CVE-2004-2027

Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers to cause a denial of service crash via a long Basic Authorization header that triggers an out-of-bounds read...

CVE-2002-1654

The CVE affects iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1. A flaw allows remote attackers to initiate HTTP Basic Authentication through the wp-force-auth Web Publisher command, creating a distinct attack vector and potentially making brute-force password gue...

serversAlive.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory information: Title: Servers Alive - Privilege Escalation CVE Candidate Number: CAN-2005-0352 Application: Servers Alive Versions known affected: 4.1, 5.0; other versions not tested. Classification: Privilege Escalation Author: Michael Starks...

Servers Alive: Local Privilege Escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory information: Title: Servers Alive - Privilege Escalation CVE Candidate Number: CAN-2005-0352 Application: Servers Alive Versions known affected: 4.1, 5.0; other versions not tested. Classification: Privilege Escalation Author: Michael Starks...

See-security advisory: Trillian Basic 3.0 PNG Processing Buffer overflow

See-security Technologies ltd. http://www.see-security.com - Product Information Trillian is a fully featured, stand-alone, skinnable chat client that supports AIM, ICQ, MSN, Yahoo Messenger, and IRC. - Vulnerability Description Trillian contains a buffer overflow vulnerability in the way it pars...

Trillian Basic 3.0 PNG Image Processing Buffer Overflow Exploit

Exploit for unknown platform in category dos / poc =============================================================== Trillian Basic 3.0 PNG Image Processing Buffer Overflow Exploit =============================================================== See-security Technologies ltd...

Trillian Basic 3.0 PNG Image Processing Buffer Overflow Exploit

No description provided by source. See-security Technologies ltd. http://www.see-security.com Trillian 3.0 PNG Image Processing Buffer overflow Exploit Discovered and coded by: Tal zeltzer import sys import struct Addresses are compatible with Windows XP Service Pack 1 ReturnAddress = 0x77D7A145...

Trillian Basic 3.0 - '.png' Image Processing Buffer Overflow

See-security Technologies ltd. http://www.see-security.com Trillian 3.0 PNG Image Processing Buffer overflow Exploit Discovered and coded by: Tal zeltzer import sys import struct Addresses are compatible with Windows XP Service Pack 1 ReturnAddress = 0x77D7A145 Address of "jmp esp" in ntdll.dll...

CVE-2001-1414

The Basic Security Module BSM for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root...

CVE-2004-1358

The patches 1 114332-08 and 2 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module BSM, which allows attackers to avoid having their activity logged...

DEBIAN-CVE-2004-1897

Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service segmentation fault by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read...

CVE-2004-1897

Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service segmentation fault by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read...

CVE-2004-2306

Sun Solaris 7 through 9, when Basic Security Module BSM is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the auditwarn script, which might allow attackers to escape detection...

CVE-2004-0334

InnoMedia VideoPhone allows remote attackers to bypass Basic Authorization via an HTTP request to 1 videophoneadmindetail.asp, 2 videophonesyscfg.asp, 3 videophoneupgrade.asp, or 4 videophonesysctrl.asp that contains a trailing / slash. NOTE: the original report mentioned AXIS 2100 Network Camera...

Monit <= 4.2 Basic Authentication Remote Root Exploit

Exploit for linux platform in category remote exploits ===================================================== Monit linuxmailorg - Abhisek Datta abhisekfrontru 06.04.2004 http://www.eos-india.net New Targets : RedHat 9 Fedora Core 2 Slackware 8.1 Update Code :...

Monit &lt;= 4.2 Basic Authentication Remote Root Exploit

No description provided by source. / THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit = 4.2 Vulnerability: Buffer overflow in handling of Basic Authentication informations. Server authenticates clients through: Authentication: Basic...

Monit 4.2 - Basic Authentication Remote Code Execution

/ THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit linuxmailorg - Abhisek Datta abhisekfrontru 06.04.2004 http://www.eos-india.net New Targets : RedHat 9 Fedora Core 2 Slackware 8.1 Update Code :...

Monit 4.2 - Basic Authentication Remote Code Execution

Monit 4.2 - Basic Authentication Remote Code Execution / THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit linuxmailorg - Abhisek Datta abhisekfrontru 06.04.2004 http://www.eos-india.net New Targets : RedHat 9 Fedora Core 2 Slackware...

Denial of Service (DoS)

Overview Affected versions of this package are vulnerable to Denial of Service DoS. The asn1bufskiptail function in the ASN.1 decoder library for MIT Kerberos 5 krb5 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service infinite loop via a certain BER encoding. Remediation Ther...

Apache Httpd < 2.0.52 : Basic authentication bypass

A flaw in Apache 2.0.51 only broke the merging of the Satisfy directive which could result in access being granted to resources despite any configured authentication...