EUVD-2008-1084

Malware in sbrugna...

Internet Security Systems Protocol Analysis Module ICQ Parsing Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9913/info It has been reported that the Internet Security Systems ISS Protocol Analysis Module is prone to a remote buffer overflow vulnerability when parsing the ICQ protocol. This issue exists due to insufficient bounds...

Internet Security Systems ICECap Manager 2.0.23 Default Username and Password

No description provided by source. source: http://www.securityfocus.com/bid/1216/info ICECap Manager is a management console for BlackICE IDS Agents and Sentries. By default, ICECap Manager listens on port 8081, transmits alert messages to another server on port 8082, and has an administrative...

Internet Security Systems 3.6 BlackICE Local Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/19800/info Internet Security Systems ISS BlackICE PC Protection is prone to a local denial-of-service vulnerability because the application fails to properly sanitize user-supplied input. This vulnerability allows local...

Internet Security Systems 3.6 ZWDeleteFile Function Arbitrary File Deletion Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/20546/info Internet Security Systems ISS BlackICE PC Protection is prone to a file-deletion vulnerability. An attacker can exploit this issue to delete arbitrary files within the context of the affected application. This...

ISC DHCP dhclient stack buffer overflow

Overview The ISC DHCP dhclient application contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code with root privileges. Description As described in RFC 2131, "The Dynamic Host Configuration Protocol DHCP provides a framework for passing...

MS Windows IIS 5.0 SSL Remote buffer overflow Exploit (MS04-011)

No description provided by source. // / THCIISSLame 0.3 - IIS 5 SSL remote root exploit / / Exploit by: Johnny Cyberpunk [email protected] / / THC PUBLIC SOURCE MATERIALS / / / / Bug was found by Intern...

Cross site scripting

Cross-site scripting XSS vulnerability in the report interface in Internet Security Systems ISS Internet Scanner 7.0 Service Pack 2 Build 7.2.2005.52 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2008-1073

Cross-site scripting XSS vulnerability in the report interface in Internet Security Systems ISS Internet Scanner 7.0 Service Pack 2 Build 7.2.2005.52 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2008-1073

Internet Scanner 7.0 SP2 (Build 7.2.2005.52) from ISS is affected by a cross-site scripting (XSS) vulnerability in its report generation/printing function. The JVN entry clarifies that the reporting engine does not properly sanitize data when generating the HTML report, enabling an attacker to in...

Internet Security Systems 3.6 - 'ZWDeleteFile()' Arbitrary File Deletion

source: https://www.securityfocus.com/bid/20546/info Internet Security Systems ISS BlackICE PC Protection is prone to a file-deletion vulnerability. An attacker can exploit this issue to delete arbitrary files within the context of the affected application. This could lead to other attacks...

Internet Security Systems 3.6 - ZWDeleteFile() Arbitrary File Deletion

Internet Security Systems 3.6 - ZWDeleteFile Arbitrary File Deletion source: https://www.securityfocus.com/bid/20546/info Internet Security Systems ISS BlackICE PC Protection is prone to a file-deletion vulnerability. An attacker can exploit this issue to delete arbitrary files within the context...

Internet Security Systems 3.6 BlackICE - Local Denial of Service

source: https://www.securityfocus.com/bid/19800/info Internet Security Systems ISS BlackICE PC Protection is prone to a local denial-of-service vulnerability because the application fails to properly sanitize user-supplied input. This vulnerability allows local attackers to crash affected systems...

ISS Protection Brief: RealNetworks RealPlayer chunked Transfer-Encoding buffer overflow

-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Protection Alert Date: 03/28/06 Title: RealNetworks RealPlayer chunked Transfer-Encoding buffer overflow Summary: Multiple versions of RealNetworks RealPlayer and RealOne Player are vulnerable to a heap-based buffer overflow, caused by...

Snort 2.4.2 - Back Orifice Parsing Remote Buffer Overflow

/ THCsnortbo 0.3 - Snort BackOrifice PING exploit by [email protected] THC PUBLIC SOURCE MATERIALS Bug was found by Internet Security Systems http://xforce.iss.net/xforce/alerts/id/207 v0.3 - removed/cleaned up info for public release v0.2 - details added, minor changes v0.1 - first release Greetz to al...

Snort <= 2.4.2 Back Orifice Parsing Remote Buffer Overflow Exploit

Exploit for linux platform in category remote exploits ================================================================== Snort $Id: THCsnortbo.c,v 1.1 2005/10/24 11:38:59 thccvs Exp $ / / DETAILS The bug is in sppbo.c, BoGetDirection function static int BoGetDirectionPacket p, char pktdata uint3...

ISS Protection Brief: Microsoft Exchange Remote Compromise

-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Protection Advisory April 12, 2005 Microsoft Exchange Remote Compromise Summary: ISS has shipped protection for a flaw X-Force has discovered in Microsoft.s Exchange SMTP Server. Exchange is a dominant corporate email platform, and is...

ISS Protection Brief: Mozilla Foundation GIF Overflow

-----BEGIN PGP SIGNED MESSAGE----- Internet Security Systems Protection Brief March 23, 2005 Mozilla Foundation GIF Overflow Summary: ISS has shipped protection for a flaw X-Force has discovered in the GIF image processing library used in software developed by the Mozilla Foundation. This library...

EEYE: Internet Security Systems PAM ICQ Server Response Processing Vulnerability

Internet Security Systems PAM ICQ Server Response Processing Vulnerability Release Date: March 18, 2004 Date Reported: March 8, 2004 Severity: High Remote Code Execution Vendor: Internet Security Systems Systems Affected: RealSecure Network 7.0, XPU 22.11 and before RealSecure Server Sensor 7.0 X...

[Full-Disclosure] EEYE: RealSecure/BlackICE Server Message Block &#40;SMB&#41; Processing Overflow

RealSecure/BlackICE Server Message Block SMB Processing Overflow Release Date: February 26, 2004 Date Reported: February 18, 2004 Severity: High Remote Code Execution Vendor: Internet Security Systems Software Affected: RealSecure Network 7.0, XPU 20.15 through 22.9 Real Secure Server Sensor 7.0...