Joe Kloss RobinHood 1.1 - Remote Buffer Overflow

source : https://www.securityfocus.com/bid/1944/info RobinHood is a HTTP/1.1 web server based upon libHTTP and is designed for the BeOS platform. Improper bounds checking exists in code that handles requests RHCWindow.cpp and RHLogger.cpp. The components RHConsole and RHDaemon will cease operatio...

Avirt Mail 4.x DoS

Issue: ------ Avirt Mail 4.x up to latest version is vulnerable to denial of service while handling a SMTP session. Tested versions: ---------------- Avirt Mail 4.0 build 4124 - vulnerable Avirt Mail 4.2 build 4807 - vulnerable Both versions where tested on Windows 98 since I do not have access...

Avirt Mail 4.04.2 - Mail From: Rcpt to: Denial of Service

Avirt Mail 4.04.2 - Mail From: Rcpt to: Denial of Service // source: https://www.securityfocus.com/bid/1825/info Due to insufficient bounds checking in the code that handles the fields 'MAIL FROM:' and 'RCPT TO:', it is possible to remotely crash Avirt Mail. Entering over 272 characters into the...

Avirt Mail 4.0/4.2 - 'Mail From:' / 'Rcpt to:' Denial of Service

// source: https://www.securityfocus.com/bid/1825/info Due to insufficient bounds checking in the code that handles the fields 'MAIL FROM:' and 'RCPT TO:', it is possible to remotely crash Avirt Mail. Entering over 272 characters into the 'RCPT TO:' field will crash the application upon terminati...

Possible remote vulnerability problem in TIS FWTK x-gw?

Hello all, I got around to checking out TIS FWTK for format string problems. It's a free-for-non-commercials firewall proxy package. The sources etc. can be obtained from http://www.tis.com/research/software/fwtkreadme.html. Tried to contact [email protected], mail bounced. Oh well. This is usuall...

pine421.txt

/ PINE Exploit 4.21 bTm Proof of Concept: Pine 4.21 There exists a vulnerability in Pine 4.21 involving the portion of code in charge of peroidically checking email when a pine client is open. Run pine in one window, then send an email to the account owning that session. Switch back over and hit...

[SECURITY] New version of horde and imp released

------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman September 10, 2000 - ------------------------------------------------------------------------ Package : horde and imp Problem type...

012.txt

From [email protected] Wed Aug 2 11:08:46 2000 Return-Path: Date: Mon, 2 Aug 0100 11:56:57 +0000 Reply-To: [email protected] Sender: Bugtraq List From: [email protected] Subject: Local root compromise in PGX Config Sun Sparc Solaris To: [email protected] hi guys and gals yeah heres...

DoS in Gamsoft TelSrv telnet server for MS Windows 95/98/NT/2k.

Application: GAMSoft's TelSrv 1.4/1.5 Problem Type: Denial of Service Author: [email protected] Platforms: Windows 95/98/NT/2k Vendor Status: Contacted. Vendor Website: http://www.gamsoft.com Product Description ------------------- TelSrv is superior Telnet server. It provides you with th...

Multiple bugs in Alibaba 2.0

Application: Alibaba 2.0 Problem Type: Multiple Problems3 Author: [email protected] Platforms: Windows 95/98/NT Vendor Status: Not Informed Vendor Website: http://csm.alcyonis.fr Product Description ------------------- Alibaba is a fully functional http server for windows 95/98/NT. It...

telsrv.txt

Application: GAMSoft's TelSrv 1.4/1.5 Problem Type: Denial of Service Author: Prizm Platforms: Windows 95/98/NT/2k Vendor Status: Contacted. Vendor Website: http://www.gamsoft.com Product Description ------------------- TelSrv is superior Telnet server. It provides you with the ability to remotel...

GuildFTPd Traversal Arbitrary File Enumeration

The remote FTP server can be used to determine if a given file exists on the remote host or not, by adding dot-dot-slashes in front of them. This is caused by the server responding with different error messages depending on if the file exists or not. An attacker may use this flaw to gain more...

Lame DoS in WEBactive win65/NT server

Application: ITAfrica's WebACTIVE version 1.00 Problem Type: Denial of Service Author: [email protected] Platforms: Windows 95/98/NT Vendor Status: Not Informed, Project discontinuedI think Download URL: ftp://ftp.mira.net/mirrors/winsock-l/Windows95/Daemons/HTTPD/activ100.zip Product...

webactive.txt

Application: ITAfrica's WEBactive version 1.00 Problem Type: Denial of Service Author: [email protected] Platforms: Windows 95/NT Vendor Status: Not Informed, Project discontinuedI think Download URL: ftp://ftp.mira.net/mirrors/winsock-l/Windows95/Daemons/HTTPD/activ100.zip Product...

REMOTE EXPLOIT IN ALL CURRENT VERSIONS OF BIG BROTHER

/ Big Brother Exploit For ALL Versions prior to v.1.4h Desc: View the contents of any file on the remote system. Including /etc/passwd or /etc/shadow Contributions: Identified and Proof of Concept by Safety and Loki LoA Greets and shouts to: RootHat, Lammie The Infamous Lamagra! We know wuftpd wa...

dalnet 4.6.5 remote vulnerability

This was something that w00w00 was originally going to release under the w00giving, but we never did. So, I thought this would fit well with vuln-dev. The complication is that no individual variable is large enough to fit shellcode, so it requires splitting the shellcode between the nickname,...

Multiples Remotes DoS Attacks in Dragon Server v1.00 and v2.00 Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Multiples Remotes DoS Attacks in Dragon Server v1.00 and v2.00 Vulnerability USSR Advisory Code: USSR-2000046 Release Date: June 16, 2000 Systems Affected: Dragon Server v2.00 Dragon Server v1.00 THE PROBLEM The Ussr Labs team has recently discovered ...

Shadow Op Software Dragon Server 1.02.0 - Multiple Denial of Service Vulnerabilities

Shadow Op Software Dragon Server 1.02.0 - Multiple Denial of Service Vulnerabilities source: https://www.securityfocus.com/bid/1352/info Two denial of service vulnerabilities exist in the Dragon Server package, versions 1.00 and 2.00, from Shadow Ops Software. By supplying large arguments to two...

Shadow Op Software Dragon Server 1.0/2.0 - Multiple Denial of Service Vulnerabilities

source: https://www.securityfocus.com/bid/1352/info Two denial of service vulnerabilities exist in the Dragon Server package, versions 1.00 and 2.00, from Shadow Ops Software. By supplying large arguments to two different network services, it is possible to cause these services to be innaccessibl...

An Analysis of the TACACS+ Protocol and its Implementations

-----BEGIN PGP SIGNED MESSAGE----- OW-001-tacplus, revision 1 May 30, 2000 An Analysis of the TACACS+ Protocol and its Implementations ----------------------------------------------------------- This advisory presents an analysis of several vulnerabilities in the TACACS+ protocol. Unfortunately,...