MSSQL 7.0 Remote Denial of Service Exploit

No description provided by source. / Microsoft mssql 7.0 server is vulnerable to denial of service attack By sending a large buffer with specified data an attacker can stop the service "mssqlserver" the error noticed is different according to services' pack but the result is always the same one...

ssmtp insecure file creation

Hi, ssmtp 2.50.6 create a logfile /tmp/ssmtp.log. The data in this logfile is user specified. It's possible to overwrite any file with the permissons of the ssmtp program normally root. The vulnerable call is in logevent. logevent vulnerable call: ifdef LOGFILE iffp = fopen"/tmp/ssmtp.log", "a" !...