argosoft ftp server buffer overflow.

Hi, I've found that while using the command XCWD it is possible to overwrite the server memory and crash it. to overwrite the servers memory attacker have to do the following: verify the logging option is off turned off by default. successfuly login to the ftp server. at this point if attacker wi...

Rogerwilco: server's buffer overflow

Luigi Auriemma Applications: RogerWilco http://www.rogerwilco.com Versions: graphical server = 1.4.1.6 dedicated server for win32 = 0.30a dedicated server for linux/bsd = 0.27 Platforms: ALL the platforms supported by the graphical server and the dedicated server Win32, Linux and BSD Bug: Remote...

[sec-labs] Zone Alarm Device Driver vulnerability

sec-labs team proudly presents: Local ZoneAlarm Firewall probably all versions - tested on v3.1 Device Driver vulnerability. by Lord YuP 04/08/2003 I. BACKGROUND ZoneAlarm is a very powerful and very common nowadays firewall for Windows produced by Zone Labs. http://www.zonelabs.com II. DESCRIPTI...

[Full-Disclosure] [sec-labs] Zone Alarm Device Driver vulnerability

sec-labs team proudly presents: Local ZoneAlarm Firewall probably all versions - tested on v3.1 Device Driver vulnerability. by Lord YuP 04/08/2003 I. BACKGROUND ZoneAlarm is a very powerful and very common nowadays firewall for Windows produced by Zone Labs. http://www.zonelabs.com II. DESCRIPTI...

shatterSEH2.txt

moderator: I forgot the link :- ========================================================================= = Shattering SEH II = = [email protected] = http://www.security-assessment.com = = Originally posted: July 28, 2003...

Microsoft SQL Server local code execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake Inc. www.atstake.com Security Advisory Advisory Name: Microsoft SQL Server local code execution Release Date: 07/23/2003 Application: Microsoft SQL Server 7, 2000, MSDE Platform: Windows NT/2000/XP Severity: Local code execution / Denial of...

CVE-2003-0453

CVE-2003-0453 relates to traceroute-nanog. A memory allocation overflow bug (integer overflow) in certain nprobes/max_ttl inputs can cause a buffer overflow, potentially enabling arbitrary code execution by a local user. Public disclosures reference the Debian DSA-348 advisory which fixes the iss...

Crob FTP Server 2.50.4 - Remote Username Format String

Crob FTP Server 2.50.4 - Remote Username Format String source: https://www.securityfocus.com/bid/7776/info A vulnerability has been reported for Crob FTP Server. The problem occurs due to invalid format specifiers used when displaying a user-supplied username. As a result, it may be possible for ...

Crob FTP Server 2.50.4 - Remote 'Username' Format String

source: https://www.securityfocus.com/bid/7776/info A vulnerability has been reported for Crob FTP Server. The problem occurs due to invalid format specifiers used when displaying a user-supplied username. As a result, it may be possible for an attacker to embed format specifiers within a malicio...

CVE-2002-0146

CVE-2002-0146 affects fetchmail prior to 5.9.10. The flaw arises when fetching mail over IMAP: fetchmail allocates an array for message sizes based on the server-reported message count but does not validate that count, allowing a remote IMAP server to cause memory overrun/out-of-bounds writes. Ma...

CVE-2002-0146

fetchmail email client before 5.9.10 does not properly limit the maximum number of messages available, which allows a remote IMAP server to overwrite memory via a message count that exceeds the boundaries of an array...

CesarFTP 0.99 g - Remote Username Buffer Overrun

CesarFTP 0.99 g - Remote Username Buffer Overrun source: https://www.securityfocus.com/bid/7946/info A buffer overrun vulnerability has been reported for CesarFTP. The problem is said to occur when multiple 'USER' commands are processed within a single session. When the issue is triggered, it may...

CVE-2003-0141

CVE-2003-0141 involves RealOne Player 6.0.11.x and earlier and RealPlayer 8/RealPlayer Plus 8 6.0.9.584 (and related RealPlayer variants) where the PNG deflate algorithm can trigger heap corruption by processing a PNG containing compressed data using fixed trees with length values 286–287, treate...

Samba 2.2.x - CIFS9000 Server A.01.x Packet Assembling Buffer Overflow

Samba 2.2.x - CIFS9000 Server A.01.x Packet Assembling Buffer Overflow / source: https://www.securityfocus.com/bid/7106/info Samba is prone to a buffer-overflow vulnerability when the ' ' service tries to reassemble specially crafted SMB/CIFS packets. An attacker can exploit this vulnerability by...

PGP4Pine 1.75.61.76 - Message Line Remote Buffer Overflow

PGP4Pine 1.75.61.76 - Message Line Remote Buffer Overflow // source: https://www.securityfocus.com/bid/7071/info A vulnerability has been discovered in PGP4Pine. The problem occurs when parsing an email message for PGP data. Due to insufficient bounds checking, when processing lines of excessive...

ESCPUtil 1.15.2 2 - Printer Name Local Buffer Overflow

source: https://www.securityfocus.com/bid/6658/info It has been reported that a buffer overflow in escputil exists. When supplied with excessively long arguments, it is possible to overwrite stack memory. escputil is reportedly installed setgid 'sys' on Mandrake Linux, so it is possible that this...

CVE-2002-1387

The spray mode in traceroute-nanog aka traceroute-ng may allow local users to overwrite arbitrary memory locations via an array index overflow using the nprobes number of probes argument...

CVE-2002-1387

The spray mode in traceroute-nanog aka traceroute-ng may allow local users to overwrite arbitrary memory locations via an array index overflow using the nprobes number of probes argument...

CVE-2002-1387

CVE-2002-1387 affects traceroute-nanog: the spray mode may allow local users to overwrite arbitrary memory locations via an array index overflow when using the nprobes argument. The CVSS/NVD entry indicates local access, low attack complexity, and partial impact to confidentiality, integrity, and...

CVE-2002-2127

Integrity Protection Driver IPD 1.2 and earlier blocks access to \Device\PhysicalMemory by its name, which could allow local privileged processes to overwrite kernel memory by accessing the device through a symlink...