SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/8517/info The 'wgate.dll' componenet of SAP Internet Transaction Server has been reported prone to cross-site scripting attacks. The issue occurs due to a lack of sufficient sanitization performed on data supplied to the 'wgate.dll' library. Exploitation...

SAP Internet Transaction Server 4620.2.0.323011 Build 46B.323011 - Information Disclosure

source: https://www.securityfocus.com/bid/8515/info A vulnerability has been discovered in SAP Internet Transaction Server SITSthat could allow an attacker to obtain sensitive information. The problem occurs due to SITS disclosing sensitive local filesystem information when handling malformed...

PT-2003-1623 · Ethereal · Ethereal

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.12 and earlier Description: The issue is related to the improper handling of certain strings in multiple dissectors, including BGP, WTP, DNS, 802.11, ISAKMP, WSP, CLNP, ISIS, and RMI. The consequences of this issue are...

CVE-2002-0678

CDE ToolTalk database server ttdbserver allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the TTTRANSACTION RPC procedure...

CVE-2002-0678

CVE-2002-0678 relates to the CDE ToolTalk RPC database server (rpc.ttdbserverd). The OpenVAS/CERT CORE disclosures describe two vulnerabilities: (1) _TT_ISCLOSE range-check flaw permitting memory overwriting of the process when a local or remote client calls _TT_ISCLOSE; (2) _TT_TRANSACTION/log_f...

Microsoft Windows XP2000NT 4.0 - RPC Service Denial of Service (1)

Microsoft Windows XP2000NT 4.0 - RPC Service Denial of Service 1 // source: https://www.securityfocus.com/bid/6005/info The Microsoft Windows RPC service contains a flaw that may allow a remote attacker to cause a denial of service. By sending a specifically malformed packet to TCP port 135, the...

CVE-2002-1642

PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction log pgclog data and cause a denial of service data loss via the VACUUM command...

CVE-2002-0678

CDE ToolTalk database server ttdbserver allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the TTTRANSACTION RPC procedure...

CVE-2002-0224

The MSDTC Microsoft Distributed Transaction Service Coordinator for Microsoft Windows 2000, Microsoft IIS 5.0 and SQL Server 6.5 through SQL 2000 0.0 allows remote attackers to cause a denial of service crash or hang via malformed random input...

KPMG-2002015: Microsoft Distributed Transaction Coordinator DoS

-------------------------------------------------------------------- Title: Microsoft Distributed Transaction Coordinator DoS BUG-ID: 2002015 Released: 19th Apr 2002 -------------------------------------------------------------------- Problem: ======== A flaw in the way MSDTC handles malformed...

MS02-018: Microsoft Windows Distributed Transaction Coordinator (DTC) Malformed Input DoS (319733) (intrusive check)

By sending a long series of malformed data such as 20200 NULL bytes to the remote Windows MSDTC service, it is possible for an attacker to cause the associated MSDTC.EXE to use 100% of the available CPU and exhaust kernel resources. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

PT-2001-1707 · Isc · Bind

Name of the Vulnerable Software and Affected Versions: BIND versions 8.2.4 and earlier BIND versions 9.1.2 and earlier Description: The issue allows attackers to obtain HMAC-MD5 shared secret keys used for DNS Transactional Signatures TSIG due to insecure permissions set by dnskeygen in BIND 8 an...

CVE-2001-0472

Hursley Software Laboratories Consumer Transaction Framework HSLCTF HTTP object allows remote attackers to cause a denial of service crash via an extremely long HTTP request...

CVE-2001-0010

Buffer overflow in transaction signature TSIG handling code in BIND 8 allows remote attackers to gain root privileges...

def-2001-12: Hursley Software Laboratories Consumer Transaction Framework DoS

====================================================================== Defcom Labs Advisory def-2001-12 Hursley Software Laboratories Consumer Transaction Framework DoS Author: Peter Grьndl [email protected] Release Date: 2001-03-20...

CVE-1999-0805

Novell NetWare Transaction Tracking System TTS in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests...

CVE-1999-0805

Novell NetWare Transaction Tracking System TTS in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests...

FreeBSD-SA-01:18.bind

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:18 Security Advisory FreeBSD, Inc. Topic: BIND remotely exploitable buffer overflow Category: core, ports Module: bind Announced: 2001-01-31 Credits: COVERT Labs Claudio...

Большие дыры в bind

В BIND 8 удаленное переполнение буфера в в реализации Transaction Signatures TSIG, в BIND 4 ошибка форматной строки...

ISC BIND 8 contains buffer overflow in transaction signature (TSIG) handling code

Overview The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS by the Internet Software Consortium ISC. There is a buffer overflow vulnerability in BIND 8.2.x, which may allow remote intruders to gain access to systems running BIND. DNS servers running BIND 8 a...