493 matches found
Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (4)
source: https://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A maliciously crafted request could allow...
NetSQL 1.0 - Remote Buffer Overflow
NetSQL 1.0 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/2885/info NetSQL is an implementation of a database and toolset distributed by Munica Corporation. NetSQL is part of 5 piece software package called the Webpak, containing utilities for features such as web boards,...
Solaris 2.62.67.08 whodo - Local Buffer Overflow
Solaris 2.62.67.08 whodo - Local Buffer Overflow // source: https://www.securityfocus.com/bid/2935/info The 'whodo' utility shipped with Sun Microsystems' Solaris provides a listing of users online and their activities. It is installed setuid root because it reads from the 'utmp' log as well as...
Elm 2.5.3 - Alternative-Folder Buffer Overflow
Elm 2.5.3 - Alternative-Folder Buffer Overflow // source: https://www.securityfocus.com/bid/2403/info There is a buffer overflow in elm 2.5 PL3. This overflow is accessible by passing a long string to the -f Alternative-Folder command-line option. This vulnerability may not be restricted to this...
Xmail 0.50.6 CTRLServer - Arbitrary Commands
Xmail 0.50.6 CTRLServer - Arbitrary Commands // source: https://www.securityfocus.com/bid/2360/info Versions of CTRLServer are vulnerable to malicious user-supplied input. A failure to properly bounds-check data passed to the cfgfileget command leads to an overflow, which, properly exploited, can...
BSDi 3.0 inc - Local Buffer Overflow / Local Privilege Escalation
/ BSDiincmh buffer overflow, by [email protected]. this is will give you euid=0root on BSDi/3.0 systems. / define PATH "/usr/contrib/mh/bin/inc" / path to inc on BSDi/3.0 / define BUFFER 2048 / no need to change this. / define DEFAULTOFFSET -7000 / generalized offset. / static char exec=...
BSDi SUIDPerl - Local Stack Buffer Overflow
BSDi SUIDPerl - Local Stack Buffer Overflow / BSDisuidperl buffer overflow, by [email protected]. this is that old buffer overflow in suidperl, but i never saw any version of it for BSDi. so, here it is. this gives euid=0. BSDi/3.0 / define PATH "/usr/bin/suidperl" / path to suidperl on BSDi/3.0....
Half Life - rcon Remote Buffer Overflow
Half Life - rcon Remote Buffer Overflow / SDI HalfLife rcon remote exploit for linux x86 portuguese exploit remoto para o buffer overflow do rcon no halflife Tamandua Sekure Labs Sao Paulo - Porto Alegre, Brazil by Thiago Zaninotti c0nd0r Gustavo Scotti csh Proof of concept - There is a remote...
UMN Gopherd 2.x - Halidate Function Buffer Overflow
UMN Gopherd 2.x - Halidate Function Buffer Overflow // source: https://www.securityfocus.com/bid/1591/info It is possible to either execute arbitrary code or crash a remote system running University of Minnesota's Gopher Daemon, depending on the data entered. An unchecked buffer exists in the...
vqSoft vqServer 1.4.49 - Denial of Service
source: https://www.securityfocus.com/bid/1610/info vqServer 1.4.49 is subject to a buffer overflow. If a GET request is sent to the server containing 65 000 characters the server will stop responding. A reboot is required in order to gain normal functionality. !/usr/bin/perl DoS exploit for...
Possible vulnerability in HPUX
Hello, Few days ago i read the mail Hackerslab bugpaper HP-UX bdf -t option buffer overflow vul. And decided to see any other possible vulnerabilityies on my ststem. HP-UX 10.20. After a few minutes maybe a little more : ,trying each setuid exe with different options, i finally got results as for...
Stanley T. Shebs Xconq 7.2.2 - xconq Buffer Overflow
Stanley T. Shebs Xconq 7.2.2 - xconq Buffer Overflow / source: https://www.securityfocus.com/bid/1495/info Xconq is a multiple player strategy game available for many unix platforms. It contains a number of buffer overflow vulnerabilities including the ability to overflow stack buffers with eithe...
Real Networks RealPlayer 67 - Location Buffer Overflow
Real Networks RealPlayer 67 - Location Buffer Overflow source: https://www.securityfocus.com/bid/1088/info Unchecked buffer code exists in the 'location' field of Real Networks RealPlayer versions 6.0 and 7.0. Requesting a URL containing a string consisting of 300 or more characters would cause t...
FreeBSD-SA-00:10.orville-write
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:10 Security Advisory FreeBSD, Inc. Topic: orville-write port contains local root compromise. Category: ports Module: orville-write Announced: 2000-03-15 Affects: Ports...
AnalogX SimpleServer:WWW 1.0.1 - GET Buffer Overflow
source: https://www.securityfocus.com/bid/906/info The SimpleServer:WWW personal webserver package from AnalogX can be compromised due to an overflowable buffer. If a GET request longer than 1000 bytes is received, the software will crash and data from the request gets pased to the EIP, meaning...
unixware.auto.txt
Greetings, OVERVIEW Although UnixWare's /usr/X/bin/xauto is NOT suid/sgid, we can still overf= low a buffer within it and gain root privileges. BACKGROUND Only tested UnixWare 7.1, all other UnixWares should be assumed vulnerabl= e. DETAILS xauto is mode 755, root/sys and yet we can still use a...
Solaris 7.0 - kcms_configure Local Overflow Local Privilege Escalation
Solaris 7.0 - kcmsconfigure Local Overflow Local Privilege Escalation / source: https://www.securityfocus.com/bid/831/info The binary kcmsconfigure, part of the Kodak Color Management System package shipped with OpenWindows and ultimately, Solaris is vulnerable to a local buffer overflow. The...
Sun Solaris 7.0 - rpc.ttdbserver Denial of Service
Sun Solaris 7.0 - rpc.ttdbserver Denial of Service // source: https://www.securityfocus.com/bid/811/info It is possible to crash rpc.ttdbserver by using the old tddbserver buffer overflow exploit. This problem is caused by a NULL pointer being dereferenced when rpc function 15 is called with...
[SECURITY] New version of nfs-server fixes remote exploit
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman November 11, 1999 - ------------------------------------------------------------------------ The version of nfs-server that was...
XtraMail POP3 PASS Command Remote Overflow
The remote POP3 server is vulnerable to the following buffer overflow : USER test PASS This may allow an attacker to execute arbitrary commands as root on the remote POP3 server. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10325; scriptversion"1.48";...