3995 matches found
RHEL 2.1 : webalizer (RHSA-2002:255)
Updated Webalizer packages are available for Red Hat Linux Advanced Server 2.1 which fix an obscure buffer overflow bug in the DNS resolver code. Updated 13 Jan 2003 Added fixed packages for the Itanium IA64 architecture. Updated 06 Feb 2003 Added fixed packages for Advanced Workstation 2.1...
FreeBSD : proftpd IP address access control list breakage (155)
The following package needs to be updated: proftpd %NASLMINLEVEL 999999 @DEPRECATED@ This script has been deprecated by freebsdpkgcb6c6c299c4f11d893660020ed76ef5a.nasl. Disabled on 2011/10/02. C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright...
Unreal ircd ip cloacking protection bypass
To hide real IP hash of IP address with simple hashing algorithm is used...
Apache 1.3: Multiple vulnerabilities
Background The Apache HTTP Server Project is an effort to develop and maintain an open-source HTTP server for modern operating systems. The goal of this project is to provide a secure, efficient and extensible server that provides services in tune with the current HTTP standards. Description On...
phpBB IP address spoofing
The common.php script always trusts the X-Forwarded-For' header in the client's HTTP request. A remote user could forge this header in order to bypass any IP address access control lists ACLs...
CVE-2004-1357
The Secure Shell SSH Daemon SSHD in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities...
Ethereal - EIGRP Dissector TLV_IP_INT Long IP Remote Denial of Service
/ Ethereal network protocol analyzer EIGRP Dissector TLVIPINT Long IP Address Overflow vulnerability proof of concept code version 1.0 Mar 26 2004 by Rmi Denis-Courmont www simphalempin com dev This vulnerability was found by: Stefan Esser s.esser e-matters de whose original advisory may be fetch...
Apache 1.3 IP address access control failure on some 64-bit platforms
Henning Brauer discovered a programming error in Apache 1.3's modaccess that results in the netmasks in IP address access control rules being interpreted incorrectly on 64-bit, big-endian platforms. In some cases, this could cause a deny from' IP address access control rule including a netmask to...
CVE-2004-2079
Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user...
MSN messenger improper file transfer ip-address field parsing
MSN Messenger bug Release Date: 20/11/03 Discovery date: Sometime around 2001 or 2000 Versions Affected: ------------------ Msn messenger 1.0 - msn messenger 6.0.0602 Windows messenger all versions Not Affected: ------------ Msn Messenger 6.1, trillian, gaim Description: ----------- A bug exists ...
IP address leak in MSN messanger
With filte transfer requests it's possible to determine user IP...
GAIM information leak
IRC plugins registers user's IP and accoun...
proftpd IP address access control list breakage
Jindrich Makovicka reports a regression in proftpd's handling of IP address access control lists IP ACLs. Due to this regression, some IP ACLs are treated as allow all''...
CVE-2003-0757
Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet...
CVE-2003-0773
saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANENETINIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf...
CVE-2003-0773
CVE-2003-0773 affects the sane-backends package (SANE) prior to version 1.0.7, where saned does not validate the IP address of the connecting host during the SANE_NET_INIT RPC. This allows remote attackers to access saned services even if saned.conf would restrict them. The issue is part of multi...
CVE-2003-0773
saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANENETINIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf...
CVE-2003-0468
Summary of the CVE-2003-0468 family (Postfix) : The issue affects Postfix versions up to 1.1.11 (and variants discussed in 1.1.x line) and enables a remote attacker to perform bounce-scans or use the MTA as a DoS/DDoS tool by causing SMTP connections to target hosts via crafted addresses. Public ...
OpenSSH remote clent address restriction circumvention
Welkyn Security Advisory SA-2003060400 Synopsis: SSH "from=" and "user@hosts" restrictions spoofable via reverse DNS for numerically specified IP addresses. Issue Date: June 4, 2003 Software Affected: OpenSSH 3.6.1 and earlier Vendor notified: May 24, 2003. Vendor response: See workarounds, below...
IP address limitation protection bypass in OpenSSH
Only reverse resolution is checked, it allows to spoof record in reverse zone...