79 matches found
Remote Format String Vulnerabilities in eXtremail
Package: eXtremail Auth: http://www.extremail.com/ Versions: 1.5.9 current release Vulnerability: Format String What’s eXtremail: eXtremail is a Unix mail server that supports SMTP/POP3/IMAP protocols. It includes support for virtual domains, spoofing attack ,SSL connection and Antivirus checking...
Microsoft Windows XP - explorer.exe Remote Denial of Service
Microsoft Windows XP - explorer.exe Remote Denial of Service source: https://www.securityfocus.com/bid/9924/info Microsoft Windows Explorer for Windows XP has been reported to be prone to a remote denial of service vulnerability. This issue is due to a failure of the application to properly...
RhinoSoft Serv-U FTPd Server 3.x/4.x/5.x - 'MDTM' Remote Overflow
/ exservu.c - Serv-U FTPD 3.x/4.x/5.x "MDTM" Command remote overflow exploit Copyright c SST 2004 All rights reserved. Public version BUG find by bkbll [email protected], cool! :ppPPppPPPpp :D code by Sam and 2004/01/07 Revise History: 2004/01/14 add rebind shellcode : we can bind shellport at...
[Full-Disclosure] lftp buffer overflows
lftp buffer overflows --------------------- PROGRAM: lftp VENDOR: Alexander V. Lukyanov et al. HOMEPAGE: http://lftp.yar.ru/ VULNERABLE VERSIONS: 2.3.0, 2.4.9, 2.6.6, 2.6.7, 2.6.8, 2.6.9, probably all versions inbetween IMMUNE VERSIONS: 2.6.10, older versions with my patch applied PROGRAM...
Half-Life 1.1 - Invalid Command Error Response Format String
source: https://www.securityfocus.com/bid/8730/info It has been reported that Half-Life clients may be prone to a format string vulnerability. The problem occurs when an invalid command is issued to the server, and an error response is returned and displayed by the client. If a format specifier...
DSA-376 exim - buffer overflow
Bulletin has no description...
Adminmod format string bug
Formatstring bug in multiple command...
Alt-N MDaemon 6.0.x - POP Server Buffer Overflow
Alt-N MDaemon 6.0.x - POP Server Buffer Overflow source: https://www.securityfocus.com/bid/6053/info A buffer overflow vulnerability has been reported for MDaemon. The vulnerability is due to inadequate bounds checking on some POP server commands. An attacker can exploit this vulnerability by...
FreeBSD 4.x - Process Concealment Bypass
FreeBSD 4.x - Process Concealment Bypass source: https://www.securityfocus.com/bid/4768/info In FreeBSD, setting kern.psshowallprocs=0 via the sysctl call is meant to disable normal users from seeing any running processes that are not owned by them. The current implementation of this feature fail...
CVE-2001-1109
Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. dot dot in the 1 LIST, 2 QUOTE SIZE, and 3 QUOTE MDTM commands...
BRS Webweaver 0.x - FTP Root Full Path Disclosure
BRS Webweaver 0.x - FTP Root Full Path Disclosure source: https://www.securityfocus.com/bid/2676/info BRS WebWeaver is an ftpd and webserver from Blaine Southam. WebWeaver's FTP component has a flaw which can permit a remote user to learn the physcial path to the FTP service's root directory. By...
Solaris FTP Daemon CWD Command Account Enumeration
It is possible to determine the existence of a user on the remote system by issuing the command CWD , even before logging in. An attacker can exploit this flaw to determine the existence of known vulnerable accounts. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid1065...
Sunftp build9(1) - ftp server Vulnerability
It is possible to break out of the root directory by using relative paths e:crap was used as homedir. of user test. the get command getting files from outside of the root dir. 220 chris FTP Server SunFTP b9 ready on port 21... Benutzer 10.17.3.44:none: test 331 Password required for test. Kennwor...
thong.pl
Written by hypoclear - http://hypoclear.cjb.net Thong-th-thong-th-thong.pl AKA thong.pl is a PERL script which automates several attacks against various Cisco products. To be specific: 12-13-00 - Cisco Catalyst ssh Protocol Mismatch DoS Vulnerability 11-28-00 - Cisco 675 Web Administration Denial...
CVE-2000-1146
Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that navigate into and out of the /proc/self directory and executing various commands such as ls or pwd...
fastream ftp++ 2.0 - Directory Traversal
fastream ftp++ 2.0 - Directory Traversal source: https://www.securityfocus.com/bid/2267/info It is possible for a remote uesr to gain read permissions outside of the Faststream FTP++ Server directory. By requesting an 'ls' command along with the drive name, Fastream FTP++ will disclose the conten...
Check Point Software Firewall-1 3.0/1 4.0 / Cisco PIX Firewall 4.x/5.x - 'ALG' Client
// source: https://www.securityfocus.com/bid/1045/info A vulnerability exists in the handling of certain rules on many firewalls, that may allow users outside of the firewall to gain limited access to areas behind firewalls. Whereas previous descriptions of attacks of this style were server based...
fw1-ftp.txt
FireWall-1 FTP Server Vulnerability Background Paper 1, data protect AG John McDonald Thomas Lopatic References ---------- Please reference the recent vuln-dev posting by Mikael Olsson entitled, "Breaking through FTP ALGs -- is it possible?" At the time of this writing, it was not yet archived on...
Multiple FTP Server QUOTE CWD Command Home Path Disclosure
It is possible to determine the full path of the home directory of the 'ftp' user by issuing the 'CWD' command. An attacker can exploit this to determine where to put a .rhost file using other security flaws. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10087;...