Possible DOS on MDConfig (MDaemon)

MDaemon mail server for Windows comes with a utility called MDConfig to remotely administer a MDaemon server. To establish MDConfig connection to a MDaemon server, an administrator must enable MDConfig server on the server machine. Connection will be established on a predefined TCP port, by defau...

Windows 2000 Telnet Service DoS

Below is the original message sent to Microsoft, and since apparently 'Disclosure Procedures' are once again in focus... 11/08/2000 - Issue is reported to Microsoft's Security Response Team [email protected] 11/10/2000 - Microsoft confirmed receipt 11/21/2000 - Microsoft responded that they...

proxy.dos

HTTP Proxies Denial of Service by SectorX of XOR http://xorteam.cjb.net The theory ========== While browsing through my own http proxy code, i noticed an interesting coding mistake - the proxy did not perfrom timeout checking on the remote host the user was connecting to. since every time a user...

mdaemon 2.8.5.0 DoS

mdaemon 2.8.5.0 remote DoS Win95 vulnerable Tested on a K5-166 with 32MB RAM Win98SE vulnerable Tested on a K7-500 with 128MB RAM A single user wasnґt able to receive eMail - after the password was send, the mail client just haltet, and did nothing till the timeout. I tried to find the error, by...

Security Problems with Linux 2.2.x IP Masquerading

Security Problems with Linux 2.2.x IP Masquerading Summary: Due to lax checking in the masquerading kernel code, an attacker is able to rewrite a linux masq gateway's UDP masquerading entries so that the remote host and port are whatever they choose. This creates a tunnel between whatever host an...

CVE-1999-0770

Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems...

CVE-1999-0770

CVE-1999-0770 affects Firewall-1, where a long timeout on connections that start with ACK/non-SYN packets enables a denial of service by mass connection attempts to unresponsive systems. Red Hat and CVE records corroborate the symptom; Nessus describes a remote DoS attack via the ACK/stream attac...

webramp-M3.txt

Date: Thu, 21 Jan 1999 01:18:50 -0800 From: John Stanley To: [email protected] Subject: WebRamp M3 remote network access bug I have not seen this problem mentioned on this list. I defer to the moderator's memory and hope this is valuable information... The WebRamp M3 is a small SOHO router wit...

CVE-1999-0770

Firewall-1 sets a long timeout for connections that begin with ACK or other packets except SYN, allowing an attacker to conduct a denial of service via a large number of connection attempts to unresponsive systems...

Check Point Software Firewall-1 3.0/1 4.0 - Table Saturation Denial of Service

source: https://www.securityfocus.com/bid/549/info A denial of service condition exists in some implementations of Firewall-1 by Checkpoint Software. This denial of service attack is possible due to the way Firewall-1 handles TCP connections. Typically to initiate a TCP connection, a SYN packet i...

Check Point Software Firewall-1 3.01 4.0 - Table Saturation Denial of Service

Check Point Software Firewall-1 3.01 4.0 - Table Saturation Denial of Service source: https://www.securityfocus.com/bid/549/info A denial of service condition exists in some implementations of Firewall-1 by Checkpoint Software. This denial of service attack is possible due to the way Firewall-1...

CVE-1999-1151

Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password...

CVE-2024-32354

TOTOLINK X5000R V9.1.0cu.2350B20230313 was discovered to contain a command injection vulnerability via the 'timeout' parameter in the setSSServer function at /cgi-bin/cstecgi.cgi...