Lucene search
+L

56 matches found

Check Point Advisories
Check Point Advisories
added 2010/01/17 12:0 a.m.27 views

Symantec Norton Firewall NBNS response Remote Heap Corruption (CVE-2004-0444)

When Symantec firewalls allow incoming UDP datagrams to port 137, any inbound UDP datagrams with a source port of 137 will be treated as NetBIOS Name Service messages and will be validated and parsed. The Symantec firewall product line is vulnerable to a remote heap corruption attack in the...

10CVSS7.6AI score0.12798EPSS
Exploits0
Saint
Saint
added 2007/10/18 12:0 a.m.59 views

BrightStor ARCserve Message Engine opnum 0x10d buffer overflow

Added: 10/18/2007 CVE: CVE-2007-5327 BID: 26015 OSVDB: 41369 Background CA ARCserve Bac kup formerly BrightStor ARCserve Backup is a backup and recovery solution. It runs a Message Engine RPC service on port 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remot...

10CVSS7.8AI score0.16084EPSS
Exploits4
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.27 views

LocalWeb2000 <= 2.1.0 Multiple Vulnerabilities

LocalWeb2000 is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2002 Jason Lidow Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.08052EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.27 views

Debian DSA-065-1 : samba - remote file append/creation

Michal Zalewski discovered that Samba does not properly validate NetBIOS names from remote machines. By itself that is not a problem, except if Samba is configured to write log-files to a file that includes the NetBIOS name of the remote side by using the %m' macro in the log file' command. In th...

10CVSS5.7AI score0.12032EPSS
Exploits1References2
securityvulns
securityvulns
added 2004/09/14 12:0 a.m.23 views

Multiple Samba bugs

DoS against NetBIOS name service nmbd, endless loop in SMBD...

1.7AI score
Exploits0References2Affected Software1
CERT
CERT
added 2004/05/13 12:0 a.m.25 views

Multiple Symantec firewall products contain a heap corruption vulnerability in the handling of NBNS response packets

Overview There is a heap corruption vulnerability in multiple Symantec firewall products in which attempts to process a specially crafted NetBIOS Name Service NBNS response packet could allow an unauthenticated, remote attacker to execute arbitrary code with kernel privileges. Description Symante...

10CVSS7.8AI score0.12798EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.25 views

CVE-2001-1162

Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file...

6.4AI score0.12032EPSS
Exploits1References13
FreeBSD Advisory
FreeBSD Advisory
added 2001/07/10 12:0 a.m.4 views

FreeBSD-SA-01:45.samba

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:45 Security Advisory FreeBSD, Inc. Topic: samba Category: ports Module: samba Announced: 2001-07-10 Credits: Michal Zalewski Affects: Ports collection prior to the...

6AI score
Exploits0
securityvulns
securityvulns
added 2001/06/25 12:0 a.m.45 views

Проблема с лог-файлом в Samba &#40;directory traversal&#41;

При использовании лог-файлов с именами соответствующими NETBIOS-именам компьютером, если имся компьютера содержит ../ - будет перезаписан файл в директории более высокого уровня. NETBIOS-имя может содержать до 15 символов...

1.9AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.32 views

CVE-2000-0673

The NetBIOS Name Server NBNS protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability...

6.7AI score0.38209EPSS
Exploits1References5
exploitpack
exploitpack
added 2000/08/01 12:0 a.m.59 views

Microsoft Windows NT 4.02000 - NetBIOS Name Conflict

Microsoft Windows NT 4.02000 - NetBIOS Name Conflict source: https://www.securityfocus.com/bid/1514/info An attacker can send the NetBIOS name service a NetBIOS Name Conflict message even when the receiving machine is not in the process of registering its NetBIOS name. The target will then not...

Exploits0
Exploit DB
Exploit DB
added 2000/08/01 12:0 a.m.70 views

Microsoft Windows NT 4.0/2000 - NetBIOS Name Conflict

source: https://www.securityfocus.com/bid/1514/info An attacker can send the NetBIOS name service a NetBIOS Name Conflict message even when the receiving machine is not in the process of registering its NetBIOS name. The target will then not attempt to use that name in any future netwrok connecti...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/07/28 12:0 a.m.54 views

[COVERT-2000-09] Windows NetBIOS Name Conflicts

Microsoft Security Bulletin MS00-047 - -------------------------------------- Patch Available for "NetBIOS Name Server Protocol Spoofing" Vulnerability Originally Posted: July 27, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in a protocol implemente...

7AI score
Exploits0
NVD
NVD
added 2000/07/27 4:0 a.m.40 views

CVE-2000-0673

The NetBIOS Name Server NBNS protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability...

5CVSS6.7AI score0.38209EPSS
Exploits1References5
CVE
CVE
added 1999/09/29 4:0 a.m.64 views

CVE-1999-0288

The CVE-1999-0288 issue affects the WINS server in Microsoft Windows NT 4.0 prior to SP4, where remote attackers can terminate the WINS process by sending invalid UDP frames to NETBIOS Name Service port 137. Exploitation is described as a flood of random UDP packets causing a denial of service. T...

5CVSS6.8AI score0.21326EPSS
Exploits0References2Affected Software1
NVD
NVD
added 1998/08/01 4:0 a.m.17 views

CVE-1999-0288

The WINS server in Microsoft Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service process termination via invalid UDP frames to port 137 NETBIOS Name Service, as demonstrated via a flood of random packets...

5CVSS0.21326EPSS
Exploits0References2
Rows per page
Query Builder