In the WEBSHELL, the clever use of file sharing to perform system commands-bug warning-the black bar safety net

Recently in the invasion of Win2003 when found default case not use the system comes with the cmd. exe files to execute system commands, upload the cmd. exe file because the file is too big to fail, then I pass a station adjacent to the machine's file share successfully upload the cmd. exe file,...

Heap overflow

Heap-based buffer overflow in T2EMBED.DLL in Microsoft Windows 2000 SP4, XP SP1 and SP2, and Server 2003 up to SP1, Windows 98, and Windows ME allows remote attackers to execute arbitrary code via an e-mail message or web page with a crafted Embedded Open Type EOT web font that triggers the...

CVE-2005-4786

Buffer overflow in the archive decompression library vrAZMain.dll 5.8.22.137, as used in HAURI anti-virus products including 1 ViRobot Expert 4.0, 2 ViRobot Advanced Server, and 3 HAURI LiveCall, allows user-assisted attackers to execute arbitrary code via an ALZ archive containing a file with a...

CVE-2005-2659

Buffer overflow in the LZX decompression in CHM Lib chmlib 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors...

DEBIAN-CVE-2005-2659

Buffer overflow in the LZX decompression in CHM Lib chmlib 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors...

CVE-2005-2659

Buffer overflow in the LZX decompression in CHM Lib chmlib 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors...

CVE-2005-2659

Buffer overflow in the LZX decompression in CHM Lib chmlib 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors...

CVE-2005-2659

CVE-2005-2659 is a buffer overflow in the LZX decompression path of CHM Lib (chmlib) 0.35, used by KchmViewer. Root cause: overflow in LZX decompression. The impact and attack vectors are described as unknown in initial sources; later advisories (Debian DSA-886-1 and related OpenVAS entries) refe...

CVE-2005-2659

Buffer overflow in the LZX decompression in CHM Lib chmlib 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors...

CVE-2005-2659

Buffer overflow in the LZX decompression in CHM Lib chmlib 0.35, as used in products such as KchmViewer, has unknown impact and attack vectors...

[SECURITY] [DSA 886-1] New chmlib packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 886-1 [email protected] http://www.debian.org/security/ Martin Schulze November 7th, 2005 http://www.debian.org/security/faq -...

[SECURITY] [DSA 886-1] New chmlib packages fix several vulnerabilities

-------------------------------------------------------------------------- Debian Security Advisory DSA 886-1 [email protected] http://www.debian.org/security/ Martin Schulze November 7th, 2005 http://www.debian.org/security/faq -...

Microsoft Windows Unchecked Buffer in Decompression Functions (Q329048)

Two vulnerabilities exist in the Compressed Folders function: An unchecked buffer exists in the programs that handles the decompressing of files from a zipped file. A security vulnerability results because attempts to open a file with a specially malformed filename contained in a zipped file coul...

CVE-2005-3030

Directory traversal vulnerability in the archive decompression library in AhnLab V3Pro 2004 build 6.0.0.383, V3 VirusBlock 2005 build 6.0.0.383, and V3Net for Windows Server 6.0 build 6.0.0.383 allows remote attackers to write arbitrary files via a .. dot dot in the filename in a compressed archi...

DC++ and its mods remote DoS in bzip2 decompression routine

DC++ and its mods remote DoS in bzip2 decompression routine Critical Security research: http://www.critical.lt Original advisory may be found: http://www.critical.lt/?vulnerabilities/22 PoC file may be found here: http://www.critical.lt/research/dc.zip Vulnerable product: DC++ and its mods all...

SUSE Security Announcement: kernel multiple security problems (SUSE-SA:2005:050)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUSE Security Announcement Package: kernel Announcement ID: SUSE-SA:2005:050 Date: Thu, 01 Sep 2005 14:00:00 +0000 Affected Products: 9.1, 9.2, 9.3 SUSE Linux Enterprise Server 9 Novell Linux Desktop 9 Vulnerability Type: denial of service, local...

CVE-2005-2720

HAURI Anti-Virus products (ViRobot Expert 4.0, Advanced Server, Linux Server 2.0, LiveCall) are affected by CVE-2005-2720 due to a stack-based buffer overflow in the ACE archive decompression library (vrAZace.dll) when scanning ACE archives. The flaw occurs with ACE archives that contain a file w...

CVE-2005-2475

Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete...

DEBIAN-CVE-2005-2475

Race condition in Unzip 5.52 allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by Unzip after the decompression is complete...

zlib -- buffer overflow vulnerability

Problem description A fixed-size buffer is used in the decompression of data streams. Due to erronous analysis performed when zlib was written, this buffer, which was belived to be sufficiently large to handle any possible input stream, is in fact too small. Impact A carefully constructed...