Lucene search
K

1785 matches found

securityvulns
securityvulns
added 2000/09/26 12:0 a.m.36 views

Format strings: bug #1: BSD-lpr

Hi, INTRO ----- Welcome to a short series of security bugs, all involving mistakes with "user supplied format strings". This class of bug is very popular on Bugtraq at the moment, so what an ideal time for a few examples. BSD-lpr ------- If we look into lpr/lpd/printjob.c, we can find the followi...

Exploits0
securityvulns
securityvulns
added 2000/08/17 12:0 a.m.51 views

Microsoft refuses to fix a security bug in Windows 2000

Microsoft refuses to fix a security bug in Windows 2000 Eugene Kalinin Medical Informatics Laboratory Moscow, Russia Aug 16, 2000 Yesterday Microsoft refused to fix a security problem in Windows 2000 RPC service. The bug in RPC service allows an attacker to put a Windows 2000 server out of servic...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2000/07/04 12:0 a.m.24 views

Kerberos security vulnerability in SSH-1.2.27

I am writing to report a security bug in SSH 1.2.27. SOFTWARE AFFECTED: SSH 1.2.27 with Kerberos authentication support compiled in i.e. "configure --with-kerberos5". I have contacted SSH Communicators Security http://www.ssh.com about this, and they have just released ssh-1.2.28, which fixes thi...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2000/07/03 12:0 a.m.34 views

Linux news 3.07.00

WU-FTPD 2.6.1 Вышла новая версия популярного FTP сервера WU-FTPD - WU-FTPD 2.6.1. В данной версии появилась поддержка virtual passwd/virtual shadow как в BeroFTPD. Кроме того пофиксен серьезный security баг, благодаря которому пользователь мог получить права root-а. Также пофиксен баг с возможной...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2000/06/27 12:0 a.m.34 views

glftpd.privpath.txt

Glftpd 1.18 till 1.21b8 current beta have a serious problem with the privpath directives.... It will probably be fixed in the comming 1.21b9 but i have included a quick fix in this one to prevent exploits of this bug. Thanx for Hoopy for the quick fix glftpd dev team. Problem: When you know the...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/06/15 12:0 a.m.23 views

SmartFTP Daemon v0.2 Beta Build 9 - Remote Exploit

I found a bug in the SmartFTP-D Server which will give an attacker full access to the server, if he has the right to write files on the server. For every user, the program is checking if a special Userfile exists Sample: Username=hacker & Userfile=hacker.FTPUser. If it exists, the configuration,...

Exploits0
Packet Storm
Packet Storm
added 2000/06/15 12:0 a.m.34 views

smartftp.txt

I found a bug in the SmartFTP-D Server which will give an attacker full access to the server, if he has the right to write files on the server. For every user, the program is checking if a special Userfile exists Sample: Username=hacker & Userfile=hacker.FTPUser. If it exists, the configuration,...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/05/03 12:0 a.m.109 views

Security Bug in Jana HTTP Server

Hello Bugtraqers, I found a directory travelling bug again, this time in JANA HTTP Server software available as freeware from http://www.jana-server.ocm.de . Here is a copy of the mail I sended to the author. eAX -------------------------------------------- Hello Thomas, I got your proxy/perver...

1.2AI score
Exploits0
securityvulns
securityvulns
added 2000/03/22 12:0 a.m.51 views

Security bug in Apache project: Jakarta Tomcat

The Apache project: Jakarta Tomcat contains a serius security bug. Tomcat is used together with the Apache web server to serve Java Server Pages and Java servlets. Summary from the Tomcat development team advisory is posted below: Advisory: Delivered with Tomcat is an example jsp/source.jsp that...

7.2AI score
Exploits0
Packet Storm
Packet Storm
added 2000/02/09 12:0 a.m.51 views

zeus.null.txt

This morning Zeus Technology Limited was informed of a serious security bug in the Zeus Webserver by 'The Relay Group' http://relaygroup.com. This document describes the scope of the problem and its solution. Versions affected ----------------- Zeus 3.1.x / 3.3.x Severity -------- High- this bug...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2000/01/23 12:0 a.m.35 views

omnis.txt

I'm not sure of the complete extent of applications written in Omnis, but from what I understand, it's a multi-platform Rapid Application Development environment. Essentially, from what I understand having no personal experience with the product, you create one program in Omnis, and it's portable...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/09/21 12:0 a.m.52 views

glibc_exploit.txt

Subject: Linux glibc 2.1.x / wu-ftpd =2.5 / BeroFTPD / lynx / vlock / mc / glibc 2.0.x To: [email protected] First of all, something less or more personal - sorry to all [email protected] people for this post. I'm really angry, as this stuff become well-known without my knowledge... so, only a...

Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.31 views

ssh2-remote-forward.txt

Date: Wed, 30 Dec 1998 00:04:47 +1100 From: Darren Reed To: [email protected] Subject: ssh2 security problem and patch fwd This just came across the ssh list...I've deleted the patch for brievity original length was some 2900 lines. From [email protected] Tue Dec 29 23:13:34 EDT 1998 From:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.33 views

openlinux.lisa.help.txt

Date: Sat, 8 May 1999 23:46:40 -0400 From: Andrew McRory To: [email protected] Subject: OpenLinux 2.2: LISA install leaves root access without password Hello, I believe I've found a bug in the installation process of OpenLinux 2.2 when using the LISA boot disk. During the installation a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.47 views

msie.4.0-no.dots.txt

Subject: ISN New IE bug "No Dots Bug" http://www.msnbc.com/news/206992.aspBODY IE can treat Internet sites as if they were on intranet By Bruce Brown BUGNET Oct. 20 ^× Posters on a Danish newsgroup have discovered a new security hole in Microsoft Internet Explorer. Microsoft has confirmed the...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.36 views

openbsdreadv.txt

Date: Mon, 27 Jul 1998 12:26:36 +0100 BST From: [email protected] To: [email protected] X-Send-Pr-Version: 3.97 Subject: kernel/549: Any user can panic OpenBSD machine Sender: [email protected] Number: 549 Category: kernel Synopsis: readv with -ve block size panics kernel Confidential: yes...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.32 views

dpec-course-passwds.txt

Date: Fri, 15 Jan 1999 21:45:24 -0700 From: Joel Knight To: [email protected] Subject: DPEC Online Courseware DPEC's www.dpec.com Online Courseware has a nasty bug in it that allows anyone to change anyone elses password without knowing what their current password is. This is NOT limited to...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.40 views

netscape-enterprise-pageservices.txt

Date: Mon, 12 Oct 1998 13:20:11 +0200 From: Jorgen Smith To: [email protected] Subject: PageServices bug in Netscape Enterprise server Hi, Just in case it has not already been reported my guess is that it has, and that a lid is put on this till Netscape works it out, I just receive...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.75 views

bintec.boss.txt

Date: Wed, 10 Feb 1999 22:10:57 +0100 From: Pascal Gienger To: [email protected] Subject: Security Bug in Bintec Router Firmware CLID Vulnerability in Bintec Firmware BOSS V4.9 Release 1 and earlier Abstract: Non-interpretation of "international" or "national" incoming call setup leads to a...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 1999/08/17 12:0 a.m.44 views

cisco-ios12.txt

Date: Tue, 22 Dec 1998 14:41:44 -0800 From: Jason Ackley Reply-To: Bugtraq List To: [email protected] Subject: Re: Cisco IOS 12.0 security bug and workaround On Tue, 22 Dec 1998, John Bashinski wrote: characterizing it, and can't yet be completely sure which versions or which platforms are...

7.4AI score
Exploits0
Rows per page
Query Builder