Advisory CA-2001-31 Buffer Overflow in CDE Subprocess Control Service

CERT Advisory CA-2001-31 Buffer Overflow in CDE Subprocess Control Service Original release date: November 12, 2001 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Systems running CDE Overview There is a remotely exploitable buff...

SECURITY.NNOV: accessing cookies via ftp

Hello bugtraq, Article below describes a vulnerability that can be treated as either software vulnerability or specific server configuration problem depending on your point of view. Many servers on Internet are affected by this problem though. Topic: accessing cookies via ftp Affected Software: a...

GroupWise 5.5 User Mailbox Authentication Vulnerability

Advisory ID Internal CORE-2001-0626 GroupWise 5.5 User Mailbox Authentication Vulnerability Core Security Advisory https://www.coresecurity.com Date Published: 2001-06-26 Advisory ID: CORE-2001-0626 Bugtraq ID: None currently assigned. CVE Name: None currently assigned. Title: GroupWise 5.5 User...

SECURITY.NNOV: Netscape 4.7x Messanger user information retrival

There are known bugs in Netscape which require information on user's files location. This bug is not serious one, but it allows to get this location. Topic : Netscape 4.7x user information retrival Author : 3APA3A [email protected] Affected software : Netscape 4.7x All Platforms Vendor :...

Netscape 4.7x information retrival

Author : 3APA3A Affected software : Netscape 4.7x All Platforms Vendor : Netscape IPlanet Risk : Low Remotely Exploitable : Yes Released : 30 May 2001 Vendor URL : http://www.netscape.com SECURITY.NNOV advisories: http://www.security.nnov.ru/advisories Background: Netscape Messanger uses internal...

Vulnerability Report For Microsoft Windows NT 4.0 MSTask.exe code error

Vulnerability Report For Microsoft Windows NT 4.0 MSTask.exe code error Class: Unknown error Remotely Exploitable: Yes Locally Exploitable: Yes Risk: Medium Vendor status: Microsoft was notified on 7 December Vulnerability Description: MSTask.exe is an application that ships with the Windows NT 4...

Windows NT 4.0 Terminal Server RegAPI.DLL Buffer Overflow

CORE SDI http://www.core-sdi.com Vulnerability Report For Microsoft Windows NT 4.0 Terminal Server GINA Date Published: 2000-11-08 Advisory ID: CORE-20001108 Bugtraq ID: 1924 CVE CAN: Non currently assigned. Title: Windows NT 4.0 Terminal Server RegAPI.DLL Buffer Overflow Class: Boundary Error...

Remotely exploitable buffer overflow in NAI's Distributed Sniffer Agent

Bugtraq. This 'advisory' details a number of problems with NAI's sniffer product. They have fixed the problems in current versions on the sly so I have foregone notifying the vendor. They saw fit to post an advisory on Microsoft's Netmon today so 'all is fair in love and war' at least MS had the...

[CORE SDI ADVISORY] Netscape servers Denial of Service

CORE SDI http://www.core-sdi.com Vulnerability Report For Netscape servers Denial of Service Date Published: 2000-10-31 Advisory ID: CORE-2000103102 Bugtraq ID: 1867 CVE CAN: Non currently assigned. Title: Netscape servers Denial of Service Class: Denial of Service Remotely Exploitable: Yes Local...

[CORE SDI ADVISORY] iPlanet Certificate Management System 4.2 path traversal bug

CORE SDI http://www.core-sdi.com Vulnerability Report For iPlanet CMS and Netscape Directory Server Date Published: 2000-10-26 Advisory ID: CORE-2000-10-26 Bugtraq ID: 1839 CVE CAN: Non currently assigned. Title: Path traversal and administrator password in clear text vulnerabilities Class: Acces...

pine remotely exploitable buffer overflow in newmail.c

Kris Kennaway reports a remotely exploitable buffer overflow in newmail.c. Mike Silbersack submitted the fix...

Vulnerability Report On IPSWITCH's IMail

Vulnerability Report On IPSWITCH's IMail Date Published: August 30 2000 Advisory ID: TS003 Bugtraq ID: http://www.securityfocus.com/bid/1617 CVE CAN: None at this time Title: IPSWITCH IMail File Attachment Vulnerability Class: Access Validation Error Remotely Exploitable: Yes Locally Exploitable:...

spj-003-000 - S0ftPj Advisory

SPJ-003-000: .::::::::+ s0ftpr0ject 99 +::::::::. ::::+ Digital Security for Y2K +:::: :::'""""'""""'""""'""""'""'""::: ::'.gS$"$Sn. .gS$"$Sn. Sn.:: :: $$$$$ $$$$$ $$$$$ $$$$$ $$$$ :: :: $$$$$ $$$$$ $$$$$ $$$$ :: :: $$$$$$$$$n $$$$$ $$$$$ $$$$ :: :: $$$$$ $$$$$s$$$$' $$$$ :: :: $$$$$ $$$$$ $$$$$...

CVE-2000-0190

CVE-2000-0190 affects the AOL Instant Messenger (AIM) client. The vulnerability arises when processing a message containing a malformed ASCII value, which can cause a denial of service. The NVD metrics report a CVSSv2 base score of 5.0 (Medium) with network attack vector, low attack complexity, a...

Novell Client 3.03.0.1 - Denial of Service

Novell Client 3.03.0.1 - Denial of Service source: https://www.securityfocus.com/bid/700/info Novell client versions 3.0 and 3.01 for Windows platforms are vulnerable to a remotely exploitable vulnerability which could cause a denial of service. The client opens a listening tcp socket on port 427...

Novell Client 3.0/3.0.1 - Denial of Service

source: https://www.securityfocus.com/bid/700/info Novell client versions 3.0 and 3.01 for Windows platforms are vulnerable to a remotely exploitable vulnerability which could cause a denial of service. The client opens a listening tcp socket on port 427, to which if a SYN is sent, results in the...

ProFTPd 1.2 pre1pre2pre3pre4pre5 - Remote Buffer Overflow (2)

ProFTPd 1.2 pre1pre2pre3pre4pre5 - Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/612/info The vulnerability in 1.2pre1, 1.2pre3 and 1.2pre3 is a remotely exploitable buffer overflow, the result of a sprintf in the logxfer routine in src/log.c. The vulnerability in 1.2pre4 ...

Netscape servers Denial of Service

Advisory ID Internal CORE-2103102 Bugtraq ID: 1867 CVE Name: Non currently assigned. Title: Netscape servers Denial of Service Class: Denial of Service Remotely Exploitable: Yes Locally Exploitable: Yes Release Mode: USER RELEASE Communications with the vendor have been remarkably difficult and t...

Multiple vulnerabilities in stack smashing protection technologies.

Advisory ID Internal CORE-20020409 Advisory Information: Advisory ID: CORE-20020409 Bugtraq ID:4586, 4589 CVE Name: Non-assigned yet Title: Multiple vulnerabilities in stack smashing protection technologies. Class: Design limitation, Implementation flaw Remotely Exploitable: Yes Locally...