eIQNetworks ESA License Manager LICMGR_ADDLICENSE Overflow

This module exploits a stack buffer overflow in eIQnetworks Enterprise Security Analyzer. During the processing of long arguments to the LICMGRADDLICENSE command, a stack-based buffer overflow occurs. This module has only been tested against ESA v2.1.13. This module requires Metasploit:...

CVE-2004-2544

Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 exports private keys when exporting firewall certificates, which might allow attackers to obtain sensitive information...

CVE-2004-2545

CVE-2004-2545 affects Secure Computing Corporation Sidewinder G2 6.1.0.01. Described as a remote denial of service of the SMTP proxy triggered by an “extremely busy network.” The embedded monitoring sub-system reportedly restarts after the failure. No remediation or concrete exploitation details ...

CVE-2004-2545

Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service SMTP proxy failure via unknown attack vendors involving an "extremely busy network." NOTE: this might not be a vulnerability because the embedded monitoring sub-system automatically restarts...

CVE-2004-2543

Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote attackers to cause a denial of service proxy failure via invalid traffic to the 1 T.120 or 2 RTSP proxy, or 3 invalid MIME messages to the mail filter. NOTE: this might not be a vulnerability because the embedded monitoring...

CVE-2004-2544

The CVE-2004-2544 entry concerns Secure Computing Corporation Sidewinder G2 6.1.0.01. The Admin Console exports private keys when exporting firewall certificates, potentially exposing sensitive information. Affected component: Admin Console; vulnerability: exporting private keys. Impact described...

CVE-2004-2543

The CVE-2004-2543 entry concerns Secure Computing Corporation Sidewinder G2 6.1.0.01. It describes a potential remote DoS where an attacker can trigger a proxy failure by sending invalid traffic to the T.120 or RTSP proxy, or sending invalid MIME messages to the mail filter. The note indicates th...

CVE-2004-2399

Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service CPU consumption via delayed responses to DNS queries...

CVE-2004-2399

Summary: CVE-2004-2399 affects Secure Computing Corporation Sidewinder G2 6.1.0.01. The vulnerability allows remote attackers to cause a denial of service via delayed responses to DNS queries, resulting in CPU consumption. The connected documentation confirms the affected product/version and the ...

CVE-2004-2545

Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service SMTP proxy failure via unknown attack vendors involving an "extremely busy network." NOTE: this might not be a vulnerability because the embedded monitoring sub-system automatically restarts...

CVE-2004-2399

Secure Computing Corporation Sidewinder G2 6.1.0.01 allows remote attackers to cause a denial of service CPU consumption via delayed responses to DNS queries...

CVE-2004-2543

Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote attackers to cause a denial of service proxy failure via invalid traffic to the 1 T.120 or 2 RTSP proxy, or 3 invalid MIME messages to the mail filter. NOTE: this might not be a vulnerability because the embedded monitoring...

CVE-2004-2544

Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 exports private keys when exporting firewall certificates, which might allow attackers to obtain sensitive information...

Denial of Service against Gauntlet-Firewall / SQL-Gateway

DOS-Attack against Gauntlet Firewall ------------------------------------- We found out a security-issue with the Oracle-Proxy SQL-Gateway of Gauntlet Firewall, Version 6 manufactured by Secure Computing/NAI, serversrunning Solaris 8, newest Patches installed. Abstract: --------- Sending subseque...

CVE-2003-0746

Various Distributed Computing Environment DCE implementations, including HP OpenView, allow remote attackers to cause a denial of service process hang or termination via certain malformed inputs, as triggered by attempted exploits against the vulnerabilities CVE-2003-0352 or CVE-2003-0605, such a...

Multiple Open Software Foundation Distributed Computing Environment (DCE) implementations vulnerable to DoS

Overview A denial-of-service vulnerability exists in multiple vendor implementations of the Distributed Computing Environment. This vulnerability may allow a remote attacker to cause the service to fail. Note that this vulnerability may be triggered by attackers attempting to exploit VU568148 and...

hackingcitrix.txt

Hacking Citrix: Last Updated: Oct 2nd 9:00PM Found 'Respond to Broad Cast Packets' to NOT break Ian Viteks scanner, so much for that! - Oct 1st, 2002 10:36AM Minor Corrections in Introduction - Introduction - How Citrix Works - Peeling Citrix Back - Securing Citrix... Sort of. .Introduction Citri...

Hardening of Solaris OS for MGC

...

Secure Computing SafeWord uses vulnerable ssh server

Secure Computing's SafeWord PremierAccess product earlier known as SafeWord Plus is an access control system capable of using several different authentication mechanisms for controlling access to network resources. The most used mechanism is one time passwords, generated by hardware or software...

DCE Services Enumeration

By sending a Lookup request to the portmapper TCP 135 or epmapper PIPE it was possible to enumerate the Distributed Computing Environment DCE services running on the remote port. Using this information it is possible to connect and bind to each service by sending an RPC request to the remote...