Mandrake Linux Security Advisory : xchat (MDKSA-2002:006)

zen-parse discovered a problem in versions 1.4.2 and 1.4.3 of xchat that could allow a malicious user to send commands to the IRC server they are on which would take advantage of the CTCP PING reply handler in xchat. This could be used for denial of service, channel takeovers, and other similar...

phpping.txt

ppp-design found the following design error in php-ping: Details ------- Product: php-ping Affected Version: no version information included in the script Immune Version: latest version OS affected: all OS with php Vendor-URL: http://www.theworldsend.net/ Vendor-Status: informed, new version...

[Full-Disclosure] php-ping: Executing arbritary commands

ppp-design found the following design error in php-ping: Details ------- Product: php-ping Affected Version: no version information included in the script Immune Version: latest version OS affected: all OS with php Vendor-URL: http://www.theworldsend.net/ Vendor-Status: informed, new version...

PHP-ping - 'Count' Command Execution

source: https://www.securityfocus.com/bid/9309/info It has been reported that php-ping may be prone to a remote command execution vulnerability that may allow remote attackers to execute commands on vulnerable systems. The problem exists due to insufficient sanitization of shell metacharacters vi...

PHP-ping - Count Command Execution

PHP-ping - Count Command Execution source: https://www.securityfocus.com/bid/9309/info It has been reported that php-ping may be prone to a remote command execution vulnerability that may allow remote attackers to execute commands on vulnerable systems. The problem exists due to insufficient...

PHP-Ping php-ping.php count Parameter Arbitrary Command Execution

The remote host appears to be running 'php-ping.php' from TheWorldsEnd.NET. The remote version of this script does not properly sanitize the 'count' parameter and allows attackers to execute arbitrary commands or read arbitrary files on the remote host subject to the privileges of the web server...

TCP/IP Ping of Death Remote DoS (jolt)

The remote host crashed when pinged with an incorrectly fragmented packet. This is known as the 'jolt' or 'ping of death' denial of service attack. A remote attacker could exploit this to repeatedly crash this server. C Tenable Network Security, Inc. include"compat.inc"; if description...

CVE-2003-0677

Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service CPU consumption or reboot via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure."...

Cisco CSS 11000 Series DoS

ID: S21SEC-025-en Title: Cisco CSS 11000 Series DoS Date: 04/07/2003 Status: Solution available Scope: Interruption of service, high CPU load. Platforms: All/Chassis CS800. Author: ecruz, egarcia, jandre Location: http://www.s21sec.com/en/avisos/s21sec-025-en.txt Release: External S 2 1 S E C...

buffalo AirStation G54 - (WBR-G54 ) DoS

Hellow! I found bad bug/owerflow for buffalo g54 airstions: here my simple tests: schem of tests: I used 2 broadband routers Airstation WBR-g54 first named: g54-01, second - g54-02 both broadband routers set to pear-to-pear connection mode not point- multipoint atacker...

CVE-2002-0006

Vulnerability summary (CVE-2002-0006) : XChat versions 1.8.7 and earlier (including default configurations of 1.4.2 and 1.4.3) are vulnerable. A remote attacker can execute arbitrary IRC commands as another client by sending specially encoded characters in a PRIVMSG that calls CTCP PING, which ca...

SCSA009.txt

Security Corporation Security Advisory SCSA-009 PROGRAM: PHP Ping HOMEPAGE: http://www.phpapps.org/ VULNERABLE VERSIONS: v0.1 and prior DESCRIPTION PHP ping "will allow you, provided that your server turns under Windows, to realize a "ping" on the host of your choice." direct quote from PHP Ping...

[SCSA-009] Remote Command Execution Vulnerability in PHP Ping

Security Corporation Security Advisory SCSA-009 PROGRAM: PHP Ping HOMEPAGE: http://www.phpapps.org/ VULNERABLE VERSIONS: v0.1 and prior DESCRIPTION PHP ping "will allow you, provided that your server turns under Windows, to realize a "ping" on the host of your choice." direct quote from PHP Ping...

PHP-Ping index.php pingto Parameter Arbitrary Code Execution

It is possible to make the remote host execute arbitrary DOS commands using the CGI phpping. An attacker may use this flaw to gain a shell with the privileges of the web server. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Ref: Message-ID: From: "Gregory Le Bras | Security Corporation" To...

CVE-2002-2156

Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response...

networking_utils.php

Title: The bug in networkingutils.php http://www.sourcecraft.org/downloads networkingutilsPHP Show Files Vulnerability Summary: networkingutils.php Includes a ping function, a traceroute function, and an nslookup function. Vulnerable systems: networkingutils networkingutils.php of the...

PHP.networking_utils

Title: The bug in networkingutils.php http://www.sourcecraft.org/downloads networkingutilsPHP Show Files Vulnerability Summary: networkingutils.php Includes a ping function, a traceroute function, and an nslookup function. Vulnerable systems: networkingutils networkingutils.php of the...

HP Tru64 UNIX "ping" contains locally exploitable vulnerability (SSRT2229)

Overview The HP Tru64 UNIX implementation of "ping" contains a locally exploitable vulnerability. Description "ping" is used to send ICMP echo requests to other hosts on the Internet. A locally exploitable vulnerability in "ping" may permit a local attacker to perform a denial-of-service attack o...

CVE-2000-1214

Buffer overflows in the 1 outpack or 2 buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges...

CVE-2000-1213

ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges...