CORE-20020409: Multiple vulnerabilities in stack smashing protection technologies

CORE SECURITY TECHNOLOGIES Advisory http://www.corest.com Multiple vulnerabilities in stack smashing protection technologies Date Published: 2002-04-23 Last Update: 2002-04-23 Advisory ID: CORE-20020409 Bugtraq ID: Non-assigned yet CVE CAN: Non-assigned yet Title: Multiple vulnerabilities in stac...

Xpede many vulnerabilities

Xpede C00kb00k // Note As mentionned below in the "vendor status" section, i did not get any reply after 3 mails, asking for acknowledgment and an amount of working time expected before an official patch release. Well, at that time i still have no idea if intellisol/workforceroi is currently...

Утечка информации в mIRC (information leakage)

Ошибки реализации протокола DDC позволяют получить сведения о конфигурации пользователя...

PureTLS Security Announcement: Upgrade to 0.9b2

PureTLS http://www.rtfm.com/puretls is a pure Java implementation of SSLv3/TLS. PureTLS 0.9b2 was released Mar 1, 2002. Internal audits prior to the release of PureTLS 0.9b2 discovered a potential attack under certain conditions. This vulnerability was present in all prior versions. Details of th...

Multiple Vulnerabilities in Access Control List Implementation for Cisco 12000 Series Internet Router

...

Re: More problems with RADIUS (protocol and implementations)

I note that the original message didn't cite my short message to Bugtraq about security issues with RADIUS: http://cert.uni-stuttgart.de/archive/bugtraq/2000/12/msg00332.html Some points in that message were also covered by Joshua, he added a number of good points, and missed a few others...

RADIUS protocol and implementation weakness

There are few cryptographic problems allow to analize sniffed traffic. There is a possibility of request spoofing. Some implementation problems allow to DoS server or to elevate priveges...

OpenSSH & S/Key information leakage

FIRST: Neither of these information leakage issues is a security bug in itself. Both S/Key and OpenSSH are secure even with this issue. However, this information leakage may assist a hostile attacker. General S/Key Information Leakage: As is commonly known, the S/Key and OPIE one-time password...

Linux Kernel 2.2/2.4 - Ptrace/Setuid Exec Privilege Escalation

source: https://www.securityfocus.com/bid/3447/info Linux contains a vulnerability in it's exec implementation that may allow for modification of setuid process memory via ptrace. The vulnerability is due to the fact that it is possible for a traced process to exec a setuid image if the tracing...

Important: Red Hat Security Advisory: : New util-linux packages available to fix /bin/login pam problem

New util-linux packages are available that fix a problem with /bin/login's PAM implementation. This could, in some non-default setups, cause users to receive credentials of other users. It is recommended that all users update to the fixed packages. 2001-10-22: Packages are now available for Red H...

CVE-2001-1147

The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pamlimits...

CVE-1999-1291

TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset RST via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target...

CVE-2001-0597

Zetetic Secure Tool for Recalling Important Passwords STRIP 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly...

NetWin Authentication Module 3.0b password storage vulnerabilities / buffer overflows

NetWin Authentication Module 3.0b password storage vulnerabilities / buffer overflows AFFECTED SYSTEMS NWAuth module as used by DMail, SurgeFTP, others... cfr www.netwinsite.com I've tested SurgeFTP in particular The source code for NWAuth 2.0 can be found at...

FreeBSD-SA-01:45.samba

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:45 Security Advisory FreeBSD, Inc. Topic: samba Category: ports Module: samba Announced: 2001-07-10 Credits: Michal Zalewski Affects: Ports collection prior to the...

CVE-2001-0328

TCP implementations that use random increments for initial sequence numbers ISN can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN...

CVE-2001-0355

The CVE-2001-0355 entry affects Novell GroupWise 5.5 (service packs 1 and 2). The vulnerability arises from an implementation error in GroupWise system policies that allows a remote attacker to access arbitrary files. The connected documents confirm the affected product and the root cause (policy...

[SECURITY] [DSA 043-1] New Zope packages available

---------------------------------------------------------------------------- Debian Security Advisory DSA-043-1 [email protected] http://www.debian.org/security/ Martin Schulze March 9, 2001 - ---------------------------------------------------------------------------- Packages : zope...

ISC BIND 8.2.x - 'TSIG' Remote Stack Overflow (1)

/ tsig0wn.c Copyright Field Marshal August Wilhelm Anton Count Neithardt von Gneisenau [email protected] The author is not and will not be held responsible for the action of other people using this code. provided for informational purposes only since a greetz section is de rigeur greets to my...

Lotus Domino: security hole the size of Texas, plus somewhat smaller protocol auditing utility

Ben, this is an updated version. Plese let this one thru, if it isn't too late. Thanks. Even my girlfriend said this bug is incredible :P Sit and relax. First of all, a few words from me. Sorry for that if you hate my occassional intros - please appreciate that I am not putting 80x20 ASCII 'A D V...