Microsoft Windows Server 2000 SP4 (Advanced Server) - Message Queue (MS07-065)

Microsoft Windows Server 2000 SP4 Advanced Server - Message Queue MS07-065 merry christmas Sysadmins Microsoft Message Queue POC exploit MS07-065 Mario Ballano - mballanogmail.com - http://www.48bits.com Andres Tarasco - atarascogmail.com - http://www.tarasco.org Original Advisory:...

Microsoft Windows Server 2000 SP4 (Advanced Server) - Message Queue (MS07-065)

merry christmas Sysadmins Microsoft Message Queue POC exploit MS07-065 Mario Ballano - mballanogmail.com - http://www.48bits.com Andres Tarasco - atarascogmail.com - http://www.tarasco.org Original Advisory: http://www.zerodayinitiative.com/advisories/ZDI-07-076.html Microsoft Bulletin :...

openSUSE 10 Security Update : sendmail (sendmail-1607)

Specially crafted MIME messages can crash sendmail and block queue processing. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update sendmail-1607. The text description of this plugin is C SUSE LLC...

Microsoft IE 脚本错误处理内存破坏漏洞（MS07-057）

BUGTRAQ ID: 25916 CVECAN ID: CVE-2007-3893 Internet Explorer是微软的操作系统中所捆绑的WEB浏览器。 IE在处理文件下载队列时存在漏洞，恶意网站可能利用此漏洞控制用户系统。 在处理文件下载队列时，如果Internet Explorer处理了多个并行的启动文件下载尝试，就可能导致内存破坏，使用已经释放的对象。攻击者可以通过构建特制的网页来利用该漏洞。如果用户查看网页，该漏洞可能允许远程执行指令。 Microsoft Internet Explorer 7.0 Microsoft Internet Explorer 6.0 SP1...

Symantec Mail Security for SMTP libdayzero.dll Executable Parsing DoS

Symantec Mail Security for SMTP, which provides antispam and antivirus protection for the IIS SMTP Service, is installed on the remote Windows host. The version of Symantec Mail Security for SMTP installed on the remote host contains boundary errors in its detection of executable packers in...

Low: sendmail security and bug fix update

8.13.1-3.2.el4 - fixed infinite loop within tls read by enabling FFRDEALWITHERRORSSL Resolves: rhbz121850 - fixed incorrect path to selinuxenabled in initscript Resolves: rhbz152282 - removed rpm build artifacts from sendmail-cf package Resolves: rhbz152955 - fixed missing socketmap support...

Low: Red Hat Security Advisory: sendmail security and bug fix update

Updated sendmail packages that fix a security issue and various bugs are now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team. Sendmail is a very widely used Mail Transport Agent MTA. MTAs deliver mail from on...

security flaw

smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service memory and CPU exhaustion by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop...

SUSE-SA:2006:032: sendmail

The remote host is missing the patch for the advisory SUSE-SA:2006:032 sendmail. The Mail Transfer Agent sendmail has a remote exploitable problem, where a specially crafted MIME messages can crash sendmail and block queue processing. This issue is tracked by the Mitre CVE ID CVE-2006-1173 and CE...

security flaw

smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service memory and CPU exhaustion by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop...

DEBIAN-CVE-2007-0452

smbd in Samba 3.0.6 through 3.0.23d allows remote authenticated users to cause a denial of service memory and CPU exhaustion by renaming a file in a way that prevents a request from being removed from the deferred open queue, which triggers an infinite loop...

GLSA-200701-22 : Squid: Multiple Denial of Service vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200701-22 Squid: Multiple Denial of Service vulnerabilities Squid fails to correctly handle ftp:// URI's. There is also an error in the externalacl queue which can cause an infinite looping condition. Impact : An attacker could...

CVE-2007-0315

Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors related to 1 Options.cpp when storing settings in the registry, and 2 the transfer queue QueueCtrl.cpp. NOTE: some of these...

CVE-2007-0315

Multiple buffer overflows in FileZilla before 2.2.30a allow remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors related to 1 Options.cpp when storing settings in the registry, and 2 the transfer queue QueueCtrl.cpp. NOTE: some of these...

Fedora Core 4 : sendmail-8.13.7-2.fc4.1 (2006-836)

Tue Jul 18 2006 Thomas Woerner 8.13.7-2.fc4.1 - using new syntax for access database 177566 - fixed failure message while shutting down sm-client 119429 resolution: stop sm-client before sendmail - fixed method to specify persistent queue runners 126760 - removed patch backup files from...

Solaris 8 (i386) : 119135-14

The remote host is missing Sun Security Patch number 119135-14 Message Queue 3.6x86 Service Pack 4 Patch 9 Solaris: C-API only. Date this patch was last updated by Sun : Tue Aug 12 05:59:17 MDT 2008 You should install this patch for your system to be up-to-date. %NASLMINLEVEL 999999 @DEPRECATED@...

Fedora Core 5 : sendmail-8.13.7-2.fc5.1 (2006-837)

Tue Jul 18 2006 Thomas Woerner 8.13.7-2.fc5.1 - using new syntax for access database 177566 - fixed failure message while shutting down sm-client 119429 resolution: stop sm-client before sendmail - fixed method to specify persistent queue runners 126760 - removed patch backup files from...

DEBIAN-CVE-2007-0248

The aclMatchExternal function in Squid before 2.6.STABLE7 allows remote attackers to cause a denial of service crash by causing an externalacl queue overload, which triggers an infinite loop...

Microsoft PGM远程缓冲区溢出漏洞（MS06-052）

PGM是一个可靠且可伸缩的多播协议，允许接收方检测丢失、请求重新传输丢失的数据或者通知应用程序无法恢复的丢失情形。 Microsoft在处理PGM消息时存在缓冲区溢出漏洞，远程攻击者可能利用此漏洞在服务器上执行任意指令。 如果攻击者发送了特制的多播消息的话，就可能触发这个漏洞，导致执行任意指令。但成功攻击要求系统安装了MSMQ（Microsoft消息队列）服务，而该服务不是默认安装的。 Microsoft Windows XP SP2 Microsoft Windows XP SP1 厂商补丁： Microsoft ---------...

CVE-2006-5372

Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10 up to 11.5.10CU2 have unknown impact and remote authenticated attack vectors, aka Vuln 1 APPS11 for Oracle Universal Work Queue and 2 APPS12 for Oracle Application Object Library...