Microsoft Windows RPCSS DCOM Interface Denial of Service Vulnerability

Description The Microsoft Windows RPC service may contain a flaw that allows a remote attacker to cause a denial of service. By sending a specifically malformed packet to TCP port 135, the RPC service will be disabled. This issue may be related to BID 6005, however, this has not been confirmed...

Cisco IOS Malicious IPV4 Packet Sequence Denial Of Service Vulnerability

Description A denial of service vulnerability has been reported to exist in all hardware platforms that run Cisco IOS versions 11.x through 12.x. This issue may be triggered by a sequence of specifically crafted IPV4 packets. A power cycling of an affected device is required to regain normal...

Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability

Description A buffer overrun vulnerability has been reported in Microsoft Windows that can be exploited remotely via a DCOM RPC interface that listens on TCP/UDP port 135. The issue is due to insufficient bounds checking of client DCOM object activation requests. Exploitation of this issue could...

University of Minnesota Gopherd GSisText Buffer Overflow Vulnerability

...

Microsoft Windows CreateFile API Named Pipe Privilege Escalation Vulnerability

Description It has been reported that Microsoft Windows does not properly handle named pipes through the CreateFile API. Because of this, an attacker may be able to gain access to the SYSTEM account. Technologies Affected Microsoft Windows 2000 Advanced Server Microsoft Windows 2000 Advanced Serv...

CCBill WhereAmI.CGI Remote Arbitrary Command Execution Vulnerability

Description It has been reported that whereami.cgi distributed by CCBill does not properly handle some types of input. Because of this, an attacker may be able to gain access to a system with the privileges of the web server process. Technologies Affected CCBill whereami.cgi Recommendations Block...

InterSystems Cache Insecure Default Permissions Vulnerability

Description It has been reported that the permissions set by default on the files and directories comprising InterSystems Cache are insecure. The permissions on directories allegedly allow for any user to overwrite any file. This creates many opportunities for local attackers to obtain root...

Microsoft Windows Media Services NSIISlog.DLL Remote Buffer Overflow Vulnerability

Description Microsoft has reported a buffer overflow vulnerability in Windows Media Services. This is due to a problem with how the logging ISAPI extension handles incoming client requests. This could cause arbitrary code execution in IIS, which is exploitable through Media Services. Technologies...

Multiple Sun Database Functions Buffer Overflow Vulnerabilities

Description Sun dbmopen, ndbm, dbm and dbminit library functions have been reported prone to buffer overflow vulnerabilities. Each of these issues likely present themselves due to a lack of sufficient bounds checking performed when copying externally supplied data into an internal memory buffer...

PMachine Lib.Inc.PHP Remote Include Command Execution Vulnerability

Description It has been reported that PMachine does not properly handle include files under some circumstances. Because of this, an attacker may be able to remotely execute commands. Technologies Affected PMachine PMachine 2.2.1 Recommendations Block external access at the network boundary, unles...

Sun Management Center Change Manager PamVerifier Buffer Overflow Vulnerability

Description It has been reported that Sun Management Center SunMC Change Manager is vulnerable to a remote boundary condition error. Because of this, it may be possible for an attacker to gain administrative access to a system remotely. Technologies Affected Sun SunMC Change Manager 1.0.0...

FastTrack P2P Supernode Packet Handler Buffer Overflow Vulnerability

Description FastTrack P2P Supernode Packet Handler has been reported prone to a buffer overflow vulnerability. The issue presents itself in the FastTrack Supernode packet handler. The handler does not perform sufficient bounds checking on supernode entries received before they are copied into a...

IBM AIX Multiple Unspecified Security Vulnerabilities

Description It has been reported that multiple security issues exist in the print sub-system of IBM AIX. These issues could lead to an attacker gaining unauthorized access to the host, and potentially elevated privileges. Technologies Affected IBM AIX 4.3.0 IBM AIX 4.3.1 IBM AIX 4.3.2 IBM AIX 4.3...

Internet Explorer file:// Request Zone Bypass Vulnerability

Description Internet Explorer is reported to be vulnerable to a zone bypass issue. Allegedly, if Internet Explorer attempts to open a web page containing numerous 'file://' requests each contained in a separate Iframe, the requested file will eventually be executed in the Local Computer zone...

Apache Mod_Auth_Any Remote Command Execution Vulnerability

Description A vulnerability has been discovered in the modauthany Apache module. The problem occurs due to insufficient sanitiziation of user-supplied arguments. As a result, it may be possible for an attacker to execute arbitrary commands, by placing shell metacharacters within an argument. All...

Cisco Catalyst CatOS Authentication Bypass Vulnerability

Description A vulnerability has been reported for Cisco Catalyst switches that may result in unauthorized access to the enable level. The vulnerability exists due to the way the 'enable' mode is accessed through the switch. An attacker who is able to obtain command line access to a vulnerable...

Snort TCP Packet Reassembly Integer Overflow Vulnerability

Description A vulnerability has been discovered in Snort. The problem occurs during the reassembly of TCP packets by the stream4 preprocesser. By sending specially crafted fragmented packets across a network monitored by Snort, it may be possible to trigger an integer overflow. As a result, a...

Oracle E-Business Suite RRA/FNDFS Arbitrary File Disclosure Vulnerability

Description Oracle E-Business suite RRA/FNDFS server has been reported prone to an arbitrary file disclosure vulnerability. The Oracle FNDFS server is used in usual circumstances, by Oracle utilities, to retrieve and extract report data from Concurrent Manager server. It has been reported that...

Samba Multiple Unspecified Remote Buffer Overflow Vulnerabilities

Description Multiple remote buffer overflow vulnerabilities have been reported for Samba and Samba-TNG. Although unspecified, it is likely that these issues are exploitable by an attacker to execute arbitrary code. All code executed in this manner would be run with the privileges of Samba,...

Sendmail Address Prescan Memory Corruption Vulnerability

Description A vulnerability in Sendmail may be exploited remotely to execute arbitrary code. The flaw is present in the 'prescan' procedure, which is used for processing email addresses in SMTP headers. This condition has been confirmed to be exploitable by remote attackers to execute instruction...

Sun XDR Library xdrmem_getbytes() Integer Overflow Vulnerability

Description A vulnerability has been discovered in the Sun XDR library. Specifically, an integer overflow as been found in the xdrmemgetbytes function. As a result, applications implementing the vulnerable library call may be prone to denial of service attacks. It should be noted that the...

Microsoft Windows ntdll.dll Buffer Overflow Vulnerability

Description The Windows library ntdll.dll includes a function that does not perform sufficient bounds checking. The vulnerability is present in the function "RtlDosPathNameToNtPathNameU" and may be exploited through other programs that use the library if an attack vector permits it. One of these...

Samba SMB/CIFS Packet Assembling Buffer Overflow Vulnerability

Description Samba is prone to a buffer-overflow vulnerability when the 'smbd' service tries to reassemble specially crafted SMB/CIFS packets. An attacker can exploit this vulnerability by creating a specially formatted SMB/CIFS packet and sending it to a vulnerable Samba server. The overflow...

Cisco IOS OSPF Neighbor Buffer Overflow Vulnerability

...

IBM Lotus Domino HTTP Redirect Buffer Overflow Vulnerability

...

Opera Cross Domain Scripting Vulnerability

Description A vulnerability has been reported reported for Opera 7 browsers for Microsoft Windows operating systems. Due to flaws in Opera, it is possible for functions in different domains to be accessed and executed by an attacker with the credentials of the victim user. This vulnerability is...

Microsoft Windows Locator Service Buffer Overflow Vulnerability

Description It has been reported that the Microsoft Windows Locator service is affected by a remotely exploitable buffer overflow vulnerability. The condition is due to a memory copy of RPC arguments received from remote clients into a local buffer. This vulnerability may be exploited by remote...

ISC DHCPD NSUPDATE MiniRes Library Remote Buffer Overflow Vulnerabilities

Description Multiple buffer overflow vulnerabilities have been reported for the ISC DHCPD service. The vulnerability occurs when the DHCP server is configured to dynamically update records. The vulnerability exists in the library used by NSUPDATE to resolve hostnames. An attacker can exploit thes...

Half-Life Client Server Message Format String Vulnerability

...

Longshine Wireless Access Point Devices Information Disclosure Vulnerability

Description The Longshine LCS-883R-AC-B device will allow tftp connections. An attacker can exploit this vulnerability to connect via tftp to the access point and download the configuration file without any authentication. The configuration file contains sensitive information including the...

Perl-HTTPd File Disclosure Vulnerability

Description It has been reported that Perl-HTTPd fails to properly sanitize some web requests. By exploiting this issue, an attacker is able to traverse outside of the established web root by using dot-dot-slash ../ directory traversal sequences. An attacker may be able to obtain any web server...

Microsoft Internet Explorer PNG Deflate Heap Corruption Vulnerability

Description A heap corruption vulnerability has been reported for Microsoft Internet Explorer. The vulnerability is related to the way that Microsoft Internet Explorer interprets PNG image data. The function that handles the deflation of PNG images does not properly handle some invalid data withi...

Cobalt RaQ4 Administrative Interface Command Execution Vulnerability

Description The RaQ4 is a server appliance distributed and maintained by Sun Microsystems. A vulnerability has been reported in the web administration interface of the RaQ4. It is possible for a remote attacker to execute commands. By passing malicious email parameter to the vulnerable CGI script...

Lib CGI Include Buffer Overflow Vulnerability

...

Microsoft Java Virtual Machine Bytecode Verifier Vulnerability

Description The Microsoft Java virtual machine implementation contains a vulnerability that may allow for malicious Java applets to escape the security sandbox. An applet constructed at the bytecode-level may be able to perform some illegal operations. If these operations are performed, it may be...

Microsoft Data Access Components RDS Buffer Overflow Vulnerability

Description Microsoft Data Access Components MDAC contains a buffer overflow in a Remote Data Services RDS component. The server side RDS component affected is called the RDS Data Stub, while the client side is called the Data Space control. Successful exploitation of this vulnerability could all...

TCPDump / LIBPCap Trojan Horse Vulnerability

Description It has been announced that the server hosting tcpdump and libpcap, www.tcpdump.org, was compromised recently. It has been reported that the intruder made modifications to the source code of tcpdump and libpcap to include trojan horse code. Downloads of the source code of tcpdump and...

Macromedia JRun IIS ISAPI Filter GET Request Buffer Overrun Vulnerability

Description The Macromedia JRun IIS ISAPI handler is prone to a remotely exploitable buffer overrun condition. The issue is due to a lack of bounds checking on requested filenames. It is possible to trigger the overrun if a filename of excessive length is requested. This vulnerability has been...

Multiple Microsoft IIS Vulnerabilities

Description Microsoft Internet Information Services IIS is prone to multiple vulnerabilities. The first vulnerability may allow an attacker to obtain elevated privileges. This vulnerability can be exploited by an attacker to load and execute applications on the vulnerable server with SYSTEM level...

Multiple Vendor kadmind Remote Buffer Overflow Vulnerability

Description A vulnerability has been discovered in the kadmind daemon. It has been reported that kadmind is vulnerable to a remotely exploitable buffer overflow. This issue is due to insufficient bounds checking. Exploiting this issue could potentially allow an attacker to execute arbitrary code...

Microsoft SQL Server Web Task Stored Procedure Privilege Escalation Vulnerability

Description Microsoft has reported a vulnerability in SQL Server. According to the report, the vulnerability may be exploited by malicious database users to elevate privileges. Web tasks create HTML files containing queried data. They are invoked with a stored procedure. By default, the privilege...

Linux-HA Heartbeat Remote Buffer Overflow Vulnerability

...

Sendmail Trojan Horse Vulnerability

Description Reportedly, the server hosting sendmail, ftp.sendmail.org, was compromised recently. It has been reported that the intruder made modifications to the source code of sendmail to include Trojan Horse code. Downloads of the sendmail source code from ftp.sendmail.org between September 28,...

Multiple OpenVMS WASD HTTP Server Vulnerabilities

Description Multiple vulnerabilities have been reported in WASD HTTP Server for OpenVMS. The consequences of successful exploitation of these issues may range from information disclosure to varying degrees of remote compromise. Technologies Affected WASD WASD HTTP Server 7.1.0 WASD WASD HTTP Serv...

Microsoft Virtual Machine Multiple JDBC Vulnerabilities

Description Microsoft Virtual Machine contains three vulnerabilities that could allow a remote attacker to execute code on the vulnerable system. Successful exploitation could lead to a complete system compromise. The first vulnerability allows remote execution of DLLs. These would be executed in...

Multiple Cisco VPN 3000 Vulnerabilities

...

Microsoft SQL Server User Authentication Remote Buffer Overflow Vulnerability

Description A vulnerability has been discovered in Microsoft SQL Server that could make it possible for remote attackers to gain access to target hosts. It is possible for an attacker to cause a buffer overflow condition on the vulnerable SQL server with a malformed login request. This may allow ...

Microsoft UPnP NOTIFY Buffer Overflow Vulnerability

Description Universal Plug and Play, or UPnP, is a service that allows for hosts to locate and use devices on the local network. UPnP support ships with Windows XP and ME. For Windows 98 and 98SE, it is available with Windows XP's Internet Connection Sharing client. It should be noted that UPnP...

Microsoft SQL Server Administrator Cached Connection Vulnerability

Description Due to a flaw in the handling of specially crafted ad hoc queries, it is possible for a logged in user to utilize the ad hoc query in such a way that the use of the system administrator's cached connection would be invoked rather than that of the user. This would enable the user to...

Microsoft Windows NT PPTP DoS Vulnerability

Description A remote attacker could cause a denial of service condition in Windows NT. Submitting multiple maliciously crafted packets to the PPTP services will cause the consumption of all available system resources. Technologies Affected Microsoft Windows NT 4.0 Microsoft Windows NT Enterprise...