CVE-2002-0791

Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service CPU consumption via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length...

CVE-2002-0791

Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service CPU consumption via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length...

PT-2002-1419 · Ethereal · Ethereal

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.2 and earlier Description: The issue is related to the ASN.1 parser, which can be exploited by remote attackers to cause a denial of service crash via a certain malformed packet. This occurs because Ethereal allocates...

ansi outer join syntax in Oracle allows access to any data

Hi all I thought this list may be interested in this issue, apologies if its known here already. Oracle 9i includes the new ANSI outer join syntax. Oracle still supports the old syntax but in the new syntax there is a serious security issue that allows any user to view any data. here is an exampl...

lil' exim format bug

Hi BugTrackers Just a little bug to tell: THE BUG ------- accept.c, line 2506: else if smtpreply != NULL moansmtpbatchNULL, smtpreply; while moansmtpbatch is like this: moansmtpbatchchar cmdbuffer, char format, ... So when smtpreply contains format strings, it get transformed by moansmtpbatch. Wh...

Ошибка форматной строки в exim

Ошибка форматной строки при включеной опции headerschecksyntax...

Exim 3.x - Format String

Exim 3.x - Format String source: https://www.securityfocus.com/bid/2828/info Exim is a free, open-source Mail Transfer Agent for Unix systems. Exim is vulnerable to a locally exploitable format string attack which may compromise root access. The vulnerability exists only when the 'syntax checking...

Exim 3.x - Format String

source: https://www.securityfocus.com/bid/2828/info Exim is a free, open-source Mail Transfer Agent for Unix systems. Exim is vulnerable to a locally exploitable format string attack which may compromise root access. The vulnerability exists only when the 'syntax checking' mode is turned on, whic...

CVE-1999-0924

The CVE-1999-0924 entry concerns ColdFusion Server 4.0, where the Syntax Checker component is the vulnerable element. The issue enables remote denial of service. The connected documents reiterate the same description and do not provide explicit exploit vectors, affected build numbers beyond “4.0,...

CVE-1999-0924

The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service...

sfgate-info.txt

Vendor: http://ls6-www.cs.uni-dortmund.de/ir/projects/SFgate/index.html Action: attempted to notify vendor with no response. Description: SFGATE gives sensitive information by allowing one to view a few lines of text from a file via an error message. It looks like a good attempt was made at...

BSD Passive Connection Shellcode

BSD Passive Connection Shellcode. Shellcode exploit for bsd platform ; Passive Connection Shellcode ; ; Coded by Scrippie - [email protected] - http://b0f.freebsd.lublin.pl ; Buffer0verfl0w Security ; Why? This evades firewalls... ; ; YES, this is for NASM, I detest AT&T syntaxis - it's gross and...

CGI City CC Whois 1.0 - MetaCharacter

source: https://www.securityfocus.com/bid/2000/info Whois scripts provide InterNIC lookup services via HTTP. The vulnerable scripts include versions of Matt's Whois and CGI City Whois. Older versions of these fail to filter metacharacters, allowing execution of arbitrary commands by embedding the...

PT-1999-1011 · Finger · Finger

Name of the Vulnerable Software and Affected Versions: finger affected versions not specified Description: The issue is related to the finger command, which on some systems may print information on some user accounts when used with the .@host syntax. Recommendations: At the moment, there is no...

PT-1999-1010 · Finger · Finger

Name of the Vulnerable Software and Affected Versions: finger affected versions not specified Description: The issue allows the 'finger' command to potentially disclose information about user accounts on certain systems when used with specific syntax, such as '0@host'. Recommendations: At the...

FreeBSD-SA-96:14.ipfw

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-96:14 Security Advisory FreeBSD, Inc. Topic: Firewall filter leak with user level ipfw Category: core Module: ipfw Announced: 1996-06-24 Affects: FreeBSD -current Feb 24 199...