CVE-2005-0644

Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4436 allows remote attackers to execute arbitrary code via a malformed LHA file with a type 2 header file name field, a variant of CVE-2005-0643...

CVE-2005-0643

CVE-2005-0643 (and related CVEs) describe a buffer overflow in McAfee Scan Engine 4320 when parsing LHA archives. The vulnerability is triggered by crafted LHA files; DAT versions before 4357 (CVE-2005-0643) and before 4436 (CVE-2005-0644) are affected. Exploitation can lead to remote code execut...

CVE-2005-0643

Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to execute arbitrary code via crafted LHA files...

EUVD-2005-0644

Buffer overflow in McAfee Scan Engine 4320 with DAT version before 4357 allows remote attackers to execute arbitrary code via crafted LHA files...

[NT] Magic Winmail Server's Multiple Vulnerabilities

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

MDKSA-2005:057 - Updated gnupg packages fix vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandrakelinux Security Update Advisory Package name: gnupg Advisory ID: MDKSA-2005:057 Date: March 15th, 2005 Affected versions: 10.0, 10.1, 9.2, Corporate 3.0, Corporate Server 2.1 Problem Description: The OpenPGP protocol is vulnerable to a...

Mandrake Linux Security Advisory : gnupg (MDKSA-2005:057)

The OpenPGP protocol is vulnerable to a timing-attack in order to gain plain text from cipher text. The timing difference appears as a side effect of the so-called 'quick scan' and is only exploitable on systems that accept an arbitrary amount of cipher text for automatic decryption. The updated...

CVE-2004-1631

Technical details about CVE-2004-1631 are not publicly available in the provided documents; no affected products, versions, impact, or fixes are described here. Monitor for updates.

SOCKS4 Server Recursive Connection Remote DoS

It is possible to connect to the SOCKS4 server through itself. An attacker can leverage this issue to saturate the host's CPU, memory or file descriptors. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid17155; scriptversion "1.12"; scriptnameenglish:"SOCKS4 Server...

CVE-2004-1473

Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP...

CVE-2004-1472

Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service device freeze via a fast UDP port scan on the WAN interface...

CVE-2004-1473

CVE-2004-1473 affects Symantec Enterprise Firewall/VPN Appliances (models 100, 200, 200R) and Gateway Security devices (320, 360, 360R) with firmware versions before 1.63 (or 622 respectively). The issue allows remote attackers to bypass filtering and determine if services such as tftpd, snmpd, o...

CVE-1999-1373

FORE PowerHub before 5.0.1 allows remote attackers to cause a denial of service hang via a TCP SYN scan with TCP/IP OS fingerprinting, e.g. via nmap...

CVE-2004-1473

Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 and Gateway Security 320, 360, and 360R running firmware before 622 allow remote attackers to bypass filtering and determine whether the device is running services such as tftpd, snmpd, or isakmp via a UDP...

CVE-2004-2377

Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service reboot via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled...

CVE-2004-1472

Symantec Enterprise Firewall/VPN Appliances 100, 200, and 200R running firmware before 1.63 allow remote attackers to cause a denial of service device freeze via a fast UDP port scan on the WAN interface...

GFHost.pl

GFHost explo Spawn bash style Shell with webserver uid Greetz SPAX, foxtwo, Zone-H This Script is currently under development use strict; use IO::Socket; my $host; my $port; my $command; my $url; my @results; my $probe; my @U; $U1 =...

Web Server SSL Port HTTP Traffic Detection

Nessus has discovered that it is talking in plain HTTP on an SSL port. Nessus has corrected this issue by enabling HTTPS for this port only. However, if other SSL ports are used on the remote host, they might be skipped. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

OpenWFE 1.4.x - Cross-Site Scripting / Connection Proxy

source: https://www.securityfocus.com/bid/11514/info OpenWFE is affected by a cross-site scripting and connection proxy vulnerability. These issues are due to a failure of the application to properly sanitize user-supplied input. An attacker may leverage the cross-site scripting issue to steal...

Symantec Firewall/VPN appliance vulnerable to DoS via UDP port scan

Overview A vulnerability in the Symantec Firewall/VPN appliance could allow an attacker to cause a denial-of-service condition. Description The Symantec Firewall/VPN appliance supports a number of services that utilize the UDP protocol including tftpd, snmpd, and isakmp. There is a vulnerability ...