316 matches found
Endless loop in Halo 1.06
Luigi Auriemma Application: Halo: Combat Evolved http://www.microsoft.com/games/pc/halo.aspx Versions: = 1.06 and Custom Edition 1.00 Platforms: Windows Bug: endless loop Exploitation: remote, versus server Date: 24 May 2005 Author: Luigi Auriemma e-mail: [email protected] web:...
GLSA-200505-06 : TCPDump: Decoding routines Denial of Service vulnerability
The remote host is affected by the vulnerability described in GLSA-200505-06 TCPDump: Decoding routines Denial of Service vulnerability TCPDump improperly handles and decodes ISIS CAN-2005-1278, BGP CAN-2005-1267, CAN-2005-1279, LDP CAN-2005-1279 and RSVP CAN-2005-1280 packets. TCPDump might loop...
Debian DSA-708-1 : php3 - missing input sanitising
An iDEFENSE researcher discovered two problems in the image processing functions of PHP, a server-side, HTML-embedded scripting language, of which one is present in PHP3 as well. When reading a JPEG image, PHP can be tricked into an endless loop due to insufficient input validation. %NASLMINLEVEL...
WinFTP Server 1.6 Denial of Service Exploit
Exploit for unknown platform in category dos / poc =========================================== WinFTP Server 1.6 Denial of Service Exploit =========================================== !/usr/local/bin/perl -w WinFTP server ver 1.6 D.o.S Exploit Discovered,exploited by KaGra Tested on WinXP SP1...
WinFTP Server 1.6 - Denial of Service
!/usr/local/bin/perl -w WinFTP server ver 1.6 D.o.S Exploit Discovered,exploited by KaGra Tested on WinXP SP1 English version Sending 40 times a username and a buffer of 1500 bytes as pass,will crash the server,as soon as is not minimized in Target computer.If he is minimized,he will crash as soo...
WinFTP Server 1.6 - Denial of Service
WinFTP Server 1.6 - Denial of Service !/usr/local/bin/perl -w WinFTP server ver 1.6 D.o.S Exploit Discovered,exploited by KaGra Tested on WinXP SP1 English version Sending 40 times a username and a buffer of 1500 bytes as pass,will crash the server,as soon as is not minimized in Target computer.I...
Debian DSA-080-1 : htdig - unauthorized gathering of data
Nergal reported a vulnerability in the htsearch program which is distributed as part of the ht://Dig package, an indexing and searching system for small domains or intranets. Using former versions it was able to pass the parameter -c to the cgi program in order to use a different configuration...
Multiple Samba bugs
DoS against NetBIOS name service nmbd, endless loop in SMBD...
GLSA-200406-20 : FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling
The remote host is affected by the vulnerability described in GLSA-200406-20 FreeS/WAN, Openswan, strongSwan: Vulnerabilities in certificate handling All these IPsec implementations have several bugs in the verifyx509cert function, which performs certificate validation, that make them vulnerable ...
Mandrake Linux Security Advisory : super-freeswan (MDKSA-2004:070-1)
Thomas Walpuski discovered a vulnerability in the X.509 handling of super-freeswan, openswan, strongSwan, and FreeS/WAN with the X.509 patch applied. This vulnerability allows an attacker to make up their own Certificate Authority that can allow them to impersonate the identity of a valid DN. As...
XITAMI invalid request endless loop
If HTTP header doesn't contain ':' server goes into endless loop...
PureFTPd DoS
There is an endless loop on specific condition with 0 written to memory...
compaq.txt
SSI vulnerability in Compaq Web Based Management Agent ====================================================== Type of vulnerabilities: Server Side Include injection. Exploitable. Stack overflows and access violations. Exploitable? Creation of script objects. Exploitable? Affected Software: Compaq...
tcpdump ISAKMP DoS
Endless loop on malcrafted ISAKMP packet UDP/500...
nylon 0.2 (0.3?) DoS
Dear bugtraq@, I found this bug in nylon 0.2, but according to CVS logs it was already fixed in nylon project Tue Jun 25 00:27:07 2002 UTC 3 months, 2 weeks ago, http://mesh.eecs.umich.edu/cvsweb/nylon/ So, just update to newer version. Details: if definedSENDN || definedRECVN ssizet if...
Infinite loop in LOTUS NOTE 5.0.3. SMTP SERVER
Maybe this is a configuration error in the server where I tryed this but anyway here is the message that I sent : helo xpto.pt mail from: non-existant-user@ipadressoflotusserver mail to : non-existant-user data testing123 . So Lotus Notes SMTP Server now will loop forever trying to tell to the...