Lucene search
K

7049 matches found

securityvulns
securityvulns
added 2003/03/15 12:0 a.m.20 views

Buffer overflows in ircII-based clients

After seeing the BitchX "DoS" problem mentioned the n'th time already, I decided to finally audit ircII based clients to show some worse problems they have. I had been pretty sure for years that malicious servers can exploit them in multiple ways, and I think many others have known it as well. EP...

0.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/02/08 12:0 a.m.244 views

writesrv Service Detection

This service gives potential attackers information about who is connected and who isn't, easing social engineering attacks for example. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11222; scriptversion "$Revision: 1.12 $"; scriptcvsdate"$Date: 2011/03/11 21:52:41 $"...

5.4AI score
Exploits0
securityvulns
securityvulns
added 2003/02/08 12:0 a.m.78 views

Yet another plaintext attack to ZIP encryption scheme.

Introduction ------------ The ZIP format is one of the most widely used compresion/archival programs on computers systems, its use is even more extended on Windows plataform, with WinZIP program. Known Attacks ------------- The PKZIP encryption scheme have been proved to be weak in a lot of paper...

Exploits0
NVD
NVD
added 2002/06/25 4:0 a.m.22 views

CVE-2002-0321

Yahoo! Messenger 5.0 allows remote attackers to spoof other users by modifying the username and using the spoofed username for social engineering or denial of service flooding attacks...

5CVSS6.7AI score0.03281EPSS
Exploits0References5
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.23 views

CVE-2002-0321

Yahoo! Messenger 5.0 allows remote attackers to spoof other users by modifying the username and using the spoofed username for social engineering or denial of service flooding attacks...

6.7AI score0.03281EPSS
Exploits0References5
exploitpack
exploitpack
added 2002/04/03 12:0 a.m.33 views

NetBSD 1.x - TalkD User Validation

NetBSD 1.x - TalkD User Validation source: https://www.securityfocus.com/bid/4419/info talkd is a client-server application shipped with many Unix and Linux variants that is used for communication between users locally or remotely. talkd does not perform adequate validation of users making talk...

7.4AI score
Exploits0
CVE
CVE
added 2002/03/09 5:0 a.m.40 views

CVE-2001-0563

CVE-2001-0563 affects ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier. The flaw allows a remote attacker to induce a denial of service by sending large strings (greater than 160,000 characters) to port 23. The available sources (NVD, CVE listings) corroborate the DoS impact but do not...

5CVSS7AI score0.06979EPSS
Exploits1References3Affected Software1
Exploit DB
Exploit DB
added 2002/02/27 12:0 a.m.30 views

xtell 2.6.1 - User Status Remote Information Disclosure

source: https://www.securityfocus.com/bid/4196/info xtell is a simple network messaging program. It may be used to transmit terminal messages between users and machines. xtell is available for Linux, BSD and most other Unix based operating systems. An information disclosure vulnerability has been...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2002/02/26 12:0 a.m.57 views

AOL/AOL Instant Messenger Vulnerability

AOL/AOL Instant Messenger Vulnerability -------------------------------------------------------------------------------- Author: Robert Lyttle [email protected] Contributors: r0cky Release Date: 02.24.02 - 2:00 AM Disclaimer: http://www.sub-seven.com and/or Robert Lyttle is not responsible for...

7AI score
Exploits0
securityvulns
securityvulns
added 2002/01/10 12:0 a.m.25 views

xchat IRC session hijacking vulnerability (versions 1.4.1, 1.4.2)

========================================================================== ======= xchat 1.4.2 and 1.4.3 IRC session hijacking vulnerability ======== ========================================================================== It is possible to trick xchat IRC clients 1.4.2, 1.4.3 into sending...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2002/01/09 12:0 a.m.26 views

X-Chat 1.x - CTCP Ping Remote IRC Command Execution

X-Chat 1.x - CTCP Ping Remote IRC Command Execution source: https://www.securityfocus.com/bid/3830/info X-Chat is a graphical client for IRC. It requires the GTK+ toolkit, and is available for many Linux and Unix operating systems. If a CTCP ping request includes escaped newline characters and...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2002/01/09 12:0 a.m.35 views

X-Chat 1.x - CTCP Ping Remote IRC Command Execution

source: https://www.securityfocus.com/bid/3830/info X-Chat is a graphical client for IRC. It requires the GTK+ toolkit, and is available for many Linux and Unix operating systems. If a CTCP ping request includes escaped newline characters and additional IRC commands, these commands may be execute...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2001/12/11 12:0 a.m.13 views

Brian Dorricott MAILTO 1.0.7-9 - Unauthorized Mail Server Use

Brian Dorricott MAILTO 1.0.7-9 - Unauthorized Mail Server Use source: https://www.securityfocus.com/bid/3669/info MAILTO is a program maintained by Brian Dorricott. It enables web servers to allow forms to be converted into mail messages that can be sent to numerous recipients. An issue exists in...

Exploits0
Exploit DB
Exploit DB
added 2001/12/11 12:0 a.m.27 views

Brian Dorricott MAILTO 1.0.7-9 - Unauthorized Mail Server Use

source: https://www.securityfocus.com/bid/3669/info MAILTO is a program maintained by Brian Dorricott. It enables web servers to allow forms to be converted into mail messages that can be sent to numerous recipients. An issue exists in MAILTO which could allow an attacker to send emails through a...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2001/10/10 12:0 a.m.39 views

Microsoft Outlook Web Access (OWA) Anonymous Access

It is possible to browse the information of the OWA server by accessing as an anonymous user with the following URL: http://www.example.com/exchange/root.asp?acs=anon After this access, the anonymous user can search for valid users in the OWA server and can enumerate all users by accessing the...

5CVSS5.6AI score0.2199EPSS
Exploits0References1
NVD
NVD
added 2001/08/14 4:0 a.m.10 views

CVE-2001-0563

ElectroSystems Engineering Inc. ElectroComm 2.0 and earlier allows a remote attacker to create a denial of service via large 160000 character strings sent to port 23...

5CVSS6.6AI score0.06979EPSS
Exploits1References3
exploitpack
exploitpack
added 2001/03/25 12:0 a.m.13 views

Olicom XLT-F XL 80 IM V5.5BL2 - Undocumented Community String

Olicom XLT-F XL 80 IM V5.5BL2 - Undocumented Community String source: https://www.securityfocus.com/bid/2802/info Olicom routers were previously manufactured and distributed by Olicom, a company now owned by Intel. Olicom routers provide a low-cost routing solution for small businesses. A problem...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2001/03/25 12:0 a.m.47 views

Olicom XLT-F XL 80 IM V5.5BL2 - Undocumented Community String

source: https://www.securityfocus.com/bid/2802/info Olicom routers were previously manufactured and distributed by Olicom, a company now owned by Intel. Olicom routers provide a low-cost routing solution for small businesses. A problem with Olicom routers could allow unauthorized access to certai...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2000/07/03 12:0 a.m.24 views

Microsoft Windows Messenger Service Social Engineering Weakness

The messenger service is running. This service allows NT users to send pop-up messages to each other. This service can be abused by anyone who can trick valid users into doing some actions that may harm their accounts or your network social engineering attack. C Tenable Network Security, Inc...

10CVSS5.4AI score0.01855EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2000/07/03 12:0 a.m.20 views

Microsoft Windows Alerter Service Social Engineering Weakness

The alerter service is running. This service allows NT users to send pop-up messages to each other. This service can be abused by an attacker who can trick valid users into doing some actions that may harm their accounts or your network social engineering attack C Tenable Network Security, Inc...

10CVSS5.5AI score0.01855EPSS
Exploits0References1
Rows per page
Query Builder