CVE-2002-0381

The TCP implementation in various BSD operating systems tcpinput.c does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address...

CVE-2002-0510

The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux...

CVE-2002-0510

CVE-2002-0510 describes a fingerprinting flaw in the UDP/IP stack of Linux 2.4.x: the IP Identification field is kept at 0 for non-fragmented packets, enabling remote observers to determine if a target runs Linux. The available connected documents reiterate the Linux kernel vulnerability and refe...

CVE-2001-1376

Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote attackers to cause a denial of service and possibly execute arbitrary code via shared secret data...

QNX 6.x - ptrace() Arbitrary Process Modification

QNX 6.x - ptrace Arbitrary Process Modification source: https://www.securityfocus.com/bid/4919/info The QNX implementation of 'ptrace' is reportedly insecure. An unprivileged process may attach to a setuid program without restriction. Since the attaching process may view or edit memory, an attack...

CORE-20020409: Multiple vulnerabilities in stack smashing protection technologies

CORE SECURITY TECHNOLOGIES Advisory http://www.corest.com Multiple vulnerabilities in stack smashing protection technologies Date Published: 2002-04-23 Last Update: 2002-04-23 Advisory ID: CORE-20020409 Bugtraq ID: Non-assigned yet CVE CAN: Non-assigned yet Title: Multiple vulnerabilities in stac...

Xpede many vulnerabilities

Xpede C00kb00k // Note As mentionned below in the "vendor status" section, i did not get any reply after 3 mails, asking for acknowledgment and an amount of working time expected before an official patch release. Well, at that time i still have no idea if intellisol/workforceroi is currently...

Утечка информации в mIRC (information leakage)

Ошибки реализации протокола DDC позволяют получить сведения о конфигурации пользователя...

PureTLS Security Announcement: Upgrade to 0.9b2

PureTLS http://www.rtfm.com/puretls is a pure Java implementation of SSLv3/TLS. PureTLS 0.9b2 was released Mar 1, 2002. Internal audits prior to the release of PureTLS 0.9b2 discovered a potential attack under certain conditions. This vulnerability was present in all prior versions. Details of th...

Multiple Vulnerabilities in Access Control List Implementation for Cisco 12000 Series Internet Router

...

RADIUS protocol and implementation weakness

There are few cryptographic problems allow to analize sniffed traffic. There is a possibility of request spoofing. Some implementation problems allow to DoS server or to elevate priveges...

Re: More problems with RADIUS (protocol and implementations)

I note that the original message didn't cite my short message to Bugtraq about security issues with RADIUS: http://cert.uni-stuttgart.de/archive/bugtraq/2000/12/msg00332.html Some points in that message were also covered by Joshua, he added a number of good points, and missed a few others...

OpenSSH & S/Key information leakage

FIRST: Neither of these information leakage issues is a security bug in itself. Both S/Key and OpenSSH are secure even with this issue. However, this information leakage may assist a hostile attacker. General S/Key Information Leakage: As is commonly known, the S/Key and OPIE one-time password...

Linux Kernel 2.2/2.4 - Ptrace/Setuid Exec Privilege Escalation

source: https://www.securityfocus.com/bid/3447/info Linux contains a vulnerability in it's exec implementation that may allow for modification of setuid process memory via ptrace. The vulnerability is due to the fact that it is possible for a traced process to exec a setuid image if the tracing...

Important: Red Hat Security Advisory: : New util-linux packages available to fix /bin/login pam problem

New util-linux packages are available that fix a problem with /bin/login's PAM implementation. This could, in some non-default setups, cause users to receive credentials of other users. It is recommended that all users update to the fixed packages. 2001-10-22: Packages are now available for Red H...

CVE-2001-1147

The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pamlimits...

CVE-1999-1291

TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset RST via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target...

CVE-2001-0597

Zetetic Secure Tool for Recalling Important Passwords STRIP 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly...

NetWin Authentication Module 3.0b password storage vulnerabilities / buffer overflows

NetWin Authentication Module 3.0b password storage vulnerabilities / buffer overflows AFFECTED SYSTEMS NWAuth module as used by DMail, SurgeFTP, others... cfr www.netwinsite.com I've tested SurgeFTP in particular The source code for NWAuth 2.0 can be found at...

FreeBSD-SA-01:45.samba

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:45 Security Advisory FreeBSD, Inc. Topic: samba Category: ports Module: samba Announced: 2001-07-10 Credits: Michal Zalewski Affects: Ports collection prior to the...