316 matches found
Endless loop in Halo 1.06
Luigi Auriemma Application: Halo: Combat Evolved http://www.microsoft.com/games/pc/halo.aspx Versions: = 1.06 and Custom Edition 1.00 Platforms: Windows Bug: endless loop Exploitation: remote, versus server Date: 24 May 2005 Author: Luigi Auriemma e-mail: [email protected] web:...
GLSA-200505-06 : TCPDump: Decoding routines Denial of Service vulnerability
The remote host is affected by the vulnerability described in GLSA-200505-06 TCPDump: Decoding routines Denial of Service vulnerability TCPDump improperly handles and decodes ISIS CAN-2005-1278, BGP CAN-2005-1267, CAN-2005-1279, LDP CAN-2005-1279 and RSVP CAN-2005-1280 packets. TCPDump might loop...
Debian DSA-708-1 : php3 - missing input sanitising
An iDEFENSE researcher discovered two problems in the image processing functions of PHP, a server-side, HTML-embedded scripting language, of which one is present in PHP3 as well. When reading a JPEG image, PHP can be tricked into an endless loop due to insufficient input validation. %NASLMINLEVEL...
WinFTP Server 1.6 - Denial of Service
!/usr/local/bin/perl -w WinFTP server ver 1.6 D.o.S Exploit Discovered,exploited by KaGra Tested on WinXP SP1 English version Sending 40 times a username and a buffer of 1500 bytes as pass,will crash the server,as soon as is not minimized in Target computer.If he is minimized,he will crash as soo...
WinFTP Server 1.6 - Denial of Service
WinFTP Server 1.6 - Denial of Service !/usr/local/bin/perl -w WinFTP server ver 1.6 D.o.S Exploit Discovered,exploited by KaGra Tested on WinXP SP1 English version Sending 40 times a username and a buffer of 1500 bytes as pass,will crash the server,as soon as is not minimized in Target computer.I...
WinFTP Server 1.6 Denial of Service Exploit
Exploit for unknown platform in category dos / poc =========================================== WinFTP Server 1.6 Denial of Service Exploit =========================================== !/usr/local/bin/perl -w WinFTP server ver 1.6 D.o.S Exploit Discovered,exploited by KaGra Tested on WinXP SP1...
Debian DSA-080-1 : htdig - unauthorized gathering of data
Nergal reported a vulnerability in the htsearch program which is distributed as part of the ht://Dig package, an indexing and searching system for small domains or intranets. Using former versions it was able to pass the parameter -c to the cgi program in order to use a different configuration...
Multiple Samba bugs
DoS against NetBIOS name service nmbd, endless loop in SMBD...
GLSA-200406-20 : FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling
The remote host is affected by the vulnerability described in GLSA-200406-20 FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling All these IPsec implementations have several bugs in the verifyx509cert function, which performs certificate validation, that make them vulnerable ...
Mandrake Linux Security Advisory : super-freeswan (MDKSA-2004:070-1)
Thomas Walpuski discovered a vulnerability in the X.509 handling of super-freeswan, openswan, strongSwan, and FreeS/WAN with the X.509 patch applied. This vulnerability allows an attacker to make up their own Certificate Authority that can allow them to impersonate the identity of a valid DN. As...
XITAMI invalid request endless loop
If HTTP header doesn't contain ':' server goes into endless loop...
PureFTPd DoS
There is an endless loop on specific condition with 0 written to memory...
compaq.txt
SSI vulnerability in Compaq Web Based Management Agent ====================================================== Type of vulnerabilities: Server Side Include injection. Exploitable. Stack overflows and access violations. Exploitable? Creation of script objects. Exploitable? Affected Software: Compaq...
tcpdump ISAKMP DoS
Endless loop on malcrafted ISAKMP packet UDP/500...
nylon 0.2 (0.3?) DoS
Dear bugtraq@, I found this bug in nylon 0.2, but according to CVS logs it was already fixed in nylon project Tue Jun 25 00:27:07 2002 UTC 3 months, 2 weeks ago, http://mesh.eecs.umich.edu/cvsweb/nylon/ So, just update to newer version. Details: if definedSENDN || definedRECVN ssizet if...
Infinite loop in LOTUS NOTE 5.0.3. SMTP SERVER
Maybe this is a configuration error in the server where I tryed this but anyway here is the message that I sent : helo xpto.pt mail from: non-existant-user@ipadressoflotusserver mail to : non-existant-user data testing123 . So Lotus Notes SMTP Server now will loop forever trying to tell to the...