MDMA Advisory #6: EServ Logging Heap Overflow Vulnerability

MDMA Advisory 6 by Andrew Lewis aka. Wizdumb EServ Logging Heap Overflow Vulnerability EServ has problems handling long strings in its logging, which leads it to have a remotely exploitable heap overflow. The following code, written in Java coz it's my language of choice, demonstrates the...

CVE-2000-0523

Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command...

`sniffit -L mail' vulnerabilities

------- sniffit -L mail' vulnerabilities : oldies but goodies ------- ----------------------- MaXX [email protected] ----------------------- -- 0x00 - Sniffit ---------------------------------------------------- Sniffit is a packet sniffer, written by Brecht Claerhout [email protected]. The...

CVE-2000-0343

The CVE-2000-0343 entry describes a buffer overflow in Sniffit 0.3.x when the -L logging option is enabled. The overflow can be triggered by a long MAIL FROM header, allowing a remote attacker to execute arbitrary commands. The provided documents specify the affected product and the root cause (b...

Brecht Claerhout Sniffit 0.3.6 HIP0.3.7 Beta - Mail Logging Buffer Overflow (1)

Brecht Claerhout Sniffit 0.3.6 HIP0.3.7 Beta - Mail Logging Buffer Overflow 1 // source: https://www.securityfocus.com/bid/1158/info Sniffit is a freely available, open source network monitoring tool. It is designed for use on the Unix and Linux Operating Systems. Sniffit contains a remotely...

Brecht Claerhout Sniffit 0.3.6 HIP0.3.7 Beta - Mail Logging Buffer Overflow (2)

Brecht Claerhout Sniffit 0.3.6 HIP0.3.7 Beta - Mail Logging Buffer Overflow 2 // source: https://www.securityfocus.com/bid/1158/info Sniffit is a freely available, open source network monitoring tool. It is designed for use on the Unix and Linux Operating Systems. Sniffit contains a remotely...

Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 Beta - Mail Logging Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/1158/info Sniffit is a freely available, open source network monitoring tool. It is designed for use on the Unix and Linux Operating Systems. Sniffit contains a remotely exploitable buffer overflow vulnerability. If Sniffit is configured to log emails,...

Brecht Claerhout Sniffit 0.3.6 HIP/0.3.7 Beta - Mail Logging Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/1158/info Sniffit is a freely available, open source network monitoring tool. It is designed for use on the Unix and Linux Operating Systems. Sniffit contains a remotely exploitable buffer overflow vulnerability. If Sniffit is configured to log emails,...

Уязвимости GNU Emacs

В программах, основанных на Emacs можно контролировать PTY пользователя, небезопасно создаются временные файлы легко угадываемое имя, хранится последовательность нажатых клавиш, что позволяет извлечь пароль пользователя...

Local root compromise in GNQS 3.50.6 and 3.50.7

A large security hole was uncovered last month in Generic-NQS ver. 3.50.6 and 3.50.7. This hole leads to immediate local root compromise. All users of those versions are requested to upgrade to ver. 3.50.8 or later ASAP. The updated package can be downloaded from...

fcheck.txt

The short explanation: fcheck is a file integrity checker written in perl. It can send warnings to syslog via an external program such as logger1. Because it calls system with a scalar argument, a malicious user can cause it to execute programs by creating files with shell metacharacters in their...

CVE-2000-0118

The Red Hat Linux su program does not log failed password guesses if the su process is killed before it times out, which allows local attackers to conduct brute force password guessing...

CVE-1999-0577

A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories...

CVE-1999-0795

The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches...

CVE-1999-0576

A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories...

CVE-1999-0576

CVE-1999-0576 concerns Windows NT: the file audit policy fails to log event success or failure for security-critical files/directories. Affected component is the Windows NT file auditing mechanism; root cause is the policy not emitting logs for accesses to critical files/directories (no explicit ...

CVE-1999-0575

A Windows NT system's user audit policy does not log an event success or failure, e.g. for Logon and Logoff, File and Object Access, Use of User Rights, User and Group Management, Security Policy Changes, Restart, Shutdown, and System, and Process Tracking...

CVE-1999-0579

A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys...

CVE-1999-0577

The CVE-1999-0577 issue affects Windows NT with the file audit policy failing to log events for non-critical files/directories. Affected component: Windows NT file audit policy (logging of success/failure). Root cause: audit policy does not log certain accesses, per multiple sources (NVD/Red Hat/...

CVE-1999-0578

CVE-1999-0578 affects Windows NT; multiple connected sources confirm the issue is that the registry auditing policy does not log events for security-critical registry keys (both success and failure). Documented scope: Windows NT OS with registry audit policy lacking event logging for cryptographi...