SpeechD 0.1/0.2 - Privileged Command Execution

source: https://www.securityfocus.com/bid/3326/info SpeechD is a device-independent layer for speech synthesis under Linux, providing an interface for speech-based applications or device drivers. SpeechD has been found to contain a flaw under certain implementations which can permit a local user ...

Shopping Cart Version 1.23

User can execute command, but can't use "../" www.server.com/cgi- local/shop.pl/SID=947626980.19094/page=;ls| XP-TEAM DonHuan [email protected]...

CVE-2000-1163

CVE-2000-1163 affects Ghostscript prior to 5.10-16, which uses an insecure LD_RUN_PATH value to locate libraries in the current directory. This enables a local attacker to place a Trojan horse library in a directory from which another user runs Ghostscript, potentially executing code with the use...

ProFTPD <= 1.2.0pre10 Remote Denial of Service Exploit

Exploit for unknown platform in category dos / poc ====================================================== ProFTPD = 1.2.0pre10 Remote Denial of Service Exploit ====================================================== / ProFTPd DoS version 1.1 Remote DoS in proFTPd Code by: JeT-Li -The Wushu Master-...

ProFTPd 1.2.0 pre10 - Remote Denial of Service

/ ProFTPd DoS version 1.1 Remote DoS in proFTPd Code by: JeT-Li -The Wushu Master- [email protected] Recently I posted a remote DoS for ProFTPd based in the multiple use of the SIZE command in order to crash the system. Now and thanks to the information provided by Wojciech Purczynski I have cod...

CVE-2000-0950

Format string vulnerability in x-gw in TIS Firewall Toolkit FWTK allows local users to execute arbitrary commands via a malformed display name...

Дырка в bftpd &#40;USER bo&#41;

Классическое переполнение буфера в команде USER...

Potential Security Problem in bftpd-1.0.11

Subject : Potential security problem in bftpd Buffer Overflow Author : Christophe BAILLEUX [email protected] Plateforms : nix Test version : bftpd-1.0.11 I. Introduction bftpd is a Linux FTP server with chroot and setreuid. Not all FTP commands are included. It accesses either the user's home directo...

CVE-2000-0833

Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a long 1 USER or 2 HELO command...

CVE-1999-1004

CVE-1999-1004 is a buffer overflow in the POP server POProxy used by Norton Anti-Virus NAV2000, triggered by a large USER command. The affected component is the POProxy POP server; underlying cause is a buffer overflow condition. Impact per the entry includes partial availability impact with no c...

CVE-1999-0759

The CVE-1999-0759 entry concerns FuseMAIL POP service vulnerable to a buffer overflow triggered by long USER and PASS commands. Connected sources confirm the affected component (FuseMAIL POP service) and the root cause (buffer overflow) with CVSS details indicating a high-severity, network-expose...

CVE-1999-0759

Buffer overflow in FuseMAIL POP service via long USER and PASS commands...

Jack De Winter WinSMTP 1.6 f/2.0 - Buffer Overflow

source: https://www.securityfocus.com/bid/1680/info A number of unchecked buffers exist in the SMTP and POP3 components of Jack De Winter's WinSMTP mail daemon which could lead to denial of service attacks or arbitrary code execution, depending on the data entered. Sending a HELO command consisti...

PostgreSQL Default Unpassworded Account

It is possible to connect to the remote PostgreSQL database server using an unpassworded account. This may allow an attacker to launch further attacks against the database. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

CVE-2000-0479

Dragon FTP server allows remote attackers to cause a denial of service via a long USER command...

dragonftp.py

!/usr/bin/python Dragon Serverftp DoS Proof of Concept Code. Vulnerability Discovered by USSR Labshttp://www.ussrback.com Simple Script by [email protected] By connecting to port 21ftp on a system running Dragon FTP Server v1.00/2.00 and typing USER 16500 bytes the service will crash This...

Dragon FTP USER Command Remote Overflow

It was possible to crash the remote FTP server by issuing a USER command followed by a very long argument over 16,000 characters. This is likely due to a remote buffer overflow vulnerability. A remote attacker could exploit this to crash the server, or possibly execute arbitrary code. C Tenable...

DST2K0009.txt

================================================================================ Delphis Consulting Plc ================================================================================ Security Team Advisories 31/05/2000 [email protected] http://www.delphisplc.com/thinking/whitepapers/...

CVE-1999-0759

Buffer overflow in FuseMAIL POP service via long USER and PASS commands...

BisonWare BisohFTP Server 3.5 - Multiple Vulnerabilities

// source: https://www.securityfocus.com/bid/271/info Multiple vulnerabilities in the BisonWare FTP Server can cause denials of service. The vulnerabilities are: The server fails to close the socket created by a PASV command in multiple PASV commands are executed back to back. This can create a...