8634 matches found
Samba 2.0.7 - SWAT Logging Failure
// source: https://www.securityfocus.com/bid/1873/info The Samba software suite is a collection of programs that implements the SMB protocol for unix systems, allowing you to serve files and printers to Windows, NT, OS/2 and DOS clients. This protocol is sometimes also referred to as the LanManag...
Samba 2.0.7 - SWAT Symlink (2)
Samba 2.0.7 - SWAT Symlink 2 source: https://www.securityfocus.com/bid/1872/info The Samba software suite is a collection of programs that implements the SMB protocol for unix systems, allowing you to serve files and printers to Windows, NT, OS/2 and DOS clients. This protocol is sometimes also...
Samba 2.0.7 SWAT vulnerabilities
the original writeup can be found at http://www.uberhax0r.net/miah/swat along with all the code mentioned in this advisory The program swat included in the samba distribution allows username and password bruteforcing. An attacker can easily generate userlists and then bruteforce their passwords...
I-gear 3.5.x for Microsoft Proxy logging vulnerability + temporary fix.
Hello everyone, this message is generated after several hours with Symantec Tech support and my personal research of the issue. The issue is confirmed to be a problem by Symantec® . Platform: I-gear 3.5.6 and 3.5.7-x for MSP Proxy 2.0 ; Windows NT 4.0 SP6; MSP 2.0 SP1; PowerEdge 2300 dual 450; 51...
CVE-2000-0857
The logging capability in muh 2.05d IRC server does not properly cleanse user-injected format strings, which allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed nickname...
[SECURITY] New version of curl fixes buffer overflow
Package : curl and curl-ssl Problem type : remote exploit Debian-specific: no The version of curl as distributed with Debian GNU/Linux 2.2 had a bug in the error logging code: when it created an error message it failed to check the size of the buffer allocated for storing the message. This could ...
cURL 6.1 7.4 - Remote Buffer Overflow (2)
cURL 6.1 7.4 - Remote Buffer Overflow 2 source: https://www.securityfocus.com/bid/1804/info Curl is an open-source utility for sending or receiving files using URL syntax. A vulnerability exists in the version of curl included with Debian GNU/Linux 2.2 and FreeBSD prior to 4.2 release. Note that...
[SECURITY] New version of curl fixes buffer overflow
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman October 13, 2000 - ------------------------------------------------------------------------ Package : curl and curl-ssl Problem...
[SECURITY] New version of curl fixes buffer overflow (update)
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman October 14, 2000 - ------------------------------------------------------------------------ Package : curl and curl-ssl Problem...
@stake Advisory: PHP3/PHP4 Logging Format String Vulnerability (A 101200-1)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 We contacted the PHP team on 10/3/2000 concerning this problem. We wanted to hold off releasing our advisory until a fix was available for PHP3 since some users may not be able to easily upgrade to PHP4. Fixes for PHP3 and PHP4 are now available. We a...
cURL 6.1 7.4 - Remote Buffer Overflow (1)
cURL 6.1 7.4 - Remote Buffer Overflow 1 source: https://www.securityfocus.com/bid/1804/info Curl is an open-source utility for sending or receiving files using URL syntax. A vulnerability exists in the version of curl included with Debian GNU/Linux 2.2 and FreeBSD prior to 4.2 release. Note that...
PHP 3.0/4.0 - Error Logging Format String
// source: https://www.securityfocus.com/bid/1786/info PHP is a scripting language designed for CGI applications that is used on many websites. There exists a remotely exploitable format string vulnerability in all versions of PHP below PHP 4.0.3. The vulnerability exists in the code that handles...
PHP remote format string vulnerabilities
OVERVIEW PHP is a commonly used HTML-embedded scripting language. Format string vulnerabilities exist in the error logging routines of PHP versions 3 and 4, allowing remote users to execute arbitrary code under the web server's user id. A web server having PHP installed and one or more PHP script...
PHP 3.04.0 - Error Logging Format String
PHP 3.04.0 - Error Logging Format String // source: https://www.securityfocus.com/bid/1786/info PHP is a scripting language designed for CGI applications that is used on many websites. There exists a remotely exploitable format string vulnerability in all versions of PHP below PHP 4.0.3. The...
Format strings: bug #2: LPRng
Hi, SUMMARY ------- LPRng is almost certainly vulnerable to remote-root compromise on account of a format string bug. The flaw is almost identical to the rpc.statd one I found; namely a faulty syslog wrapper. This is becoming a very common flaw. Details ------- Here is a code excerpt from:...
IP Fragmentation Denial-of-Service Vulnerability in FireWall-1
Overview A large stream of IP traffic can monopolize the CPU of a Check Point FireWall-1 firewall, resulting in a denial-of-service condition. Description A denial-of-service vulnerability has been discovered in the FireWall-1 product from Check Point Software Technologies. Check Point has tested...
klogd-linux.txt
OVERVIEW Kernel logging daemon klogd in the sysklogd package for Linux contains a "format bug" making it vulnerable to local root compromise successfully tested on Linux/x86. There's also a possibility for remote vulnerability under certain rather unprobable circumstances and a more probable...
klogd format bug
OVERVIEW Kernel logging daemon klogd in the sysklogd package for Linux contains a "format bug" making it vulnerable to local root compromise successfully tested on Linux/x86. There's also a possibility for remote vulnerability under certain rather unprobable circumstances and a more probable...
format string bug in muh
Hi, muh is an IRC bouncer, a program that will allow you to use any host you have a shell on as a relay between you and IRC. Moreover, muh stays connected when you are not, and can log any message you receive. The muh official homepage is : http://mind.riot.org/muh/. The latest version, 2.05d and...
cpmdaemon.txt
/ ---------------------------------- cpmdaemon password changer script ---------------------------------- This is a s0d advisory ... Wellcome to our world. You can find this advisory on www.s0d.org on the advisories section. Author: + Enrique Alfonso Sanchez Montellano El Nahual Shouts: + 0x90,...