182 matches found
PragmaSys TelnetServer 2000 - rexec Buffer Overflow
source: https://www.securityfocus.com/bid/1605/info Pragma Systems offers a windows remote access server called TelnetServer 2000. TelnetServer crashes if more than 1000 NULL characters are sent to its rexec port, 512. This can be executed by an anonymous attacker from anywhere on the internet. I...
warftpd exploit?
WarFTPd 1.66 - 1.67 can be crashed due to an un-checked buffer for the CWD command, as this DoS exploit by eth0 from b0f shows. Now, it seems that the ret address can't be overwritten so it is probably a dynamic buffer, and therefore a heap or data overflow... I've seen some heap overflows agains...