Multiple RSA implementations fail to properly handle signatures

Overview Multiple RSA implementations fail to properly handle RSA signatures. This vulnerability may allow an attacker to forge RSA signatures. Description RSA signatures are used to authenticate the source of a message. To prevent RSA signatures from being forged, messages are padded with data t...

MIT Kerberos (krb5) ftpd and ksu do not properly validate seteuid() calls

Overview Privilege escalation vulnerabilities in MIT krb5 ftpd and ksu may allow an authenticated attacker to execute arbitrary code. Description The MIT krb 5 ftpd and ksu programs contain multiple privilege escalation vulnerabilities. These vulnerabilities are dependent on the host operating...

MIT Kerberos (krb5) krshd and v4rcp do not properly validate setuid() or seteuid() calls

Overview Privilege escalation vulnerabilities in MIT krb5 krshd and v4rcp may allow an authenticated attacker to execute arbitrary code. Description The MIT krb 5 krshd and v4rcp programs contain multiple privilege escalation vulnerabilities. MIT krb5 Security Advisory 2006-001 states that the...

AttachmateWRQ Reflection for Secure IT Server SFTP Format String

Binary data 3428.prm...

AttachmateWRQ Reflection for Secure IT Server SFTP Format String

The remote host is running AttachmateWRQ Reflection for Secure IT Server / F-Secure SSH Server, a commercial SSH server. According to its banner, the installed version of this software contains a format string vulnerability in its sftp subsystem. A remote, authenticated attacker may be able to...

AttachmateWRQ Reflection for Secure IT Server < 6.0 Build 24 Multiple Vulnerabilities

Binary data 3207.prm...