7010 matches found
Apple Open Firmware 4.1.74.1.8 - Insecure Password
Apple Open Firmware 4.1.74.1.8 - Insecure Password source: https://www.securityfocus.com/bid/3186/info A user who has set an Open Firmware password on their Apple system believes it to be safe when powered down. There is a tool that any user with access to the Finder can run in order to reveal th...
[SECURITY] [DSA-073-1] 3 security problems in imp
Package : imp Problem type : 3 remote exploits Debian-specific: no The Horde team released version 2.2.6 of IMP a web based IMAP mail program which fixes three security problems. Their release announcement describes them as follows: 1. A PHPLIB vulnerability allowed an attacker to provide a value...
Network Associates PGP Keyserver contains multiple vulnerabilities in LDAP handling code
Overview The Network Associates PGP Keyserver contains vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this...
CylantSecure 1.0 - Kernel Module Syscall Rerouting
/ source: https://www.securityfocus.com/bid/2958/info CylantSecure is a commercial Linux hardening tool and security infrastructure available from Cylant Technology. A problem in the CylantSecure infrastructure could allow users to escape monitoring. A user with root access may load a module that...
Samba 2.0.x/2.2 - Arbitrary File Creation
source: https://www.securityfocus.com/bid/2928/info Samba is a freely available file and printer sharing application maintained and developed by the Samba Development Team. Samba allows file and printer sharing between operating systems on the Unix and Microsoft platforms. A remote local user can...
Дырка в mirc ( : buffer overflow)
Переполнение буфера при использовании символов ':' в не которых командах...
ISC INN 2.x - Command-Line Buffer Overflow (2)
source: https://www.securityfocus.com/bid/2620/info The innfeed utility, part of ISC InterNetNews, has an exploitable buffer overflow in its command-line parser. Specifically, innfeed will overflow if an overly long -c option is passed to it. A local attacker in the news group could use this...
[COVERT-2001-02] Globbing Vulnerabilities in Multiple FTP Daemons
Network Associates, Inc. COVERT Labs Security Advisory April 9, 2001 Globbing Vulnerabilities in Multiple FTP Daemons COVERT-2001-02 o Synopsis Multiple FTP server implementations contain buffer overflows that allow local and remote attackers to gain root privileges on affected servers. These...
FreeBSD-SA-01:16.mysql
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:16 Security Advisory FreeBSD, Inc. Topic: mysql may allow remote users to gain increased privileges Category: ports Module: mysql322-server/mysql323-server Announced:...
CVE-2000-0534
The apsfilter software in the FreeBSD ports package does not properly read user filter configurations, which allows local users to execute commands as the lpd user...
Traceroute exploit + story
LBL traceroute exploit. By Dvorak, Synnergy Networks www.synnergy.net Vulnerable: All versions of LBL traceroute using savestr. See Chris Evans post in bugtraq http://www.securityfocus.com/archive/1/136215 Discovery: Pekka Savola [email protected] Published to bugtraq by: Chris Evans...
Boa Web Server Traversal Arbtirary File Access/Execution
The remote Boa Webserver allows an attacker to read arbitrary files on the remote web server by prefixing the pathname of the file with hex-encoded '../../' characters. This script was written by Thomas Reinke See the Nessus Scripts License for details Changes by Tenable: - Revised plugin title,...
Solaris 2.67.0 eject locale - Subsystem Format String
Solaris 2.67.0 eject locale - Subsystem Format String / source: https://www.securityfocus.com/bid/1634/info nectiva 4.x/5.x,Debian 2.x,IBM AIX 3.x/4.x,Mandrake 7,RedHat 5.x/6.x,IRIX 6.x, Solaris 2.x/7/8,Turbolinux 6.x,Wirex Immunix OS 6.2 Locale Subsystem Format String Many UNIX operating systems...
robpoll-cgi-problem.txt
Software: Robpoll.cgi URL: http:// Platforms: Unix, NT Type: CGI, Change password by default robpoll.cgi Remote Possible Problem discovered by Nick: alt3kx Mail: [email protected] Webs: w w w . h e r t m x . o r g w w w . s 0 d . o r g w w w . r a z a - m e x i c a n a . o r g Summary:...
CVE-2000-0520
CVE-2000-0520 describes a local buffer overflow in the restore program (version 0.4b17 and earlier) within the dump package. The vulnerability allows a local attacker to execute arbitrary commands by supplying a long tape name. Public details in the provided documents do not list affected platfor...
DALnet Bahamut IRCd 4.6.5 - SUMMON Remote Buffer Overflow
DALnet Bahamut IRCd 4.6.5 - SUMMON Remote Buffer Overflow // source: https://www.securityfocus.com/bid/1404/info Dalnet ircd is a server for a popular internet chat application, IRC Internet Relay Chat. The implementation for one of its features, the "summon" command, has a hole which could grant...
FreeBSD-SA-00:20.krb5
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:20 Security Advisory FreeBSD, Inc. Topic: krb5 port contains remote and local root exploits. Category: ports Module: krb5 Announced: 2000-05-26 Credits: Jeffrey I...
CVE-2000-0364
The CVE-2000-0364 entry concerns Red Hat Linux 6.0 where screen and rxvt fail to properly set tty device modes, enabling a local user to write to other virtual consoles. The vulnerability is localized (attack vector LOCAL) with low complexity and no authentication, and it can impact confidentiali...
Переполнение буфера в LCDproc
Многочисленные классические переполнения буфера...
win98-bluescreen.txt
=-= Next Generation of Windows 98 Blues Screen 2 =-= By RUBINHOC from BraZiL Original exploit found by www.securax.org Only for: ruindows 98 maybe 95 too. Techniques: NEW - Infernal Pulse 03/17/2000 =-= WIN98 webservers =-= customized by RUBINHOC rubinhoc:roottelnet victim.com 80 Trying x.x.x.x...