Проблемы с tcp_wrappers в FreeBSD (protection bypass)

Режим PARANOID hostname chacking не работает так, как заявлено...

Security Advisory FreeBSD-SA-01:56.tcp_wrappers

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:56 Security Advisory FreeBSD, Inc. Topic: tcpwrappers PARANOID hostname checking does not work Category: core Module: tcpwrappers Announced: 2001-08-23 Credits: Tony Finc...

FreeBSD-SA-01:56.tcp_wrappers

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:56 Security Advisory FreeBSD, Inc. Topic: tcpwrappers PARANOID hostname checking does not work Category: core Module: tcpwrappers Announced: 2001-08-23 Credits: Tony Finc...

CVE-2001-0524

eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier...

CVE-2001-0524

eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier...

Security Advisory 2000-011: Insufficient msg_controllen checking for sendmsg(2)

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-011 ================================= Topic: Insufficient msgcontrollen checking for sendmsg2 Version: All releases of NetBSD from 1.3 to 1.5, and -current Severity: Any local user can panic the system Fixed: NetBSD-current: July 1,...

Fwd: Microsoft Word macro vulnerability advisory MS01-034

Hi, Within minutes of Microsoft posting the bulletin on their site, my mailbox was swamped with emails from people asking the same two questions. I am therefore forwarding the below email minus the sample document! to the BugTraq mailing list to reach a wide audience and answer the two questions ...

DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries

Overview Incorrect decoding of malformed DNS packets causes certain DNS implementations to hang or crash. Description RFC1035 DOMAIN NAMES, IMPLEMENTATION AND SPECIFICATION defines a mechanism for conserving bytes in a DNS query or reply packet by avoiding repetition of character strings "labels"...

HPUX / 800 models / Old-styled exploit for cue

Hi there, One of the major problems I see with admins/security nowadays is that admin don't secure their host : they install patches ...which is slightly different. It reminds me of this very old advisory which was issued by HP in 1997 !!! about /usr/bin/cue : In the "Workarounds/Solution" sectio...

Exim 3.x - Format String

Exim 3.x - Format String source: https://www.securityfocus.com/bid/2828/info Exim is a free, open-source Mail Transfer Agent for Unix systems. Exim is vulnerable to a locally exploitable format string attack which may compromise root access. The vulnerability exists only when the 'syntax checking...

Exim 3.x - Format String

source: https://www.securityfocus.com/bid/2828/info Exim is a free, open-source Mail Transfer Agent for Unix systems. Exim is vulnerable to a locally exploitable format string attack which may compromise root access. The vulnerability exists only when the 'syntax checking' mode is turned on, whic...

Vulnerability discovered in SpearHead NetGap

Background --------------- SpearHead's NetGAP™ appliance physically disconnects a company's network from the Internet. The product consists of two separate computers, an Untrusted CPU and a Trusted CPU, that are never directly connected at any given time. NetGap™ includes a content checking engin...

Netscape Enterprise Server 4.1 - HTTP Method Name Buffer Overflow

source: https://www.securityfocus.com/bid/6792/info It has been reported that iPlanet Web Server and Netscape Enterprise Server are prone to a remotely exploitable buffer overflow condition. This is due to insufficient bounds checking when handling HTTP requests. This condition is reportedly...

Internet Explorer incorrectly validates certificates when CRL checking is enabled

Overview Microsoft Internet Explorer IE fails to properly validate certificates when CRL checking is enabled. As a result, sensitive information may be exposed. Description Digital certificates are small documents used to authenticate and encrypt information transmitted over the Internet. One ver...

Innfeed Buffer Overflow

====================================================================== Defcom Labs Advisory def-2001-19 innfeed buffer overflow Author: Enrique A. Sanchez Montellano @defcom.com Author: Alex Hernandez [email protected] Release Date: 2001-04-18...

MDaemon IMAP Denial Of Service

Advisory Name:MDaemon IMAP Denial Of Service Discovered:23rd Of March 2001 Application:Alt-N Technologies MDaemon 3.5.6 - Other versions most likely prior to this Platform:Windows 2k,95/98/NT - others unknown Severity:Denial of service from application Credit:[email protected] Vendor Status:Unkno...

Buffer oveflow in FTPFS (linux kernel module)

FTPFS http://sourceforge.net/projects/ftpfs is a Linux kernel module, enhancing VFS with FTP volume mounting capabilities. However, it has insufficient bounds checking. If a user can enter mount options through a wrapper, he can take over the whole system, even with restricted capabilities. Here'...

Rob Malda ASCDC 0.3 - Local Buffer Overflow (2)

Rob Malda ASCDC 0.3 - Local Buffer Overflow 2 // source: https://www.securityfocus.com/bid/2462/info ascdc is a program written for X by Rob Malda. It is designed to provide a graphical interface to cd changing on linux systems. A vulnerability in the program could allow elevated privileges on a...

Rob Malda ASCDC 0.3 - Local Buffer Overflow (1)

/ source: https://www.securityfocus.com/bid/2462/info ascdc is a program written for X by Rob Malda. It is designed to provide a graphical interface to cd changing on linux systems. A vulnerability in the program could allow elevated privileges on a system with the package installed setuid. Due t...

Rob Malda ASCDC 0.3 - Local Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/2462/info ascdc is a program written for X by Rob Malda. It is designed to provide a graphical interface to cd changing on linux systems. A vulnerability in the program could allow elevated privileges on a system with the package installed setuid. Due ...