894 matches found
[SECURITY] New version of cvsweb released
Package: cvsweb Vulnerability type: remote shell Debian-specific: no The versions of cvsweb distributed in Debian GNU/Linux 2.1 aka slink as well as in the frozen potato and unstable woody distributions, are vulnerable to a remote shell exploit. An attacker with write access to the cvs repository...
[SECURITY] New version of cvsweb released
------------------------------------------------------------------------ Debian Security Advisory [email protected] http://www.debian.org/security/ Wichert Akkerman July 16, 2000 - ------------------------------------------------------------------------ Package: cvsweb Vulnerability type:...
Remote xploit for MDBMS
/ MDBMS V0.96b6 remote shell xploit 11/05/2000 |TDP| [email protected] - HaCk-13 TeaM This code shows a MDBMS v0.96b6 vulnerability in which, any remote user can exec a shell. MDBMS daemon used to be ran as root user; exposing the system to serious vulnerability risks, because any attacker can obtai...
Qpopper 2.53 remote problem, user can gain gid=mail
b u f f e r 0 v e r f l 0 w s e c u r i t y a d v i s o r y 5 Advisory Name: Remote shell via Qpopper2.53 Date: 5/23/00 Application: Qpopper 2.53 for NIX Vendor: Qualcomm Incorporated WWW: www.qualcomm.com Severity: can give users remote shell with gid=mail. Author: prizm [email protected]...
b0f5-Qpopper.txt
b u f f e r 0 v e r f l 0 w s e c u r i t y a d v i s o r y 5 Advisory Name: Remote shell via Qpopper2.53 Date: 5/23/00 Application: Qpopper 2.53 for NIX Vendor: Qualcomm Incorporated WWW: www.qualcomm.com Severity: can give users remote shell with gid=mail. Author: prizm [email protected]...
Sun Solaris 7.0 - rpc.ttdbserver Denial of Service
Sun Solaris 7.0 - rpc.ttdbserver Denial of Service // source: https://www.securityfocus.com/bid/811/info It is possible to crash rpc.ttdbserver by using the old tddbserver buffer overflow exploit. This problem is caused by a NULL pointer being dereferenced when rpc function 15 is called with...
interscan.txt
Date: Mon, 8 Nov 1999 01:50:26 +1300 NZDT From: dark spyrit To: [email protected] Subject: Interscan VirusWall NT 3.23/3.3 buffer overflow. A buffer overflow exists on the VirusWall smtp gateway - by sending a long HELO command you can overflow the buffer and execute arbitrary code. Example...
SDI.exploit4.proftpd.txt
From: Bugtraq List [email protected] on behalf of Thiago/c0nd0r [email protected] Sent: Wednesday, September 15, 1999 12:31 PM To: [email protected] Subject: SDI anonymous remote exploit for proftpd Hello, I've seen some discussion about the possibility of exploit the newest proft...
ipop2d.txt
Vulnerable Program: POP2 shipped with imap-4.4 package Platforms: Linux Impact: Remote users can spawn a shell with uid of user "nobody" Reported Initally: Chris Evans Exploit Code: bind Details: -------- POP-2 supports anonymous proxy service where remote users can connect to remote imap servers...
IMAP pop-2d POP Daemon FOLD Command Remote Overflow
There is a buffer overflow in the imap suite provided with Debian GNU/Linux 2.1, which has a vulnerability in its POP-2 daemon, found in the ipopd package. This vulnerability allows an attacker to gain a shell as user 'nobody', but requires the attacker to have a valid pop2 account. C Tenable...
[SECURITY] New version if ipopd prevents exploit
We have received reports that the version of the imap suite in Debian GNU/Linux 2.1 has a vulnerability in its POP-2 daemon, which can be found in the ipopd package. Using this vulnerability it is possible for remote users to get a shell as user "nobody" on the server. We recommend you upgrade yo...
[SECURITY] New version if ipopd prevents exploit
We have received reports that the version of the imap suite in Debian GNU/Linux 2.1 has a vulnerability in its POP-2 daemon, which can be found in the ipopd package. Using this vulnerability it is possible for remote users to get a shell as user "nobody" on the server. We recommend you upgrade yo...
CVE-1999-0651
The rsh/rlogin service is running...
PT-1999-1245 · Rlogin +1 · Rlogin +1
Name of the Vulnerable Software and Affected Versions: rsh/rlogin affected versions not specified Description: The issue is related to the rsh/rlogin service being active. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...