Tcpdump 3.8.x (ldp_print) Infinite Loop Denial of Service Exploit

Exploit for linux platform in category dos / poc ================================================================= Tcpdump 3.8.x ldpprint Infinite Loop Denial of Service Exploit ================================================================= / tcpdump3.8.x: LDP ldpprint infinite loop DOS. by:...

Gaim vulnerable to malformed SNAC packet infinite processing loop

Overview Gaim contains a flaw in the processing of certain packets that may cause a denial of service. Description From the Gaim project:Gaim is a multi-protocol instant messaging IM client for Linux, BSD, MacOS X, and Windows. It is compatible with AIM and ICQ Oscar protocol, MSN Messenger,...

Squid fails to parse empty access control lists correctly

Overview The Squid web proxy cache may fail to handle empty Access Control Lists ACLs in the intended manner. Description Squid functions as a web proxy and cache application for a number of protocols. However, Squid Access Control List ACL routines may not parse an empty list as intended. An emp...

[SA14131] Claroline Add Course Script Insertion Vulnerability

TITLE: Claroline Add Course Script Insertion Vulnerability SECUNIA ADVISORY ID: SA14131 VERIFY ADVISORY: http://secunia.com/advisories/14131/ CRITICAL: Less critical IMPACT: Cross Site Scripting WHERE: From remote SOFTWARE: Claroline 1.x http://secunia.com/product/4607/ DESCRIPTION: Yiannis Girod...

Squid fails to properly handle oversized reply headers

Overview The Squid web proxy cache may be vulnerable to oversized HTTP reply headers. Description Squid functions as a web proxy and cache application for a number of protocols, including the hypertext transfer protocol HTTP. A defect in the Squid HTTP handling prevents oversized reply headers...

AWStats 6.0 6.2 - configdir Remote Command Execution (C)

AWStats 6.0 6.2 - configdir Remote Command Execution C / AwStats exploit by Thunder, [email protected] This exploit makes use of the remote command execution bug discovered in AwStats ver 6.2 and below. The bug resides in the awstats.pl perl script. The script does not sanitise correctly the us...

AWStats 6.0 < 6.2 - 'configdir' Remote Command Execution

/ AwStats exploit by Thunder, [email protected] This exploit makes use of the remote command execution bug discovered in AwStats ver 6.2 and below. The bug resides in the awstats.pl perl script. The script does not sanitise correctly the user input for the configdir parameter. If the users send...

Adobe Acrobat Reader for UNIX contains a buffer overflow in mailListIsPdf()

Overview A buffer overflow in Adobe Acrobat Reader for UNIX could allow a remote attacker to execute arbitrary code. Description Adobe Acrobat Reader is an application that allows users to view PDF Portable Document Format files. Acrobat Reader for UNIX Linux, Sun Solaris SPARC, IBM AIX, or HP-UX...

ss11012005.txt

/ / / \ / / / / / \ \ \ \ / / / / / \ / / // / / / / / / / / / // // / / / // / / / / // , / // / /// // //// // ,/ // / // \ / / / // / / // / /// , / // Ref: SS11012005 SYSTEMSECURE.ORG - Advisory/Exploit PUBLIC ADVISORY Software: MPM Guestbook Pro 1.05 maybe all versions Link:...

IBM DB2 to_char and to_date Denial Of Service (#NISR05012005G)

NGSSoftware Insight Security Research Advisory Name: IBM DB2 tochar and todate Denial Of Service Systems Affected: DB2 8.1 Severity: High risk from local Vendor URL: http://www.ibm.com/ Author: Chris Anley chris at ngssoftware.com Relates to: http://www.ngssoftware.com/advisories/db2-02.txt Date ...

IBM DB2 call buffer overflow (#NISR05012005C)

NGSSoftware Insight Security Research Advisory Name: IBM DB2 call buffer overflow Systems Affected: DB2 8.1/7.x Severity: High risk from remote Vendor URL: http://www.ibm.com/ Author: David Litchfield david at ngssoftware.com Relates to: http://www.nextgenss.com/advisories/db2-02.txt Date of Publ...

IBM DB2 XML functions overflows (#NISR05012005H)

NGSSoftware Insight Security Research Advisory Name: IBM DB2 XML functions overflows Systems Affected: DB2 8.1 Severity: High risk from remote Vendor URL: http://www.ibm.com/ Author: David Litchfield david at ngssoftware.com Relates to: http://www.nextgenss.com/advisories/db2-02.txt Date of Publi...

Microsoft Windows - NetDDE Remote Buffer Overflow (MS04-031)

/ HOD-ms04031-netdde-expl.c: 2004-12-30: PUBLIC v.0.2 Copyright c 2004 houseofdabus. MS04-031 NetDDE buffer overflow vulnerability PoC .:: houseofdabus ::. special unstable version --------------------------------------------------------------------- Description: A remote code execution...

Oracle wrapped procedure overflow (#NISR2122004J)

NGSSoftware Insight Security Research Advisory Name: Oracle 10g/9i wrapped procedure buffer overflow Systems Affected: Oracle 10g/9i on all operating systems Severity: High risk Vendor URL: http://www.oracle.com/ Author: David Litchfield davidl at ngssoftware.com Relates to:...

Oracle TNS Listener DoS (#NISR2122004F)

NGSSoftware Insight Security Research Advisory Name: Oracle 10g TNS Listener DoS Systems Affected: Oracle 10g on all operating systems Severity: High risk on high availability systems else low Vendor URL: http://www.oracle.com/ Author: David Litchfield davidl at ngssoftware.com Relates to:...

IBM DB2 rec2xml buffer overflow vulnerability (#NISR2122004J)

NGSSoftware Insight Security Research Advisory Name: IBM DB2 rec2xml buffer overflow Systems Affected: DB2 8.1/7.x Severity: High risk Vendor URL: http://www.ibm.com/ Author: David Litchfield mark at ngssoftware.com Relates to: http://www.nextgenss.com/advisories/db2-01.txt Date of Public Advisor...

Oracle ISQLPlus file access vulnerability (#NISR2122004E)

NGSSoftware Insight Security Research Advisory Name: Oracle ISQLPlus load.uix file access Systems Affected: Oracle 10g AS on all operating systems Severity: Medium Vendor URL: http://www.oracle.com/ Author: David Litchfield davidl at ngssoftware.com Relates to:...

AIX 5.1/5.2/5.3 local root exploits

hi, i found some local security holes in IBM's AIX versions 5.1, 5.2 and 5.3 unix for IBM RS/6000 powerpc. 1 the first is a bug in all setuid diag related tools that use an environment variable as a prefix to an external binary executed as root. 2 the second is a classical stack overflow in a too...

[SA13408] Squid Malformed Host Name Error Message Information Leakage

TITLE: Squid Malformed Host Name Error Message Information Leakage SECUNIA ADVISORY ID: SA13408 VERIFY ADVISORY: http://secunia.com/advisories/13408/ CRITICAL: Less critical IMPACT: Exposure of system information, Exposure of sensitive information WHERE: From remote SOFTWARE: Squid 2.x...

Mandrake Linux Security Advisory : XFree86 (MDKSA-2004:138)

The XPM library which is part of the XFree86/XOrg project is used by several GUI applications to process XPM image files. A source code review of the XPM library, done by Thomas Biege of the SuSE Security-Team revealed several different kinds of bugs. These bugs include integer overflows,...