ml2 - local users can crash processes

Exploit for linux platform in category dos / poc ===================================== ml2 - local users can crash processes ===================================== include include include include error int mainint argc, char argv char foo1000; char bigmsg10000; char s, holds; int i = 0;...

Vulnerabilities in KTH Kerberos IV

OVERVIEW Kerberos is a network authentication protocol which by using secret-key cryptography provides authentication over insecure networks. There are at least two common free Kerberos implementations: MIT and KTH Royal Institute of Techology, Sweden. The latter is included in OpenBSD and FreeBS...

gnome_segv - Local Buffer Overflow

/ gnomesegv local buffer overflow. Author: Cody Tubbs loophole of hhp. www.hhp-programming.net / [email protected] 12/9/2000 This exploit was coded at overfiens in cali. Shouts to overfien and skeptik... h00t h00t. Bug found by skeptik. Tested on SuSE 6.4/2.2.14 non sid by default, p.o.e. only. ...

CVE-2000-1065

CVE-2000-1065 concerns the IP implementation of HP JetDirect printer card firmware (versions up to x.08.20 and earlier). The vulnerability allows remote attackers to cause a denial of service (printer crash) by sending a malformed packet. The connected documents confirm affected product (HP JetDi...

Microsoft Windows 9xME - Share Level Password Bypass (2)

Microsoft Windows 9xME - Share Level Password Bypass 2 source: https://www.securityfocus.com/bid/1780/info Share level password protection for the File and Print Sharing service in Windows 95/98/ME can be bypassed. Share level access provides peer to peer networking capabilities in the Windows...

Microsoft Windows 9x/ME - Share Level Password Bypass (1)

source: https://www.securityfocus.com/bid/1780/info Share level password protection for the File and Print Sharing service in Windows 95/98/ME can be bypassed. Share level access provides peer to peer networking capabilities in the Windows 9x/ME environment. It depends on password protection in...

Серьезная проблема с реализацией NetBIOS (NetBT) в Windows

Используя отсутствие проверки отправителя датаграммы можно подменить записи в кэше имен NetBIOS...

Translate:f summary, history and thoughts

Because Microsoft went the way of HIDING the actual mechanism of Translate:f from all of us original KB article is gone and new Security Bulletin is playing nasty game of downplaying the problem, i have decided to write follow up with sufficient information. HOW IT WORKS -------------------------...

Sun JDK 1.1.x / Sun JRE 1.1.x - Listening Socket

source: https://www.securityfocus.com/bid/1545/info A set of flaws in multiple vendors' Java implementation allows a malicious applet to open a listening socket to accept network connections against the security policy. Java applications use the java.net.ServerSocket class to create a listening...

CVE-2000-0062

The DTML implementation in the Z Object Publishing Environment Zope allows remote attackers to conduct unauthorized activities...

fbsd-ping.txt

--0-1774392370-951065021=:49727 Content-Type: TEXT/PLAIN; charset=US-ASCII Attached unofficial patch to drop ICMP packets larger than 8184 bytes. E-Mail/Flame me if not liked... I wanted to be able to set the maximum value via sysctl but I'm not sure if I'll break anything, feel free to pick up...

FreeBSD 3.4 NetBSD 1.4.1 OpenBSD 2.6 - proc FileSystem

FreeBSD 3.4 NetBSD 1.4.1 OpenBSD 2.6 - proc FileSystem // source: https://www.securityfocus.com/bid/940/info Certain BSD derivative operating systems use an implantation of the /proc filesystem which is vulnerable to attack from malicious local users. This attack will gain the user root access to...

CVE-2000-0062

The DTML implementation in the Z Object Publishing Environment Zope allows remote attackers to conduct unauthorized activities...

FTP client/server and listen() implementation

Here is exploit. It works as described in NAI 1996 bulletin http://www.nai.com/nailabs/aspset/advisory/ftp-paper.asp but.... there are two points i'm disagree with NAI. 1. ftp console client under FreeBSD 2.2.x IS vulnerable 2. Inspite I don't treat FTP as secured protocol IMHO it's OS/software...

kki.rpc.libc.DoS.txt

Date: Wed, 14 Apr 1999 15:26:14 +0200 From: Lukasz Luzar To: [email protected] Subject: KKIS.08041999.001.b - security raport - flaws in rpc part of libc S E C U R I T Y Contacts KKI Security Team Cracow Commercial Internet, Poland http://www.security.kki.pl http://www.kki.pl...

Linux Kernel 2.0 Sendmail - Denial of Service

Linux Kernel 2.0 Sendmail - Denial of Service / source: https://www.securityfocus.com/bid/363/info The 2.0.x kernels have a quirk in the TCP implementation that have to do with the accept call returning after only a syn has been recieved as opposed to the three way handshake having been completed...

Linux Kernel 2.0 Sendmail - Denial of Service

/ source: https://www.securityfocus.com/bid/363/info The 2.0.x kernels have a quirk in the TCP implementation that have to do with the accept call returning after only a syn has been recieved as opposed to the three way handshake having been completed. Sendmail, which is compiled on many unices,...

Xi Graphics Maximum CDE 1.2.3TriTeal TED CDE 4.3Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)

Xi Graphics Maximum CDE 1.2.3TriTeal TED CDE 4.3Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow 2 // source: https://www.securityfocus.com/bid/122/info An implementation fault in the ToolTalk object database server allows a remote attacker to run arbitrary code as the superuser on hosts...

Xi Graphics Maximum CDE 1.2.3/TriTeal TED CDE 4.3/Sun Solaris 2.5.1 - ToolTalk RPC Service Overflow (2)

// source: https://www.securityfocus.com/bid/122/info An implementation fault in the ToolTalk object database server allows a remote attacker to run arbitrary code as the superuser on hosts supporting the ToolTalk service. The affected program runs on many popular UNIX operating systems supportin...

CVE-2020-12565

...