3CServer 1.1 (FTP Server) - Remote Overflow

/ subject: Proof of Concept exploit for 3CServer v1.1 FTP server vendor: 3Com, http://support.3com.com/software/utilitiesforwindows32bit.htm date: Mon Feb 7 18:10:01 2005 notes: universal offset, SEH ptr overwriting with variation author: mandragore, mandragore@[email protected] / include...

3CServer 1.1 FTP Server Remote Exploit

No description provided by source. / subject: Proof of Concept exploit for 3CServer v1.1 FTP server vendor: 3Com, http://support.3com.com/software/utilitiesforwindows32bit.htm date: Mon Feb 7 18:10:01 2005 notes: universal offset, SEH ptr overwriting with variation author: mandragore,...

USN-66-1: PHP vulnerabilities

FraMe from kernelpanik.org reported that the cURL module does not respect openbasedir restrictions. As a result, scripts which used cURL to open files with an user-specified path could read arbitrary local files outside of the openbasedir directory. Stefano Di Paola discovered a vulnerability in...

CVE-2004-2592

Quake II server before R1Q2, as used in multiple products, allows remote attackers to cause a denial of service application crash via a modified client that asks the server to send data stored at a negative array offset, which is not handled when processing Configstrings and Baselines...

CVE-2004-1955

SQL injection vulnerability in modules.php in phProfession 2.5 allows remote attackers to execute arbitrary SQL code via the offset parameter...

security flaw

Multiple integer handling errors in PHP before 4.3.10 allow attackers to bypass safe mode restrictions, cause a denial of service, or execute arbitrary code via 1 a negative offset value to the shmopwrite function, 2 an "integer overflow/underflow" in the pack function, or 3 an "integer...

PHP 4.x/5.0 Shared Memory Module - Offset Memory Corruption

source: https://www.securityfocus.com/bid/12045/info PHP shared memory module shmop is reported prone to an integer handling vulnerability. The issue exists in the PHPFUNCTIONshmopwrite function and is as a result of a lack of sufficient sanitization performed on 'offset' data. This vulnerability...

CVE-2004-0415

Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory...

CVE-2004-0415

Linux kernel does not properly convert 64-bit file offset pointers to 32 bits, which allows local users to access portions of kernel memory...

CVE-2003-0075

Integer signedness error in the myFseek function of samplein.c for Blade encoder BladeEnc 0.94.2 and earlier allows remote attackers to execute arbitrary code via a negative offset value following a "fmt" wave chunk...

Mandrake Linux Security Advisory : kernel (MDKSA-2004:087)

A race condition was discovered in the 64bit file offset handling by Paul Starzetz from iSEC. The file offset pointer fpos is changed during reading, writing, and seeking through a file in order to point to the current position of a file. The value conversion between both the 32bit and 64bit API ...

Important: Red Hat Security Advisory: kernel security update

Updated Itanium kernel packages that fix a number of security issues are now available. The Linux kernel handles the basic functions of the operating system. This kernel updates several important drivers and fixes a number of bugs including potential security vulnerabilities. Paul Starzetz...

squid -- NTLM authentication denial-of-service vulnerability

A remote attacker is able to cause a denial-of-service situation, when NTLM authentication is enabled in squid. NTLM authentication uses two functions which lack correct offset checking...

Fedora Core 1 : kernel-2.4.22-1.2199.nptl (2004-251)

Paul Starzetz discovered flaws in the Linux kernel when handling file offset pointers. These consist of invalid conversions of 64 to 32-bit file offset pointers and possible race conditions. A local unprivileged user could make use of these flaws to access large portions of kernel memory. The...

RHEL 3 : kernel (RHSA-2004:413)

Updated kernel packages that fix several security issues in Red Hat Enterprise Linux 3 are now available. The Linux kernel handles the basic functions of the operating system. Paul Starzetz discovered flaws in the Linux kernel when handling file offset pointers. These consist of invalid conversio...

RHEL 2.1 : kernel (RHSA-2004:418)

Updated kernel packages that fix potential information leaks and a incorrect driver permission for Red Hat Enterprise Linux 2.1 are now available. The Linux kernel handles the basic functions of the operating system. Paul Starzetz discovered flaws in the Linux kernel when handling file offset...

SUSE-SA:2004:024: kernel

The remote host is missing the patch for the advisory SUSE-SA:2004:024 kernel. This kernel is vulnerable to a race condition in the 64-bit file offset handling code. The file offset pointer fpos is changed during reading, writing, and seeking through a file to point to the current position in a...

CVE-2004-0657

Integer overflow in the NTP daemon NTPd before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time...

CVE-2004-0657

Integer overflow in the NTP daemon NTPd before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time...

DEBIAN-CVE-2004-0657

Integer overflow in the NTP daemon NTPd before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time...