X Server Detection

This plugin detects X Window servers. X11 is a client - server protocol. Basically, the server is in charge of the screen, and the clients connect to it and send several requests like drawing a window or a menu, and the server sends events back to the clients, such as mouse clicks, key strokes, a...

Remote Control Server 1.6.2 Denial of Service Exploit

Exploit for unknown platform in category dos / poc ===================================================== Remote Control Server 1.6.2 Denial of Service Exploit ===================================================== !/usr/local/bin/perl Remote Control Server DOS Exploit...

Microsoft Client Server Runtime System Vulnerability

Overview The Microsoft Client Server Runtime System CSRSS incorrectly validates certain messages potentially resulting in privilege elevation. Description CSRSS is the user-mode part of the Win32 subsystem. Win32.sys is the kernel-mode portion of the Win32 subsystem. The Win32 subsystem must be...

CVE-2004-0657

Integer overflow in the NTP daemon NTPd before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time...

overkill.txt

0verkill - little simple vulnerability. I. Entry. Vulnerability is game 0verkill. There is some little bugs in clinet / server. II. Vulnerability details. a client: Vulnerability function is loadcfg, savecfg and maybe sendmessage. There is simple buffer overflow bugs: "in file client.c" void...

Mah-Jong 1.4 - ClientServer Remote sscanf() Buffer Overflow

Mah-Jong 1.4 - ClientServer Remote sscanf Buffer Overflow // source: https://www.securityfocus.com/bid/8557/info A remote buffer overflow vulnerability when calling the sscanf function has been reported to affect the mah-jong game client and server programs. The issue occurs within seperate sourc...

CVE-2003-0685

Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response...

LBreakout2 2.x - Login Remote Format String

/ source: https://www.securityfocus.com/bid/8021/info It has been reported that lbreakout2 is vulnerable to a format string issue in the login component. This may result in an attacker executing arbitrary code on a vulnerable host. / / lbreakout2-2.5+: remote format string exploit. only...

SCSA015.txt

====================================================================== Security Corporation Security Advisory SCSA-015 Remote Denial of Service Vulnerability in PowerFTP ====================================================================== PROGRAM: PowerFTP HOMEPAGE: http://www.cooolsoft.com...

[SecurityOffice] Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: MD5 - -- Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability -- - -- Type Information Leakage - -- Release Date March 17, 2003 - -- Product / Vendor NetCharts XBRL Server 4.0 is a data visualization service that generates charts and graphs,...

Half-Life Client Server Message Format String Vulnerability

...

ICQ contains a buffer overflow while processing Voice Video & Games feature requests

Overview There is a remotely exploitable buffer overflow in ICQ. Attackers that are able to exploit the vulnerability may be able to execute arbitrary code with the privileges of the victim user. Description ICQ is a program for communicating with other users over the Internet. ICQ is widely used...

STunnel 3.x - Client Negotiation Protocol Format String

// source: https://www.securityfocus.com/bid/3748/info Stunnel is a freely available, open source cryptography wrapper. It is designed to wrap arbitrary protocols that may or may not support cryptography. It is maintained by the Stunnel project. Stunnel does not properly handle unexpected input b...

[CERT-intexxia] pfinger Format String Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY ADVISORY INTEXXIAc 18 12 2001 ID 1050-181201 TITLE : pfinger Format String Vulnerability CREDITS : Guillaume Pelat / INTEXXIA SYSTEM AFFECTED =============== pfinger = 0.7.7 DESCRIPTION =========== pfinger is a finger daemon written in C. It ...

McKesson Pathways Homecare 6.5 - Weak Username and Password Encryption

McKesson Pathways Homecare 6.5 - Weak Username and Password Encryption source: https://www.securityfocus.com/bid/3653/info McKesson Pathways Homecare is a client/server application which is used to track patient information, billing information and medical records for home care patients. The...

McKesson Pathways Homecare 6.5 - Weak 'Username' and Password Encryption

source: https://www.securityfocus.com/bid/3653/info McKesson Pathways Homecare is a client/server application which is used to track patient information, billing information and medical records for home care patients. The administrative username and password are encrypted in the pwhc.ini file on...

AT&T WinVNC client authentication process vulnerable to man-in-the-middle attack

Overview WinVNC's challenge/response mechanism can allow an intruder to obtain legitimate credentials from a valid client in order to gain unauthorized access to the server. Description AT&T WinVNC is a free package available from AT&T Labs Cambridge that allows an existing desktop of a PC to be...

mmdump.pl

Meeting Maker is a networked calendaring/scheduling software package that's estimated to be installed on over 700,000 desktops e.g., see http://www.meetingmaker6.com/presslib/pressrel/mm061499mm6.htm. Meeting Maker is a registered trademark of ON Technology Corporation. Clients send passwords to ...

Remote vulnerability in LCDproc 0.4

-----BEGIN PGP SIGNED MESSAGE----- ============================================================== === Title: Vulnerability in LCDproc === === Date: 20 April 2000 === === Author: Andrew Hobgood [email protected] === ============================================================== Note: The LCDproc...

compulink-laserfiche-passwd.txt

Date: Thu, 28 Jan 1999 10:21:55 -0800 From: Darren Rogers To: [email protected] Subject: Compulink LaserFiche Client/Server - unencrypted passwords Background: LaserFiche is a popular client-server imaging system, which according to their website, 'is the trusted imaging system used by Fortune...