CVE-2006-2276

CVE-2006-2276 affects Quagga 0.98 and 0.99 prior to 20060504. Local users via telnet can trigger a denial-of-service (CPU exhaustion) by issuing a specific “sh ip bgp” command. The OpenVAS/Nessus entries corroborate this trio of vulnerabilities (CVE-2006-2223, CVE-2006-2224, and CVE-2006-2276) in...

CVE-2006-2276

Removed by vendor...

Solaris in.telnetd TTYPROMPT Buffer Overflow

This module uses a buffer overflow in the Solaris 'login' application to bypass authentication in the telnet daemon. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Solaris in.telnetd TTYPROMPT...

openvpn207.txt

Hi, There is a flaw well more a stupid design than anything else in OpenVPN 2.0.7 and below in the the Remote Management Interface that allows an attacker to gain complete control because there is NO AUTHENTICATION YES NO AUTHENTICATION AT ALL!. This can be carried out from within the LAN that th...

security flaw

Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attackers to execute arbitrary code via the telnet dissector...

Moderate: Red Hat Security Advisory: ethereal security update

Updated Ethereal packages that fix various security vulnerabilities are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Ethereal is a program for monitoring network traffic. Several denial of service bugs were found in Ethereal's...

GLSA-200604-17 : Ethereal: Multiple vulnerabilities in protocol dissectors

The remote host is affected by the vulnerability described in GLSA-200604-17 Ethereal: Multiple vulnerabilities in protocol dissectors Coverity discovered numerous vulnerabilities in versions of Ethereal prior to 0.99.0, including: buffer overflows in the ALCAP CVE-2006-1934, COPS CVE-2006-1935 a...

Fedora Core 5 : ethereal-0.99.0-fc5.1 (2006-456)

Many security vulnerabilities have been fixed since the previous release. - The H.248 dissector could crash. Versions affected: 0.10.14. CVE: CVE-2006-1937 - The UMA dissector could go into an infinite loop. Versions affected: 0.10.12 - 0.10.14. CVE: CVE-2006-1933 - The X.509if dissector could...

CVE-2006-1936

Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attackers to execute arbitrary code via the telnet dissector...

CVE-2006-1936

Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attackers to execute arbitrary code via the telnet dissector...

Buffer overflow

Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attackers to execute arbitrary code via the telnet dissector...

CVE-2006-1936

Buffer overflow in Ethereal 0.8.5 up to 0.10.14 allows remote attackers to execute arbitrary code via the telnet dissector...

CVE-2006-1936

CVE-2006-1936 affects Ethereal 0.8.5–0.10.14; telnet dissector contains a buffer overflow, enabling remote arbitrary code execution. Remediation noted in connected records: upgrade Ethereal to non‑vulnerable versions (e.g., CentOS/Red Hat advisories specify upgrading to version 0.99.0 or newer).

Ethereal 0.99.0 Release Notes

Ethereal 0.99.0 Release Notes Table of Contents What is Ethereal? What's New Bug Fixes New and Updated Features New Protocol Support Updated Protocol Support New and Updated Capture File Support Getting Ethereal Microsoft Windows Sun Solaris Source Code Vendor-supplied Packages File Locations Kno...

PT-2006-2920 · Ethereal · Ethereal

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.8.5 through 0.10.14 Description: A buffer overflow issue allows remote attackers to execute arbitrary code via the telnet dissector. Recommendations: For Ethereal versions 0.8.5 through 0.10.14, update to a version that...

Multiple vulnerabilities in Linux based Cisco products

Assurance.com.au - Vulnerability Advisory ----------------------------------------------- Release Date: 19-Apr-2006 Software: Cisco Wireless Lan Solution Engine WLSE Cisco Hosting Solution Engine HSE Cisco Ethernet Subscriber Solution Engine ESSE Cisco User Registration Tool URT CiscoWorks2000...

Horde Help Viewer <= 3.1 Remote Command Execution Exploit

Exploit for unknown platform in category web applications ========================================================= Horde Help Viewer $host, 'dir=s' = $dir, 'proxy=s' = $proxy, 'proxyuser=s' = $proxyuser, 'proxypass=s' = $proxypass, 'debug' = $debug; &help unless $host; please don't try this...

horddy.pl.txt

!/usr/bin/perl Wed Apr 5 21:51:12 CEST 2006 [email protected] Horde help module remote execution telnet 310.27.901.33.1109 1689 thanks horatio for the address USER paranoia PASS total SYST REST 100 REST 0 PWD TYPE A PASV LIST CWD 0days GET horddy.pl w0w this damn 0day ftp is so sexy! GO GO GO !! ...

Cisco VG248 login password is blank

The remote host is a Cisco VG248 with a blank password. SPDX-FileCopyrightText: 2005 Rick McCloskey Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only Cisco VG248 with a blank password nas...

Ubuntu 4.10 / 5.04 / 5.10 : heimdal vulnerability (USN-253-1)

A remote Denial of Service vulnerability was discovered in the heimdal implementation of the telnet daemon. A remote attacker could force the server to crash due to a NULL de-reference before the user logged in, resulting in inetd turning telnetd off because it forked too fast. Please note that t...