Windows NT 4.0 Terminal Server RegAPI.DLL Buffer Overflow

CORE SDI http://www.core-sdi.com Vulnerability Report For Microsoft Windows NT 4.0 Terminal Server GINA Date Published: 2000-11-08 Advisory ID: CORE-20001108 Bugtraq ID: 1924 CVE CAN: Non currently assigned. Title: Windows NT 4.0 Terminal Server RegAPI.DLL Buffer Overflow Class: Boundary Error...

Remotely exploitable buffer overflow in NAI's Distributed Sniffer Agent

Bugtraq. This 'advisory' details a number of problems with NAI's sniffer product. They have fixed the problems in current versions on the sly so I have foregone notifying the vendor. They saw fit to post an advisory on Microsoft's Netmon today so 'all is fair in love and war' at least MS had the...

[CORE SDI ADVISORY] Netscape servers Denial of Service

CORE SDI http://www.core-sdi.com Vulnerability Report For Netscape servers Denial of Service Date Published: 2000-10-31 Advisory ID: CORE-2000103102 Bugtraq ID: 1867 CVE CAN: Non currently assigned. Title: Netscape servers Denial of Service Class: Denial of Service Remotely Exploitable: Yes Local...

[CORE SDI ADVISORY] iPlanet Certificate Management System 4.2 path traversal bug

CORE SDI http://www.core-sdi.com Vulnerability Report For iPlanet CMS and Netscape Directory Server Date Published: 2000-10-26 Advisory ID: CORE-2000-10-26 Bugtraq ID: 1839 CVE CAN: Non currently assigned. Title: Path traversal and administrator password in clear text vulnerabilities Class: Acces...

pine remotely exploitable buffer overflow in newmail.c

Kris Kennaway reports a remotely exploitable buffer overflow in newmail.c. Mike Silbersack submitted the fix...

Vulnerability Report On IPSWITCH's IMail

Vulnerability Report On IPSWITCH's IMail Date Published: August 30 2000 Advisory ID: TS003 Bugtraq ID: http://www.securityfocus.com/bid/1617 CVE CAN: None at this time Title: IPSWITCH IMail File Attachment Vulnerability Class: Access Validation Error Remotely Exploitable: Yes Locally Exploitable:...

innd-2.2.2.txt

Newest innd 2.2.2, probably the most popular usenet news server as well as previous versions contain remotely exploitable, trivial on-stack buffer overflow in control articles handler. Offending piece of code in innd/art.c, function ARTcancelverify: if !EQlocal, p files = NULL; voidsprintfbuff,...

spj-003-000 - S0ftPj Advisory

SPJ-003-000: .::::::::+ s0ftpr0ject 99 +::::::::. ::::+ Digital Security for Y2K +:::: :::'""""'""""'""""'""""'""'""::: ::'.gS$"$Sn. .gS$"$Sn. Sn.:: :: $$$$$ $$$$$ $$$$$ $$$$$ $$$$ :: :: $$$$$ $$$$$ $$$$$ $$$$ :: :: $$$$$$$$$n $$$$$ $$$$$ $$$$ :: :: $$$$$ $$$$$s$$$$' $$$$ :: :: $$$$$ $$$$$ $$$$$...

SuSE 6.3 Gnomelib buffer overflow

/ Gnomelib exploit by bladi & aLmUDeNa All gnome apps have an exploitable buffer overflow gnomelib when get DISPLAY environment variable. Affected: S.u.S.E Linux: 6.3 Not vulnerable: RedHat 6.x Linpus Linux release 6.3 Debian NoTe: don't forget to put 6M in /tmp ---------6M.c--------- void main...

CVE-2000-0190

CVE-2000-0190 affects the AOL Instant Messenger (AIM) client. The vulnerability arises when processing a message containing a malformed ASCII value, which can cause a denial of service. The NVD metrics report a CVSSv2 base score of 5.0 (Medium) with network attack vector, low attack complexity, a...

CVE-1999-0879

CVE-1999-0879 describes a buffer overflow in WU-FTPD and related FTP servers that allows remote attackers to gain root privileges by exploiting macro variables in a message file. The vulnerability affects the FTP server software in the late 1990s era; multiple sources (including Red Hat CVE refer...

OpenLinux 2.3/2.4 / RedHat 6.0/6.1 / SCO eServer 2.3 - Denial of Service

// source: https://www.securityfocus.com/bid/1377/info gpm is a program that allows Linux users to use the mouse in virtual consoles. It communicates with a device, /dev/gpmctl, via unix domain STREAM sockets and is vulnerable to a locally exploitable denial of service attack. If a malicious user...

Novell Client 3.03.0.1 - Denial of Service

Novell Client 3.03.0.1 - Denial of Service source: https://www.securityfocus.com/bid/700/info Novell client versions 3.0 and 3.01 for Windows platforms are vulnerable to a remotely exploitable vulnerability which could cause a denial of service. The client opens a listening tcp socket on port 427...

Novell Client 3.0/3.0.1 - Denial of Service

source: https://www.securityfocus.com/bid/700/info Novell client versions 3.0 and 3.01 for Windows platforms are vulnerable to a remotely exploitable vulnerability which could cause a denial of service. The client opens a listening tcp socket on port 427, to which if a SYN is sent, results in the...

SSH.1.2.27.DOS.txt

SSH 1.2.27 DOS: o SSH has the option of setting up "authentication sockets", used to pass authentication keys securely. When this is used, a socket is created on both client and server machines; the socket created on the server uses an often easy to guess filename based on the PID... The creation...

ProFTPd 1.2 pre1pre2pre3pre4pre5 - Remote Buffer Overflow (2)

ProFTPd 1.2 pre1pre2pre3pre4pre5 - Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/612/info The vulnerability in 1.2pre1, 1.2pre3 and 1.2pre3 is a remotely exploitable buffer overflow, the result of a sprintf in the logxfer routine in src/log.c. The vulnerability in 1.2pre4 ...

espernet-irc.txt

Date: Fri, 24 Jul 1998 19:05:35 -0500 From: McClain Looney Subject: espernet irc services I didn't think anyone cared about irc, but seeing the mIRC posts on this list, here goes: Espernet irc services below version 3.3.5 are vulnerable to a bug in the add/remove code for chanserv which causes a...

digital.unix.bofs.txt

Date: Fri, 19 Feb 1999 14:18:18 -0800 From: Lamont Granquist To: [email protected] Subject: More Buffer Overflows in Digital Unix 1. No return-into-libc exploit for Digital Unix I didn't understand the return-into-libc method really prior to my previous BUGTRAQ post. Since then, I understand i...

[SECURITY] Security fixed versions of sparc binaries available

==================================================================== Debian GNU/Linux Security May 17, 1998 We have received reports that former versions of procps, shadow, fakeroot, gzip, perl and bind in hamm were vulnerable to some exploits. Please refer to the following web pages to get more...

Multiple vulnerabilities in Ximian's Evolution Mail User Agent

Advisory ID Internal CORE-20030304-01 Advisory Information: Advisory ID: CORE-20030304-01 Bugtraq IDs : 7117, 7118, 7119 CVE Name: CAN-2003-0128, CAN-2003-0129, CAN-2003-0130 Title: Multiple vulnerabilities in Ximian's Evolution Mail User Agent Class: Input validation error; Failure to handle...