CVE-2007-0201

The CVE refers to CVE-2007-0201 in the TIS Internet Firewall Toolkit (FWTK) ftp-gw. A buffer overflow in the cmd_usr function allows remote attackers to execute arbitrary code by supplying a long destination hostname (dest). This yields a high-severity, network-exploitable condition with potentia...

CVE-2000-0950

CVE-2000-0950 affects the x-gw component of the TIS Firewall Toolkit (FWTK). The root cause is a format string vulnerability in x-gw that allows local users to execute arbitrary commands via a malformed display name. Impact as described: complete confidentiality, integrity, and availability could...

FWTK x-gw Security Advisory [GSA2000-01]

geekgang Security Advisory gsa2000-01 www.geekgang.co.uk © Copyright 2000 geekgang ID: geekgang GSA2000-01 01 v1.0 Topic: FWTK x-gw format bug Status: Release 26th October, 2000 Author: pre Credit: Pekka Savola found the potential problem in the code Abstract The x-gw X Windows gateway component ...

Дырка в FWTK (x-gw format bug)

Ошибка форматной строки может привести к выполнению кода...

Possible remote vulnerability problem in TIS FWTK x-gw?

Hello all, I got around to checking out TIS FWTK for format string problems. It's a free-for-non-commercials firewall proxy package. The sources etc. can be obtained from http://www.tis.com/research/software/fwtkreadme.html. Tried to contact [email protected], mail bounced. Oh well. This is usuall...

fwtk.gauntlet.random.seed.txt

Date: Fri, 16 Apr 1999 15:36:27 -0500 From: [email protected] To: [email protected] Subject: FWTK, Gauntlet 'random seed' security problem Summary A 'random seed' problem in lib/rand.c affects all local challenge-response authentication on FWTK and Gauntlet. Many services have support available...