42 matches found
slident / fake identd Detection
The remote ident/authd server returns random tokens instead of leaking real user IDs this is a good thing. It may be slidentd or some other fake identd. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid18373; scriptversion "$Revision: 1.17 $"; scriptcvsdate"$Date:...
Identd Service Detection
Binary data 2323.prm...
Identd Service Detection
Binary data 2326.prm...
Identd Service Detection
Binary data 2325.prm...
Identd Service Detection
Binary data 2324.prm...
identd Service UID Association
By using the identd server RFC 1413, it is possible to determine the process owner of the remote service. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; ifdescription scriptid14674; scriptversion"1.21";...
CVE-2002-1792
Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers to execute arbitrary code as root via a long request that is split into multiple packets...
trillian DoS: trillian 1.0 pro also vulnerable
followup to Lance Fitz-Herbert aka phrizer's find earlier today. trillian pro 1.0 is also vulnerable to the DoS. no need to run C code, perl and netcat do it: perl -e 'print "A"x450; print "n"' | nc ip 113 same precautions ... disable or filter identd on that host. enjoy. jose nazario, ph.d...
Fake Identd - Remote root exploit
Date: 07/29/2002 Product: fakeidentd Summary: remote root exploit ---------------------------- Overview ---------------------------- Fake Identd is a small standalone ident server with static replies. It is designed to be suitable for firewalls, IP masquerading hosts, etc. Documentation :...
fake identd (fakeidentd) Fragmented Packet Request Remote Overflow
The identd server on this port seems to be a version of fake identd that fails to properly validate user input before copying it into a buffer of fixed size. By splitting data into two or more packets, an anonymous remote attacker can overflow the input buffer and execute arbitrary code with root...
Fake Identd 0.91.x - Client Query Remote Buffer Overflow
Fake Identd 0.91.x - Client Query Remote Buffer Overflow // source: https://www.securityfocus.com/bid/5351/info Fake Identd is an open source Ident server designed to return the same information to all incoming requests. It is implemented by Tomi Ollila, and available for Linux and a number of...
Fake Identd 0.9/1.x - Client Query Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/5351/info Fake Identd is an open source Ident server designed to return the same information to all incoming requests. It is implemented by Tomi Ollila, and available for Linux and a number of other Unix based operating systems. Reportedly, some versio...
Exploit for xinetd-2.1.8.9pre11-1
Hi bugtraq. I read the zen-parse's advisory about the 'potential' overflow, as he said, in xinetd-2.1.8.9pre11-1 and I tried to work around it. First of all we have to remember that the bof occurs only if, in the configuration file of the daemon, there is an entry like this: logonsuccess = HOST P...
Xinetd 2.1.8 - Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/2840/info The possibility for a buffer overflow condition exists in the xinetd daemon. Xinetd provides the ability to log via identd the user-identities of clients connecting to specific services if the clients host supports it. It may be possible for...
Переполнение буфера в identd (buffer overflow)
Длинный запрос на идентификацию вызывает переполнение буфера...
SuSE Linux in.identd Request Saturation DoS
Ident is a protocol which gives to the remote server the name of the user who initiated a given connection. It's mainly used by IRC, SMTP and POP servers to obtain the login name of the person who is using their services. There is a flaw in the remote identd daemon which allows anyone to crash...
CVE-1999-0629
CVE-1999-0629 relates to the ident/identd service being active. OpenVAS labels it as an ident Service Information Disclosure Vulnerability with CVSS base 5.0 (AV:N/AC:L/Au:N/C:P/I:N/A:N). The provided sources confirm the service is running, but there are no concrete details on affected versions, ...
snplog.bof.txt
Date: Tue, 16 Feb 1999 00:42:49 +0000 From: Rupert Weber-Henschel To: [email protected] Subject: snplog-1.0 buffer overflow There is a possible buffer overflow in snplog-1.0. Or is it 0.1? The tar file is 0.1, the docs say 1.0. % snplog contains tcplogd, icmplogd, udplogd The offending code is...
SuSE Linux 6.2 Slackware Linux 3.23.6 - identd Denial of Service
SuSE Linux 6.2 Slackware Linux 3.23.6 - identd Denial of Service // source: https://www.securityfocus.com/bid/587/info In the inetd.conf under certain distributions of SuSE Linux the in.identd daemon is started with the -w -t120 option. This means that one identd process waits 120 seconds after...
SuSE Linux 6.2 / Slackware Linux 3.2/3.6 - 'identd' Denial of Service
// source: https://www.securityfocus.com/bid/587/info In the inetd.conf under certain distributions of SuSE Linux the in.identd daemon is started with the -w -t120 option. This means that one identd process waits 120 seconds after answering the first request to answer the next request. If a...