in modsftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service memory consumption via a large response count value in an authentication request, which triggers a large memory allocation...

CVE-2013-4359

Integer overflow in kbdint.c in modsftp in ProFTPD 1.3.4d and 1.3.5r3 allows remote attackers to cause a denial of service memory consumption via a large response count value in an authentication request, which triggers a large memory allocation...

Authentication flaw

Cisco Unified Computing System UCS 1.x before 1.44 and 2.x before 2.02m allows remote attackers to bypass KVM authentication via a crafted authentication request to a Cisco Integrated Management Controller IMC, aka Bug ID CSCts53746...

JVN#45545972: VxWorks SSH server (IPSSH) denial-of-service (DoS) vulnerability

The SSH server IPSSH implementation in VxWorks contains a denial-of-service DoS vulnerability due to an issue in processing authentication requests. Impact SSH access may become unavailable until the next reboot as a result of processing an authentication request. Solution Apply a patch Apply the...

krb5: KDC denial of service vulnerabilities (MITKRB5-SA-2011-006)

The kdbldap plugin in the Key Distribution Center KDC in MIT Kerberos 5 aka krb5 1.9 through 1.9.1, when the LDAP back end is used, allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via a kinit operation with incorrect string case for the realm, relate...

HP StorageWorks Storage Mirroring Double Take Service Code Execution (CVE-2008-1661)

HP StorageWorks is a collection of storage solutions from Hewlett Packard. These solutions include online storage, nearline storage, storage networking , archiving, and storage software. One of the storage software solutions is the Storage Mirroring Software. HP StorageWorks Storage Mirroring...

CVS pserver Detection

This script retrieves the version of CVS pserver. SPDX-FileCopyrightText: 2009 Greenbone AG SPDX-FileCopyrightText: 2009 LSS Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later...

Update Protection against Cisco IOS Administrative Interface HTTP Authentication

Cisco Wireless LAN Controllers WLCs are responsible for system-wide wireless LAN functions, such as security policies, intrusion prevention, RF management, quality of service QoS, and mobility. An attacker with access to the administrative web interface via HTTP or HTTPS may cause the device to...

Apple iTunes < 8.1 Multiple Vulnerabilities (credentialed check)

The version of Apple iTunes installed on the remote Windows host is older than 8.1. Such versions may be affected by multiple vulnerabilities : - It may be possible to cause a denial of service by sending a maliciously crafted DAAP header to the application. CVE-2009-0016 - When subscribing to a...

EFS Easy Chat Server 2.2 - Authentication Request Buffer Overflow (SEH)

EFS Easy Chat Server 2.2 - Authentication Request Buffer Overflow SEH !/usr/bin/python Bug : EFS Easy Chat Server Authentication Request Buffer Overflow Exploit SEH Refer : http://www.milw0rm.com/exploits/4289 Tested on : Xp sp2 fr Exploited by : His0k4 Greetings : All friends & muslims HaCkErs D...

Easy Chat Server Buffer Overflow

!/usr/bin/python Bug : EFS Easy Chat Server Authentication Request Buffer Overflow Exploit SEH Refer : http://www.milw0rm.com/exploits/4289 Tested on : Xp sp2 fr Exploited by : His0k4 Greetings : All friends & muslims HaCkErs DZ import struct import socket buf = "\x41"216 buf += "\xEB\x06\xAE\xFA...

CVE-2008-3010

Microsoft Windows Media Player 6.4, Windows Media Format Runtime 7.1 through 11, and Windows Media Services 4.1 and 9 incorrectly associate ISATAP addresses with the Local Intranet zone, which allows remote servers to capture NTLM credentials, and execute arbitrary code through...

CVE-2008-1661

Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring SWSM before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request...

Stack overflow

Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring SWSM before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request...

CVE-2008-1661

Stack-based buffer overflow in DoubleTake.exe in HP StorageWorks Storage Mirroring SWSM before 4.5 SP2 allows remote attackers to execute arbitrary code via a crafted encoded authentication request...

openSUSE 10 Security Update : MozillaFirefox (MozillaFirefox-4574)

This update brings Mozilla Firefox to security update version 2.0.0.8 Following security problems were fixed : - MFSA 2007-26 / CVE-2007-3844: Privilege escalation through chrome-loaded about:blank windows Mozilla researcher mozbugra4 reported that a flaw was introduced by the fix for MFSA 2007-2...

Cherokee Web Server auth_pam Authentication Format String

The remote host is running Cherokee - a fast and tiny web server. The remote version of this software is vulnerable to a format string attack when processing authentication requests using authpam. This could allow a remote attacker to cause a denial of service, or potentially execute arbitrary...

Mandrake Linux Security Advisory : samba (MDKSA-2004:092)

Two vulnerabilities were discovered in samba 3.0.x; the first is a defect in smbd's ASN.1 parsing that allows an attacker to send a specially crafted packet during the authentication request which will send the newly spawned smbd process into an infinite loop. As a result, it is possible to use u...

CVE-2004-0193

Heap-based buffer overflow in the ISS Protocol Analysis Module PAM, as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Serv...

CVE-2003-1030

DameWare Mini Remote Control is affected by a pre-authentication buffer overflow in the service listening on TCP 6129, allowing remote code execution. The issue affects versions before 3.73; remediation is to upgrade to 3.73.0.0 or later. The connected Nessus data confirms remote exploitation via...