EUVD-2002-1446

Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor Models 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 generate easily predictable initial sequence numbers ISN, which allows remote attackers to spoof connections...

CVE-2003-0065

CVE-2003-0065 concerns the uxterm terminal emulator window-title reporting vulnerability. A malicious escape sequence can modify the terminal window title and, when echoed back to the command line, enable attacker-controlled input to be executed by the user’s shell. The related literature documen...

CVE-2003-0079

The DEC UDK processing feature in the hanterm hanterm-xf terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop...

CVE-2003-0066

The CVE-2003-0066 issue affects rxvt 2.7.8 and earlier. A vulnerable escape sequence allows an attacker to modify the window title and have that title re-enter the shell as a command, enabling arbitrary command execution when a user views a file containing the malicious sequence. The root cause i...

CVE-2003-0023

Removed by vendor...

Hafiye 1.0 Remote Terminal Escape Sequence Injection Vulnerability

No description provided by source. / Remote Exploit for Hafiye-1.0 Terminal Escape Sequence Injection Vulnerability Written by Serkan Akpolat Homepage: http://deicide.siyahsapka.org E-mail: deicide siyahsapka org Greets: Virulent, gorny and all other netricians / include stdio.h include sys/types...

Hafiye 1.0 Terminal Escape Sequence Injection Vulnerability

+------- Software --------------+ Hafiye 1.0 "POSIX-compliant, customizable TCP/IP packet sniffer." +------- Tested Versions --------------+ Hafiye1.0 Tested on:LinuxHafiye compiled from tarball FreeBSD 4.7 Installed from CD +------- Vulnerability --------------+ Packet Payload Terminal Escape...

Hafiye 1.0 Remote Terminal Escape Sequence Injection Vulnerability

Exploit for linux platform in category remote exploits ================================================================== Hafiye 1.0 Remote Terminal Escape Sequence Injection Vulnerability ================================================================== / Remote Exploit for Hafiye-1.0 Terminal...

hafiye.txt

+------- Software --------------+ Hafiye 1.0 "POSIX-compliant, customizable TCP/IP packet sniffer." +------- Tested Versions --------------+ Hafiye1.0 Tested on:LinuxHafiye compiled from tarball FreeBSD 4.7 Installed from CD +------- Vulnerability --------------+ Packet Payload Terminal Escape...

AOL Instant Messenger Login Sequence Remote Overflow

Binary data 1257.prm...

CVE-2004-0230

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service connection loss to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP...

DEBIAN-CVE-2004-0230

TCP, when using a large Window Size, makes it easier for remote attackers to guess sequence numbers and cause a denial of service connection loss to persistent TCP connections by repeatedly injecting a TCP RST packet, especially in protocols that use long-lived connections, such as BGP...

[Full-Disclosure] iDEFENSE Security Advisory 08.05.04: Thompson SpeedTouch Home ADSL Modem Predictable TCP ISN Generation

Thompson SpeedTouch Home ADSL Modem Predictable TCP ISN Generation iDEFENSE Security Advisory 08.05.04 www.idefense.com/application/poi/display?id=120&type=vulnerabilities August 5, 2004 I. BACKGROUND The Thompson formerly Alcatel SpeedTouch is an ADSL router for home and business providing a...

CVE-2004-0641

Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and possibly earlier versions, generates predictable TCP Initial Sequence Numbers ISNs, which allows remote attackers to spoof or hijack TCP connections...

Mandrake Linux Security Advisory : util-linux (MDKSA-2002:047)

Michal Zalewski found a vulnerability in the util-linux package with the chfn utility. This utility allows users to modify some information in the /etc/passwd file, and is installed setuid root. Using a carefully crafted attack sequence, an attacker can exploit a complex file locking and...

Microsoft Internet Explorer 5.0.1 - Style Tag Comment Memory Corruption

Microsoft Internet Explorer 5.0.1 - Style Tag Comment Memory Corruption source: https://www.securityfocus.com/bid/10816/info A heap overflow vulnerability has been discovered in Internet Explorer. It is reported that the issue presents itself when a comment character sequence that is not terminat...

RHEL 2.1 : XFree86 (RHSA-2003:065)

Updated XFree86 packages that resolve various security issues and additionally provide a number of bug fixes and enhancements are now available for Red Hat Enterprise Linux 2.1. XFree86 is an implementation of the X Window System, which provides the graphical user interface, video drivers, etc. f...

RHEL 2.1 : rxvt (RHSA-2003:055)

Updated rxvt packages are available which fix a number of vulnerabilities in the handling of escape sequences. Updated 12 March 2003 Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise Linux WS Rxvt is a color VT102 terminal emulator for the X Window System. A number of issues...

TCP RST packets spoofing

By sending spoofed RST it's possible to terminate established TCP connection. unlike TPC hijacking attacks there is no need for exact TCP sequence number, and number can be any number from handshaked TCP window. It significantly increases attack efficiency. In NetBSD sequence number for RST is no...

Apache < 1.3.31 / 2.0.49 Log Entry Terminal Escape Sequence Injection

The target is running an Apache web server that allows for the injection of arbitrary escape sequences into its error logs. An attacker might use this vulnerability in an attempt to exploit similar vulnerabilities in terminal emulators. Nessus has determined the vulnerability exists only by looki...