Mabry Software FTPServer/X 1.0 Controls Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9402/info It has been reported that FTPServer/X may be prone to a remote format string vulnerability when processing a malicious request from a client. The vulnerability presents itself when the server receives a maliciou...

Valve Software Half-Life Server <= 1.1.1.0 , 3.1.1.1c1 and 4.1.1.1a Multiplayer Request Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/8300/info Half-Life servers are prone to a buffer overflow that may be exploited by a malicious remote client. The vulnerability occurs because the software fails to sufficiently bounds-check client-supplied data during...

MPG123 0.59 Find Next File Remote Client-Side Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/11958/info A remote client-side buffer overflow vulnerability affects mpg123. This issue is due to a failure of the application to properly validate the length of user-supplied strings prior to copying them into static...

Sync Breeze Server 2.2.30 - Remote Buffer Overflow Exploit

No description provided by source. !/usr/bin/python Exploit Title: Sync Breeze Server v2.2.30 Remote BOF Exploit Date: 10/10/2010 Author: Xsploited Security aka xsploitedsec URL: http://www.x-sploited.com/ Contact: xsploitedsecurity at x-sploited.com Software Link:...

IBM Tivoli Storage Manager Express RCA Service Buffer Overflow

No description provided by source. $Id: ibmtsmrcadicugetidentify.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and...

Nokia Affix < 3.2.0 btftp Remote Client Exploit

No description provided by source...

CVE-2012-0032

Red Hat JBoss Operations Network JON before 3.0.1 uses 0777 permissions for the root directory when installing a remote client, which allows local users to read or modify subdirectories and files within the root directory, as demonstrated by obtaining JON credentials...

Design/Logic Flaw

Red Hat JBoss Operations Network JON before 3.0.1 uses 0777 permissions for the root directory when installing a remote client, which allows local users to read or modify subdirectories and files within the root directory, as demonstrated by obtaining JON credentials...

CVE-2012-0032

Red Hat JBoss Operations Network JON before 3.0.1 uses 0777 permissions for the root directory when installing a remote client, which allows local users to read or modify subdirectories and files within the root directory, as demonstrated by obtaining JON credentials...

MGASA-2013-0336 Updated krb5 package fixes security vulnerabilities

An authenticated remote client can cause a KDC to crash by making a valid TGS-REQ to a KDC serving a realm with a single-component name. The processtgsreq function dereferences a null pointer because an unusual failure condition causes a helper function to return success CVE-2013-1417. If a KDC...

Updated krb5 package fixes security vulnerabilities

An authenticated remote client can cause a KDC to crash by making a valid TGS-REQ to a KDC serving a realm with a single-component name. The processtgsreq function dereferences a null pointer because an unusual failure condition causes a helper function to return success CVE-2013-1417. If a KDC...

FreeBSD -- Incorrect privilege validation in the NFS server

Problem Description: The kernel incorrectly uses client supplied credentials instead of the one configured in exports5 when filling out the anonymous credential for a NFS export, when -network or -host restrictions are used at the same time. Impact: The remote client may supply privileged...

Mikrotik Router Denial Of Service

!/usr/bin/python Exploit Title: Mikrotik Router Remote Denial Of Service attack Date: 19/4/2012 Author: PoURaN @ 133tsec.com Software Link: http://www.mikrotik.com Version: All mikrotik routers with winbox service enabled are affected still a 0day 30/5/2012 Tested on: Mikrotis RouterOS 2.9.6 up t...

CLI: world-writable root directory

Red Hat JBoss Operations Network JON before 3.0.1 uses 0777 permissions for the root directory when installing a remote client, which allows local users to read or modify subdirectories and files within the root directory, as demonstrated by obtaining JON credentials...

Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability

This vulnerability allows attackers to remotely obtain domain credentials on vulnerable installations of CA Total Defense Suite UNC Management Web Service. Authentication is not required to exploit this vulnerability. The specific flaw exists within the AppCode.dll service listening by default on...

MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2011-005 MIT krb5 Security Advisory 2011-005 Original release: 2011-07-05 Topic: FTP daemon fails to set effective group ID CVE-2011-1526 CVSSv2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:H/RL:O/RC:C CVSSv2 Base Score: 6.5 Access Vector: Network...

Microsoft Fills Windows, Office Holes with March Patch Release

Microsoft Corp. issued their monthly security bulletins on Tuesday, with fixes for four known vulnerabilities in the company’s Windows operating system, Office suite and Remote Desktop Connection products. The March patch release included three bulletins: MS11-015, 016 and 017. Only one, MS11-015...

Sync Breeze Server 2.2.30 - Remote Buffer Overflow

Sync Breeze Server 2.2.30 - Remote Buffer Overflow !/usr/bin/python Exploit Title: Sync Breeze Server v2.2.30 Remote BOF Exploit Date: 10/10/2010 Author: Xsploited Security aka xsploitedsec URL: http://www.x-sploited.com/ Contact: xsploitedsecurity at x-sploited.com Software Link:...

openSUSE Security Update : kvirc (openSUSE-SU-2010:0459-1)

This update of kvirc does not further allow remote client to send arbitrary CTCP commands. CVE-2010-2785 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update kvirc-2860. The text description of thi...

openSUSE Security Update : kvirc (openSUSE-SU-2010:0459-1)

This update of kvirc does not further allow remote client to send arbitrary CTCP commands. CVE-2010-2785 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update kvirc-2860. The text description of thi...