Cisco IOS - 'cisco-bug-44020.c' IPv4 Packet Denial of Service

// / cisco-bug-44020.c - Copyright by Martin Kluge [email protected] / / / / Feel free to modify this code as you like, as long as you include / / the above copyright statement. / / / / Please use this code only to check your OWN cisco routers. / / / / / / This exploit uses the bug in recent IOS...

Sendmail < 8.12.1 RestrictQueueRun Option Multiple Argument Local DoS

The remote Sendmail server, according to its version number, might be vulnerable to a queue destruction when a local user runs sendmail -q -h1000 If your system does not allow users to process the queue which is the default, you are not vulnerable. Note that this vulnerability is local only. C...

CVE-2002-0794

The acceptfilter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service network service availability via a large number of connection attempts, which fills the queue...

CVE-2002-0235

Castelle FaxPress, possibly 6.3 and other versions, when configured to use the Network print queue, allows attackers to obtain the username and password by submitting an incorrect login, which causes Faxpress to leak the correct username and password in plaintext in an error event...

CVE-2002-0235

Castelle FaxPress (likely v6.3 and other versions) is affected when configured to use the Network print queue. An incorrect login can cause FaxPress to leak the correct username and password in plaintext in an error event. This may impact confidentiality and integrity (PARTIAL) and could affect a...

CVE-2002-0235

Castelle FaxPress, possibly 6.3 and other versions, when configured to use the Network print queue, allows attackers to obtain the username and password by submitting an incorrect login, which causes Faxpress to leak the correct username and password in plaintext in an error event...

Castelle Faxpress: Password used for NT Print queue can be discl osed in Plain Text

Overview I have reported this to Castelle and they told me it is a feature for troubleshooting, however they will make the change the next time they release the Faxpress Software. I just thought that other admins should be made aware so they can check their systems are secured correctly. Printing...

CVE-2001-0715

Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode...

CVE-2001-0714

Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service data loss by 1 setting a high initial message hop count option -h, which causes Sendmail to drop queue entries, 2 via the -qR option, or 3 via the -qS option...

CVE-2001-0715

Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to obtain potentially sensitive information about the mail queue by setting debugging flags to enable debug mode...

CVE-2001-0715

CVE-2001-0715 affects Sendmail up to version 8.12.0/8.12.x prior to 8.12.1. The flaw allows a local user to disclose sensitive information about the mail queue by enabling debug flags (-d) when RestrictQueueRun is not enabled. The OpenVAS/Nessus entries confirm the vulnerability is a local inform...

CVE-2001-0670

Buffer overflow in BSD line printer daemon in.lpd or lpd in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue...

CVE-2001-0406

Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using 1 a printer queue query, 2 the more command in smbclient, or 3 the mput command in smbclient...

CVE-1999-0337

AIX batch queue bsh allows local and remote users to gain additional privileges when network printing is enabled...

CVE-1999-0337

The connected records describe CVE-1999-0337 as a vulnerability in IBM AIX’s batch queue (bsh) where network printing enabled allows local and remote users to gain additional privileges. The Red Hat and NVD entries repeat the same effect; no concrete root-cause, affected version ranges, or patch/...

ATT_DoS.txt

Subject: DoS attack on AT&T Wireless text-messaging service To: [email protected] Recently, I've had the misfortune of having an automated process at work that reports errors to my PCS phone via email, [email protected] go haywire, and send me a hundred or so messages a day. Even...

LPRng.txt

Subject: Security problem with LPRng To: [email protected] Hi all, During some recent work I've been doing with LPRng, I found that is is possible on a default LPRng installation to control the print queues on the LPRng server. Most default installations allow the root user at the localhost to...

qmail-DoS.txt

Date: Mon, 4 Jan 1999 00:04:09 -0500 From: Wietse Venema To: [email protected] Subject: Anonymous Qmail Denial of Service In recent postings, Daniel Bernstein expands on the insecurity of the Postfix world-writable directory for local mail submission. Of all the attacks possible with such a...

sendmail.8.9.1.DoS.txt

Date: Thu, 1 Apr 1999 14:00:16 +0000 From: Lukasz Luzar To: [email protected] Subject: Possible local DoS in sendmail Hi, It seems that sendmail ran with -t option does NOT block SIGINT ... In that moment while we are sending data to its stdin, when we will press CTRL-C process is being killed...

Debian 2.1 - Print Queue Control

Debian 2.1 - Print Queue Control // source: https://www.securityfocus.com/bid/508/info The LPRng software is an enhanced, extended, and portable version of the Berkeley LPR software the standard UNIX printer spooler that ships with Debian GNU/Linux. When root controls the print queue, the...