PT-2006-5361 · Wireshark +1 · Wireshark +1

Name of the Vulnerable Software and Affected Versions: Wireshark versions 0.10.1 through 0.99.3 Description: The issue is related to an off-by-one error in the MIME Multipart dissector, which allows remote attackers to cause a denial of service crash via certain vectors that trigger an assertion...

PHPmybibli 3.0.1 - Multiple Remote File Inclusions

\ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV55$2006 ----------------------------------------------------------------------------------------------- ECHOADV55$2006Phpmybibli =2.1 Multiple Remote File Inclusion Vulnerability...

PHPmybibli 3.0.1 - Multiple Remote File Inclusions

PHPmybibli 3.0.1 - Multiple Remote File Inclusions \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / | \ / / \ /| /\ / / / / / .OR.ID ECHOADV55$2006 ----------------------------------------------------------------------------------------------- ECHOADV55$2006Phpmybibli =2.1 Multiple Remote File...

Debian DSA-1049-1 : ethereal - several vulnerabilities

Gerald Combs reported several vulnerabilities in ethereal, a popular network traffic analyser. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2006-1932 The OID printing routine is susceptible to an off-by-one error. - CVE-2006-1933 The UMA and BER...

Debian DSA-919-2 : curl - buffer overflow

The upstream developer of curl, a multi-protocol file transfer library, informed us that the former correction to several off-by-one errors are not sufficient. For completeness please find the original bug description below : Several problems were discovered in libcurl, a multi-protocol file...

security flaw

Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark formerly Ethereal 0.99.2 allow remote attackers to cause a denial of service crash via unspecified vectors...

GLSA-200608-26 : Wireshark: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200608-26 Wireshark: Multiple vulnerabilities The following vulnerabilities have been discovered in Wireshark. Firstly, if the IPsec ESP parser is used it is susceptible to off-by-one errors, this parser is disabled by default;...

modrewritepoc.txt

Public release date of POC/Exploit: 2006-08-20 Author: Jacobo Avariento Gimeno CVE id: CVE-2006-3747 Bugtraq id: 19204 CERT advisory: VU395412 Severity: high Introduction ---- On July 28 2006 Mark Dowd McAfee Avert Labs reported a vulnerability found in modrewrite apache module to the bugtraq...

CVE-2006-4331

Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark formerly Ethereal 0.99.2 allow remote attackers to cause a denial of service crash via unspecified vectors...

DEBIAN-CVE-2006-4331

Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark formerly Ethereal 0.99.2 allow remote attackers to cause a denial of service crash via unspecified vectors...

CVE-2006-4331

Affected software: Wireshark (formerly Ethereal). Vulnerability: off-by-one in the IPsec ESP decryption preference parser (CVE-2006-4331) that can cause a remote denial of service (crash). Impact/scope: described as a remote crash when parsing malformed packets; listed for Ethereal/Wireshark 0.99...

CVE-2006-4331

Multiple off-by-one errors in the IPSec ESP preference parser in Wireshark formerly Ethereal 0.99.2 allow remote attackers to cause a denial of service crash via unspecified vectors...

Multiple Wireshark (Ethereal) sniffer security vulnerabilities

Multiple DoS conditions IPSec ESP dissector off-by-one overflow...

Apache 1.3.372.0.592.2.3 mod_rewrite - Remote Overflow

Apache 1.3.372.0.592.2.3 modrewrite - Remote Overflow !/bin/sh Exploit for Apache modrewrite off-by-one. Vulnerability discovered by Mark Dowd. CVE-2006-3747 by jack 2006-08-20 Thx to xuso for help me with the shellcode. I suppose that you've the "RewriteRule kung/. $1" rule if not you must...

POC & exploit for Apache mod_rewrite off-by-one

Public release date of POC/Exploit: 2006-08-20 Author: Jacobo Avariento Gimeno CVE id: CVE-2006-3747 Bugtraq id: 19204 CERT advisory: VU395412 Severity: high Introduction ---- On July 28 2006 Mark Dowd McAfee Avert Labs reported a vulnerability found in modrewrite apache module to the bugtraq...

Apache < 1.3.37 2.0.59 2.2.3 (mod_rewrite) Remote Overflow PoC

No description provided by source. !/bin/sh Exploit for Apache modrewrite off-by-one. Vulnerability discovered by Mark Dowd. CVE-2006-3747 by jack jack\x40gulcas\x2Eorg 2006-08-20 Thx to xuso for help me with the shellcode. I suppose that you've the "RewriteRule kung/. $1" rule if not you must...

Apache < 1.3.37/2.0.59/2.2.3 mod_rewrite - Remote Overflow

!/bin/sh Exploit for Apache modrewrite off-by-one. Vulnerability discovered by Mark Dowd. CVE-2006-3747 by jack 2006-08-20 Thx to xuso for help me with the shellcode. I suppose that you've the "RewriteRule kung/. $1" rule if not you must recalculate adressess. Shellcode is based on Taeho Oh...

Apache < 1.3.37, 2.0.59, 2.2.3 (mod_rewrite) Remote Overflow PoC

Exploit for multiple platform in category dos / poc ================================================================ Apache 2006-08-20 Thx to xuso for help me with the shellcode. I suppose that you've the "RewriteRule kung/. $1" rule if not you must recalculate adressess. Shellcode is based on...

sendcard_340_xpl.txt

!/usr/bin/php -q -d shortopentag=on php injection\n"; echo " works against magicquotesgpc=Off\n"; echo " 2 - arbitrary remote inclusion\n"; echo " works against allowurlfopen=On\n"; echo " 3 - arbitrary local inclusion\n"; echo " works regardless of php.ini settings\n"; echo " and if you succeed ...

security flaw

Multiple off-by-one errors in Wireshark aka Ethereal 0.9.7 to 0.99.0 have unknown impact and remote attack vectors via the 1 NCP NMAS and 2 NDPS dissectors...