295 matches found
CVE-2006-0918
Buffer overflow in RITLabs The Bat! 3.60.07 allows remote attackers to execute arbitrary code via a long Subject field...
Buffer overflow
Buffer overflow in RITLabs The Bat! 3.60.07 allows remote attackers to execute arbitrary code via a long Subject field...
CVE-2006-0918
Buffer overflow in RITLabs The Bat! 3.60.07 allows remote attackers to execute arbitrary code via a long Subject field...
CVE-2006-0918
The CVE-2006-0918 entry concerns a buffer overflow in The Bat! client from RITLabs, specifically The Bat! 3.60.07. The vulnerability occurs via a long Subject field, enabling remote attackers to potentially execute arbitrary code. The connected sources confirm the affected product/version and the...
KLA10363 ACE vulnerability in The Bat!
A buffer overflow was found in The Bat! By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed e-mail. Original advisories - Related products The-Bat! CVE list CVE-2006-0918 high Solution Update to latest...
NSA Group Security Advisory NSAG-№198-23.02.2006 Vulnerability The Bat v. 3.60.07
Advisory: NSAG-№198-23.02.2006 Research: NSA Group Russian company on Audit of safety & Network security Site of Research: http://www.nsag.ru or http://www.nsag.org Product: The Bat v. 3.60.07 Site of manufacturer: www.ritlabs.com The status: 19/11/2005 - Publication is postponed. 19/11/2005 -...
The Bat mail agent buffer overflow
Buffer overflow on oversied Subject field...
Design/Logic Flaw
RITLabs The Bat! before 3.0.0.15 displays certain important headers from encapsulated data in message/partial MIME messages, instead of the real headers, which is in violation of RFC2046 header merging rules and allows remote attackers to spoof the origin of e-mail by sending a fragmented message...
CVE-2006-0630
RITLabs The Bat! before 3.0.0.15 displays certain important headers from encapsulated data in message/partial MIME messages, instead of the real headers, which is in violation of RFC2046 header merging rules and allows remote attackers to spoof the origin of e-mail by sending a fragmented message...
CVE-2006-0630
The CVE-2006-0630 issue affects RITLabs The Bat! before 3.0.0.15, where certain headers from encapsulated data in message/partial MIME messages are shown instead of the real headers, violating RFC2046 header merging. This enables remote attackers to spoof the email origin by sending a fragmented ...
CVE-2006-0630
RITLabs The Bat! before 3.0.0.15 displays certain important headers from encapsulated data in message/partial MIME messages, instead of the real headers, which is in violation of RFC2046 header merging rules and allows remote attackers to spoof the origin of e-mail by sending a fragmented message...
thebatSpoof.txt
Title: The Bat! 2.x message headers spoofing Author: 3APA3A Homepage: http://www.security.nnov.ru/ Advisory URL: http://www.security.nnov.ru/advisories/thebatspoof.asp Vendor: RitLabs Vendor's page http://thebat.net/ Application: The Bat 2.x 2.12.04 tested Not vulnerable: The Bat! 3.5 Remote: Yes...
SECURITY.NNOV: The Bat! 2.x message headers spoofing
Title: The Bat! 2.x message headers spoofing Author: 3APA3A [email protected] Homepage: http://www.security.nnov.ru/ Advisory URL: http://www.security.nnov.ru/advisories/thebatspoof.asp Vendor: RitLabs Vendor's page http://thebat.net/ Application: The Bat 2.x 2.12.04 tested Not vulnerable:...
The Bat! mail agent headers spoofing
message/partial format alows to spoof message headers completely, making it impossible to track sender by Received or Message-ID headers...
SQL overflow new method!! Broilers do not worry!!- Vulnerability warning-the black bar safety net
Today I used this method got almost 2 0 Station broiler chickens. Uh it!!!! To use several tool!! nc.exe sqlhello.exe Proxy Hunter now!! First with proxy Hunter scan 1 4 3 3 port! This everyone should be. To play QB when you can say is... Uh... and Sweep to finishing it.. Export. Replaced the...
ARPSniffer get the highest permissions-bug warning-the black bar safety net
Suppose you want to attack the host IP is:61.139.1.79 The same subnet the next, we have the right to limit the host IP is:61.139.1. 8 8 and 3 3 8 9 landing The first step: tracert 61.139.1.1 C:\WIN2000\system32tracert 61.139.1.1 Tracing route to HACK-4FJ7EARC 61.139.1.1 over a maximum of 3 0 hops...
Apache Remote Command Execution via .bat files
The Apache 2.0.x Win32 installation is shipped with a default script, /cgi-bin/test-cgi.bat, that allows an attacker to execute commands on the Apache server although it is reported that any .bat file could open this vulnerability. An attacker can send a pipe character with commands appended as...
Apache HTTP Server Remote Command Execution via .bat files
The Apache HTTP Server 2.0.x Win32 installation is shipped with a default script, /cgi-bin/test-cgi.bat, that allows an attacker to execute commands on the Apache server although it is reported that any .bat file could open this vulnerability. SPDX-FileCopyrightText: 2002 Matt Moore Some text...
CVE-2005-3382
The CVE-2005-3382 entry describes a flaw in Sophos 3.91 with the 2.28.4 engine where an interpretation error allows a file (e.g., BAT, HTML, EML) containing an MZ magic byte sequence to be treated as a safe type, enabling bypass of virus scanning. This is a “magic byte bug” vulnerability that cou...
CVE-2005-3372
The CVE-2005-3372 entry concerns eTrust CA 7.0.1.4 (11.9.1 engine). The vulnerability arises from a magic byte bug: files with an unsuspecting extension (e.g., BAT, HTML, EML) containing an MZ EXE-like signature are treated as safe types but can still execute as dangerous content. This bypasses v...