705 matches found
[SECURITY] Fedora 10 Update: uw-imap-2007e-1.fc10
The uw-imap package provides UW server daemons for both the IMAP Internet Message Access Protocol and POP Post Office Protocol mail access protocols. The POP protocol uses a "post office" machine to collect mail for users and allows users to download their mail to their local machine for reading...
Moderate: Red Hat Security Advisory: xen security and bug fix update
Updated xen packages that resolve several security issues and a bug are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The xen packages contain the Xen tools and management daemons needed to manage...
[SECURITY] Fedora 8 Update: uw-imap-2007d-1.fc8
The uw-imap package provides UW server daemons for both the IMAP Internet Message Access Protocol and POP Post Office Protocol mail access protocols. The POP protocol uses a "post office" machine to collect mail for users and allows users to download their mail to their local machine for reading...
[SECURITY] Fedora 9 Update: net-snmp-5.4.1-18.fc9
SNMP Simple Network Management Protocol is a protocol used for network management. The NET-SNMP project includes various SNMP tools: an extensible agent, an SNMP library, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the...
sendicmp-append.txt
/ sing file append exploit by bannedit 12/05/2007 The original reporter of this issue included an example session which added an account to the machine. The method for this exploit is slightly different and much more quiet. Although it relies upon logrotate for help. This could easily be modified...
Default credentials
The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the 1 root, 2 user, 3 manager, 4 administrator, and 5 operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000...
CVE-2007-3232
The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the 1 root, 2 user, 3 manager, 4 administrator, and 5 operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000...
CVE-2007-3232
The IBM TotalStorage DS400 with firmware 4.15 uses a blank password for the 1 root, 2 user, 3 manager, 4 administrator, and 5 operator accounts, which allows remote attackers to gain login access via certain Linux daemons, including a telnet daemon on a nonstandard port, tcp/6000...
Moderate: Red Hat Security Advisory: bluez-utils security update
Updated bluez-utils packages that fix a security flaw are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The bluez-utils package contains Bluetooth daemons and utilities. A flaw was found in the...
CVE-2007-2480
The udplibgetport function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other application...
TIBCO Rendezvous <= 7.4.11 (add router) Remote BOF Exploit
Exploit for unknown platform in category remote exploits ========================================================== TIBCO Rendezvous = 7.4.11 add router Remote BOF Exploit ========================================================== / Exploit: TIBCO RendezVous remote buffer overflow exploit for Win...
Symantec Veritas NetBackup network backup daemons multiple buffer overflows
Buffer overflows in vnetd, volume manager, database manager...
USN-224-1: Kerberos vulnerabilities
Gaël Delalleau discovered a buffer overflow in the envoptadd function of the Kerberos 4 and 5 telnet clients. By sending specially crafted replies, a malicious telnet server could exploit this to execute arbitrary code with the privileges of the user running the telnet client. CVE-2005-0468 Gaël...
Debian DSA-703-1 : krb5 - buffer overflows
Several problems have been discovered in telnet clients that could be exploited by malicious daemons the client connects to. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-0468 Gael Delalleau discovered a buffer overflow in the envoptadd function...
Multiple IRC Client Non-registered User parse_client_queued Saturation DoS
The remote host is running a version of ircd which is vulnerable to a rate-limiting Denial of Service DoS attack. The flaw is in the fact that the IRCD daemon reserves more than 500 bytes of memory for each line received. An attacker, exploiting this flaw, would need network access to the IRC...
CVE-2003-0478
CVE-2003-0478 affects Bahamut IRCd 1.4.35 and earlier and related IRC daemons based on Bahamut (digatech 1.2.1, methane 0.1.1, AndromedeIRCd 1.2.3-Release, ircd-RU) when running in debug mode. The root cause is a format-string vulnerability in handling requests that permits remote attackers to ca...
methane IRCd 0.1.1 - Remote Format String
// source: https://www.securityfocus.com/bid/8038/info Behamut IRCd has been reported prone to remotely exploitable format string vulnerability. The issue presents itself when Behamut is compiled with DEBUGMODE defined. Reportedly a remote attacker may send malicious format specifiers to trigger ...
CVE-2002-0992
Unknown vulnerability in IPV6 functionality for DCE daemons 1 dced or 2 rpcd on HP-UX 11.11 allows attackers to cause a denial of service crash via an attack that modifies internal data...
CVE-2002-0992
The CVE-2002-0992 entry describes an unknown vulnerability in the IPV6 functionality of DCE daemons (dced and rpcd) on HP-UX 11.11. The issue allows an attacker to cause a denial of service (crash) by performing an attack that modifies internal data. The connected documents confirm the affected c...
Possible DoS against inetd in Solaris
Hi, I stumbled upon something that looks like a bug in inetd on Solaris. If a Solaris box is portscaned by nmap with -T Insane option very quick scan daemons that are started by inetd stop responding. That is you can connect to them, connection get accepted, by they don't display any banner or...