REMOTE EXPLOIT IN ALL CURRENT VERSIONS OF BIG BROTHER

/ Big Brother Exploit For ALL Versions prior to v.1.4h Desc: View the contents of any file on the remote system. Including /etc/passwd or /etc/shadow Contributions: Identified and Proof of Concept by Safety and Loki LoA Greets and shouts to: RootHat, Lammie The Infamous Lamagra! We know wuftpd wa...

dalnet 4.6.5 remote vulnerability

This was something that w00w00 was originally going to release under the w00giving, but we never did. So, I thought this would fit well with vuln-dev. The complication is that no individual variable is large enough to fit shellcode, so it requires splitting the shellcode between the nickname,...

Multiples Remotes DoS Attacks in Dragon Server v1.00 and v2.00 Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiples Remotes DoS Attacks in Dragon Server v1.00 and v2.00 Vulnerability USSR Advisory Code: USSR-2000046 Release Date: June 16, 2000 Systems Affected: Dragon Server v2.00 Dragon Server v1.00 THE PROBLEM The Ussr Labs team has recently discovered ...

Shadow Op Software Dragon Server 1.02.0 - Multiple Denial of Service Vulnerabilities

Shadow Op Software Dragon Server 1.02.0 - Multiple Denial of Service Vulnerabilities source: https://www.securityfocus.com/bid/1352/info Two denial of service vulnerabilities exist in the Dragon Server package, versions 1.00 and 2.00, from Shadow Ops Software. By supplying large arguments to two...

Shadow Op Software Dragon Server 1.0/2.0 - Multiple Denial of Service Vulnerabilities

source: https://www.securityfocus.com/bid/1352/info Two denial of service vulnerabilities exist in the Dragon Server package, versions 1.00 and 2.00, from Shadow Ops Software. By supplying large arguments to two different network services, it is possible to cause these services to be innaccessibl...

An Analysis of the TACACS+ Protocol and its Implementations

-----BEGIN PGP SIGNED MESSAGE----- OW-001-tacplus, revision 1 May 30, 2000 An Analysis of the TACACS+ Protocol and its Implementations ----------------------------------------------------------- This advisory presents an analysis of several vulnerabilities in the TACACS+ protocol. Unfortunately,...

Mandriva Linux Mandrake 7.0 - Local Buffer Overflow

// source: https://www.securityfocus.com/bid/1265/info The linux cdrecorder binary is vulnerable to a locally exploitable buffer overflow attack. When installed in a Mandrake 7.0 linux distribution, it is by default setgid "cdburner" which is a group, gid: 80, that is created for the application...

Buffer Overflow in version .14

IC Radius version .14, and possibly earlier versions, contain a buffer overflow that occurs when trying to authenticate with a valid username longer than 24 characters. The culprit is in mysql.c, in the function sqlgetvpdata. This function is normally run 4 times during authentication. The second...

Atrium Software Mercur WebView WebMail-Client 1.0 - Buffer Overflow

Atrium Software Mercur WebView WebMail-Client 1.0 - Buffer Overflow source: https://www.securityfocus.com/bid/1056/info WebView WebMail-Client is an add-on for the Mercur SMTP/POP3/IMAP4 Mail Server which allows a user to access email through a web browser. Insufficient boundary checking exists i...

Atrium Software Mercur WebView WebMail-Client 1.0 - Buffer Overflow

source: https://www.securityfocus.com/bid/1056/info WebView WebMail-Client is an add-on for the Mercur SMTP/POP3/IMAP4 Mail Server which allows a user to access email through a web browser. Insufficient boundary checking exists in the code which handles GET requests, specifically on port 1080...

Daniel Beckham The Finger Server 0.82 Beta - Pipe

Daniel Beckham The Finger Server 0.82 Beta - Pipe source: https://www.securityfocus.com/bid/974/info 'The Finger Server' is a perl script for providing .plan-like functionality through a website. Due to insufficient input checking it is possible for remote unauthenticated users to execute shell...

Jgaa WarFTPd 1.66 x4s1.67-3 - CWDMKD Denial of Service

Jgaa WarFTPd 1.66 x4s1.67-3 - CWDMKD Denial of Service // source: https://www.securityfocus.com/bid/966/info War-FTPd 1.67 and possibly previous versions are susceptible to a buffer overflow DoS attack. Due to improper bounds checking in the code that handles MKD and CWD commands, it is possible ...

Check Point Software Firewall-1 3.0 Script - Tag Checking Bypass

Check Point Software Firewall-1 3.0 Script - Tag Checking Bypass source: https://www.securityfocus.com/bid/954/info Firewall-1 includes the ability to alter script tags in HTML pages before passing them to the client's browser. This alteration invalidates the tag, rendering the script unexecutabl...

unixware.xlock.txt

-----Original Message----- Date: Fri, 26 Nov 1999 04:29:42 +0300 MSK From: Matt Conover To: [email protected] Subject: w00giving '99 7: UnixWare 7's xlock Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII w00w00 Security Development WSD...

unixware.su.txt

-----Original Message----- Date: Fri, 26 Nov 1999 04:16:41 +0300 MSK From: Matt Conover To: [email protected] cc: [email protected] Subject: w00giving '99 5 and w00news: UnixWare 7's su Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII w00w00 Security Developmen...

imail.txt

w00w00 Security Development WSD See http://www.datasurge.net/www.w00w00.org until relocation of w00w00.org is complete. Discovered by: Interrupt [email protected] Due to improper bounds checking in Ipswitch's IMAIL POP3 server, a buffer overflow occurs when a lengthy username is sent via "USER ". It...

WFTPD 2.342.403.0 - Remote Buffer Overflow

WFTPD 2.342.403.0 - Remote Buffer Overflow source: https://www.securityfocus.com/bid/747/info WFTPD is reported prone to a remote buffer overflow vulnerability. The issue exists due to a lack of sufficient bounds checking performed on MKD and CWD arguments. It is reported that superfluous data...

WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/747/info WFTPD is reported prone to a remote buffer overflow vulnerability. The issue exists due to a lack of sufficient bounds checking performed on MKD and CWD arguments. It is reported that superfluous data passed to MKD first and then to CWD results i...

HP HP-UX 10.2011.0 IBM AIX 4.3 SCO Unixware 7.0 Sun Solaris 2.6 - Change File Permission

HP HP-UX 10.2011.0 IBM AIX 4.3 SCO Unixware 7.0 Sun Solaris 2.6 - Change File Permission source: https://www.securityfocus.com/bid/131/info Due to improper checking of ownership, the dtappgather utility shipped with the Common Desktop Environment allows arbitrary users to overwrite any file prese...

WFTPD 2.34/2.40/3.0 - Remote Buffer Overflow (PoC)

source: https://www.securityfocus.com/bid/747/info WFTPD is reported prone to a remote buffer overflow vulnerability. The issue exists due to a lack of sufficient bounds checking performed on MKD and CWD arguments. It is reported that superfluous data passed to MKD first and then to CWD results i...