Cisco IOS IPv4 Packet Denial of Service Exploit (cisco-bug-44020.c)

No description provided by source. // / cisco-bug-44020.c - Copyright by Martin Kluge [email protected] / / / / Feel free to modify this code as you like, as long as you include / / the above copyright statement. / / / / Please use this code only to check your OWN cisco routers. / / / / / / This...

Important: Red Hat Security Advisory: : Updated XFree86 packages provide security and bug fixes

New XFree86 packages for Red Hat Linux 8.0 are now available which include several security fixes, bug fixes, enhancements, and driver updates. Updated: June 30, 2003 The XFree86 4.2.1-20 packages which were originally released in this advisory were accidentally built with debugging info enabled...

[EXPL] Exploit Code Released for diagrpt Vulnerability

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion Latest attack techniques. You're a pen tester, but is google.com still your R&D team? Now you can get trustworthy commercial-grade exploits...

OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool

No description provided by source. / SSHBRUTE - OpenSSH/PAM = 3.6.1p1 remote users discovery tool Copyright c 2003 @ Mediaservice.net Srl. All rights reserved Vulnerability discovered by Marco Ivaldi [email protected] Proof of concept code by Maurizio Agazzini [email protected] Tested...

OpenSSH/PAM <= 3.6.1p1 Remote Users Discovery Tool

Exploit for linux platform in category remote exploits ================================================== OpenSSH/PAM Proof of concept code by Maurizio Agazzini Tested against Red Hat, Mandrake, and Debian GNU/Linux. Reference: http://lab.mediaservice.net/advisory/2003-01-openssh.txt $ tar xvfz...

PoPToP PPTP 1.1.4-b3 - &#039;poptop-sane.c&#039; Remote Command Execution

/ Fixed Exploit against PoPToP in Linux poptop-sane.c ./r4nc0rwh0r3 of blightninjas [email protected] blightninjas: bringing pain, suffering, and humiliation to the security world Expect more great release like helloworld-annotated.c and cd explained whitepaper, we are working hard in da...

Xinetd 2.3.10 Memory Leaks

BACKGROUND ----------- Xinetd is a popular inetd replacement. Shortly after the 2.3.9 release in September 2002, it was realized that xinetd was leaking file descriptors. That problem turned out to be that file descriptors were not always being closed whenever a connection was rejected. 2.3.10 wa...

Apache 2.x - Memory Leak

Apache 2.x - Memory Leak / apache-massacre.c Test code for Apache 2.x Memory Leak By Matthew Murphy DISCLAIMER: This exploit tool is provided only to test networks for a known vulnerability. Do not use this tool on systems you do not control, and do not use this tool on networks you do not own...

@&#40;#&#41;Mordred Labs advisory - Integer overflow in PHP array_pad&#40;&#41; function

//@ Mordred Security Labs advisory Release date: April 1, 2003 Name: Integer overflow in PHP arraypad function Versions affected: all versions Risk: average Author: Sir Mordred [email protected] I. Description: PHP is a widely-used general-purpose scripting language that is especially suited for...

AntiHacker

я принимал участие в бета-тестировании этого продукта и указал эту ошибку ещё в ноябре 2002 года, но от разработчиков не получил никаких сообщений, хотя и задавал вопрос об этой ошибке многократно до февраля 2003. эта ошибка была найдена в продукте Kaspersky AntiHacker v. 1.0.xxx на ОС win2k рус....

Multiple Anti-Virus SMTP Message Long Line Parsing DoS

Some antivirus scanners die when they process an email with a long string without line breaks. Such a message was sent. If there is an antivirus on your MTA, it might have crashed. Please check its status right now, as it is not possible to do it remotely C Tenable Network Security, Inc. Credits:...

/usr/bin/enq and /usr/bin/X11/aixterm exploit in AIX

/ Title: /usr/bin/enq and /usr/bin/X11/aixterm exploit in AIX Vulnerability found by Esa Etelavoun, iDEFFENSE Author: [email protected], [email protected] Tested on AIX 4.3.3/RS6000 Reference: lsd-pl.net's exploit Thanks to wowcode & overhead team at...

FW: Re[2]: SECURITY.NNOV: Kaspersky Antivirus DoS

Dear Symantec - I will rely on the Bugtraq moderator to help steer this process appropriately in the public forum delay post, etc since I am inexperienced in these matters. There appears to possibly be three DoS vulnerabilities in at least one Symantec AntiVirus product. Initial report from Zaraz...

Cross Site Scripting Advisory.

uk2sec Cross Site Scripting Advisory by c0wd0g3 [email protected] Many many websites run a 'site search' tool on their webpage with a URL that looks like this: /search/index.cfm I am having trouble locating a specific vendor, but according to windows the possible applications that may run it...

More information regarding Etherleak

This e-mail's purpose is to clear several issues surrounding the Etherleak paper: - Who is Vulnerable? - Why this vulnerability is so wide spread? - Why the examples are only with Linux device drivers? - Why we have contacted CERT? - Are Device Drivers under Microsoft-based OSs are vulnerable? -...

Multiple vendors' SSH transport layer protocol implementations contain vulnerabilities in key exchange and initialization

Overview Secure shell SSH transport layer protocol implementations from different vendors contain multiple vulnerabilities in code that handles key exchange and initialization. Both SSH servers and clients are affected. A remote attacker could execute arbitrary code with the privileges of the SSH...

Allied Telesyn switches &amp; routers vulnerability

Hello, all The problem: Zero stream DoS switch! We have tested switches of Allied Telesyn, 8024 and Rapier24. We have installed the latest firmware from AT site. Testing: 1. Scan for open ports on switch assume switch address 192.168.0.13: nmap -v -sT 192.168.0.13 Starting nmap V. 2.54BETA22...

Opera 7 vulnerabilities

We've done some basic security tests, in cooperation with Tom Gilder, on the new Opera 7 beta release and found two major security vulnerabilities. These vulnerabilities are quite obvious and likely to be discovered by malicious users. Combined, they allow full read access to a victim's file syst...

Cisco PIX SSH/telnet dDOS vulnerability CSCdy51810

Security Advisory 05.11.02: Title : Cisco PIX SSH/telnet DOS vulnerability CSCdy51810 Reporter : Nils Reichen LANexpert SA Affected software : PIX OS 6.2.2 and probably old version Risk : High Date : November 5, 2002 URL: Full description should be posted in few days on http://www.giac.org/GCIA.p...

Apache 2.0.&#40;39|40&#41; DOS &#40;PHP!&#41;

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -==--==--==- I put PHP in the title so I know this message will reach the "sekur1ty c0mmun1ty", that knows that PHP is bad, because it's easy to write insecure applications, unlike C. - -==--==--==- Problem: o Apache 2.0 .39 and .40 tested on Linuxx...