Melange Chat System 2.0.2 Beta 2 - yell Remote Buffer Overflow

Melange Chat System 2.0.2 Beta 2 - yell Remote Buffer Overflow source: https://www.securityfocus.com/bid/4508/info Melange Chat System is a chat server program developed by Christian Walter. Currently support for this application is no longer available. Due to inadequate bounds checking in Melang...

Melange Chat System 2.0.2 Beta 2 - '/yell' Remote Buffer Overflow

source: https://www.securityfocus.com/bid/4508/info Melange Chat System is a chat server program developed by Christian Walter. Currently support for this application is no longer available. Due to inadequate bounds checking in Melange, it is possible for users to initiate a buffer overflow...

File existance checking in Microsoft Internet Explorer

It's possible to check file existance with dynsrc property or with file:// URL in conjunction with javascript...

Icecast 1.x - AVLLib Buffer Overflow

Icecast 1.x - AVLLib Buffer Overflow // source: https://www.securityfocus.com/bid/4415/info Icecast is a freely available, open source streaming audio server. Icecast is available for the Unix, Linux, and Microsoft Windows platforms. Icecast does not properly check bounds on data sent from client...

Sambar Server 5.1 - Sample Script Denial of Service

Sambar Server 5.1 - Sample Script Denial of Service // source: https://www.securityfocus.com/bid/3885/info Sambar Server is a multi-threaded web server which will run on Microsoft Windows 9x/ME/NT/2000 operating systems. It is possible to cause a denial of service to Sambar Server by sending...

DNRD 1.x2.x - DNS RequestReply Denial of Service

DNRD 1.x2.x - DNS RequestReply Denial of Service source: https://www.securityfocus.com/bid/3928/info dnrd Domain Name Relay Daemon is a freely available, open-source proxy name server. It will run on a number of Unix and Linux distributions. There is a lack of sufficient bounds checking in DNS...

DNRD 1.x/2.x - DNS Request/Reply Denial of Service

source: https://www.securityfocus.com/bid/3928/info dnrd Domain Name Relay Daemon is a freely available, open-source proxy name server. It will run on a number of Unix and Linux distributions. There is a lack of sufficient bounds checking in DNS request and reply functions. As a result, it is...

Символьные линки в CDE dtlogin (symbolic links)

Создается файл /var/dt/Xerrors без проверки симваольных линков...

Microsoft Windows XP - HCP URI Buffer Overflow

Microsoft Windows XP - HCP URI Buffer Overflow source: https://www.securityfocus.com/bid/6802/info A buffer overrun vulnerability was reported for helpctr.exe. The vulnerability exists due to insufficient bounds checking on input supplied via the HCP URI parameter. An attacker can exploit this...

Microsoft Windows XP - HCP URI Buffer Overflow

source: https://www.securityfocus.com/bid/6802/info A buffer overrun vulnerability was reported for helpctr.exe. The vulnerability exists due to insufficient bounds checking on input supplied via the HCP URI parameter. An attacker can exploit this vulnerability by making a HCP request with an...

Обход проверки адреса IP в OpenSSH (protection bypass)

При определенной последовательности ключей в йале конфигурации не устанавливаются отдельные опции конфигурации на доступ с данным ключем...

CVE-2001-0338

Internet Explorer 5.5 and earlier does not properly validate digital certificates when Certificate Revocation List CRL checking is enabled, which could allow remote attackers to spoof trusted web sites, aka the "Server certificate validation vulnerability."...

CVE-1999-1434

Slackware Linux 3.2–3.5 is affected by CVE-1999-1434: the login process does not properly handle the error when /etc/group is missing, failing to drop privileges and potentially assigning root privileges to any local user who logs in. The connected documents confirm the affected OS versions and t...

NetBSD Security Advisory 2001-015: Insufficient checking of lengths passed to kernel

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2001-015 ================================= Topic: Insufficient checking of lengths passed from userland to kernel Version: NetBSD-current: source prior to August 5, 2001 NetBSD-1.5.1: affected NetBSD-1.5: affected NetBSD-1.4.: affected...

Проблемы с tcp_wrappers в FreeBSD (protection bypass)

Режим PARANOID hostname chacking не работает так, как заявлено...

Security Advisory FreeBSD-SA-01:56.tcp_wrappers

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:56 Security Advisory FreeBSD, Inc. Topic: tcpwrappers PARANOID hostname checking does not work Category: core Module: tcpwrappers Announced: 2001-08-23 Credits: Tony Finc...

FreeBSD-SA-01:56.tcp_wrappers

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:56 Security Advisory FreeBSD, Inc. Topic: tcpwrappers PARANOID hostname checking does not work Category: core Module: tcpwrappers Announced: 2001-08-23 Credits: Tony Finc...

CVE-2001-0524

eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier...

CVE-2001-0524

eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier...

Security Advisory 2000-011: Insufficient msg_controllen checking for sendmsg(2)

-----BEGIN PGP SIGNED MESSAGE----- NetBSD Security Advisory 2000-011 ================================= Topic: Insufficient msgcontrollen checking for sendmsg2 Version: All releases of NetBSD from 1.3 to 1.5, and -current Severity: Any local user can panic the system Fixed: NetBSD-current: July 1,...