2253 matches found
FreeBSD 4.105.x - execve() Unaligned Memory Access Denial of Service
FreeBSD 4.105.x - execve Unaligned Memory Access Denial of Service / source: https://www.securityfocus.com/bid/10596/info It is reported that FreeBSD running on the Alpha architecture is susceptible to a denial of service vulnerability in its execve system call. An attacker with local interactive...
FreeBSD 4.10/5.x - 'execve()' Unaligned Memory Access Denial of Service
/ source: https://www.securityfocus.com/bid/10596/info It is reported that FreeBSD running on the Alpha architecture is susceptible to a denial of service vulnerability in its execve system call. An attacker with local interactive user-level access on an affected machine is reportedly able to cra...
Alpha Black Zero <= 1.04 Remote Denial of Service Exploit
Exploit for unknown platform in category dos / poc ========================================================= Alpha Black Zero include include ifdef WIN32 include include include void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case 10009: err...
Alpha Black Zero <= 1.04 Remote Denial of Service Exploit
No description provided by source. / by Luigi Auriemma / include stdio.h include stdlib.h include string.h ifdef WIN32 include winsock.h include string.h include errno.h void stderrvoid char error; switchWSAGetLastError case 10004: error = "Interrupted system call"; break; case 10009: error = "Ba...
Invision Power Board (IP.Board) < 2.0 Alpha 3 - SQL Injection (PoC)
IP.Board SQL Injection Vendor: Invision Power Services Product: IP.Board Version: 0 OR pinned=1 ORDER BY pinned DESC, ProblemIsHere DESC LIMIT 0,15 mySQL e...
CVE-2002-2000
ACMS 4.3 and 4.4 in OpenVMS Alpha 7.2 and 7.3 does not properly use process privileges, which allows attackers to access data...
Cracking OpenVMS passwords with John the Ripper
I have written a patch for John the Ripper http://www.openwall.com/john/ to allow cracking OpenVMS Vax and Alpha passwords. The patch is based on code from Shawn Clifford, Davide Casale and Mario Ambrogetti. The sources are in http://jl.gailly.net/security/john-VMS-patch.tar.gz A README file is a...
CVE-2000-1209
The "sa" account is installed with a default null password on 1 Microsoft SQL Server 2000, 2 SQL Server 7.0, and 3 Data Engine MSDE 1.0, including third party packages that use these products such as 4 Tumbleweed Secure Mail MMS 5 Compaq Insight Manager, and 6 Visio 2000, which allows remote...
CVE-2000-1209
The CVE-2000-1209 issue affects Microsoft SQL Server 2000, SQL Server 7.0, and Data Engine (MSDE) 1.0 where the sa account is installed with a default null password. This enables remote attackers to gain privileges and was exploited by worms such as Voyager Alpha Force and Spida, with third-party...
CVE-2002-0225
Tac_plus Tacacs+ daemon F4.0.4.alpha (originally Cisco) is vulnerable because the accounting directive creates files with world-readable and world-writable permissions, allowing local users to access and modify sensitive files. Affected component: tac_plus Tacacs+ daemon; root cause: insecure fil...
CVE-2001-1305
CVE-2001-1305 affects ICQ 2001a Alpha and earlier. A remote attacker can cause an ICQ user’s contact list to automatically include arbitrary UINs by visiting a web page whose Content-Type is set to application/x-icq, which IE processes. The connected documents consistently describe ICQ as vulnera...
CVE-2001-0845
Technical details about CVE-2001-0845 are not publicly available in the provided connected documents. Monitor for updates from NVD/CVE records to obtain affected products, scope, impact, and remediation.
CVE-2001-0845
Vulnerability in DECwindows Motif Server on OpenVMS VAX or Alpha 6.2 through 7.3, and SEVMS VAX or Alpha 6.2, allows local users to gain access to unauthorized resources...
CVE-1999-1315
CVE-1999-1315 affects DECnet/OSI on OpenVMS prior to 5.8 running on DEC Alpha AXP and VAX/VMS. The vulnerability allows local users to gain privileges or cause a denial of service. The connected documents confirm the affected environment but do not provide detailed root cause, specific vulnerable...
[SECURITY] New versions of Debian traceroute packages
Package: traceroute Vulnerability: local root exploit Debian-specific: no Vulnerable: yes In versions of the traceroute package before 1.4a5-3, it is possible for a local user to gain root access by exploiting an argument parsing error. This problem is fixed in version 1.4a5-3, uploaded to Debian...
[SECURITY] Security policy for Debian 2.1 (slink) (updated)
Debian is phasing out support for Debian 2.1 slink. We believe that this will have a minimal impact on our user community as we expect that most slink users have already upgraded to potato. We had originally announced that support would end Sep 30, 2000. In response to feedback to our earlier...
[SECURITY] Security update policy for Debian 2.1 (slink)
Debian is phasing out support for Debian 2.1 slink. We believe that this will have a minimal impact on our user community as we expect that most slink users have already upgraded to potato. In order to ease the transition for those who have not yet upgraded, we will provide minimal support until...
[SECURITY] New Debian nfs-common packages released
Package: nfs-common from nfs-utils Vulnerability: remote root exploit Debian-specific: no The version of nfs-common distributed in Debian GNU/Linux 2.2 a.k.a potato, as well as in the unstable woody distribution, is vulnerable to a remote root compromise. No exploit is known to exist in the wild,...
CVE-2000-0535
OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken...
CVE-2000-0535
CVE-2000-0535 affects OpenSSL 0.9.4 and OpenSSH on FreeBSD, where FreeBSD Alpha's missing /dev/random or /dev/urandom leads to weak cryptographic keys. The issue arises from improper device checks, resulting in keys that may be easier to break. The provided documents describe the root cause and a...