Getsocial, S.A. Security Vulnerabilities

Evolvable Shambala Server 4.5 - Web Server Denial of Service

...

Evolvable Shambala Server 4.5 - Web Server Denial of Service

Evolvable Shambala Server 4.5 - Web Server Denial of...

Vulnerability in 3Com® OfficeConnect® Remote 812 ADSL Router

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Vulnerability in 3Com® OfficeConnect® Remote 812 ADSL Router Date: 27-05-2002 Impact: A vulnerability in PAT (Port Address Translation) allow access to all ports in the computer behind the router. Author: ...

Potential vulnerabilities of the Microsoft RVP-based Instant Messaging

The Encode Security Labs performed an empirical analysis of the Microsoft Instant Messaging implementation based on Exchange 2000 and using the MSN Messenger Service v3.6 client. The most important findings about the IM service are: -it does not offer any confidentiality -it is vulnerable to...

Security Bulletin #00218

Courtesy of Sun Microsystems. -----BEGIN PGP SIGNED MESSAGE----- Sun Microsystems, Inc. Security Bulletin Bulletin Number: #00218 Date: March 18, 2002 Cross-Ref: Title: Bytecode Verifier The information contained in this...

MS Windows NT Terminal Server 4.0 buffer overflow in regapi.dll allows remote code execution or DoS

Overview Microsoft Windows NT 4.0 Terminal Server contains a buffer overflow that could allow an intruder to execute arbitrary code with the privileges of an administrator. Description There is a buffer overflow in the code that processes the username (specifically in RegAPI.DLL) in Microsoft...

Security Advisory: Multiple SSH vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Security Advisory: Multiple SSH vulnerabilities Revision 1.0 - INTERIM For public release 2001 June 27 08:00 (UTC -0800) ___________ Summary Three different Cisco product lines are susceptible to multiple vulnerabilities in the Secure Shell...

[CORE SDI ADVISORY] SSH1 CRC-32 compensation attack detector vulnerability

CORE SDI http://www.core-sdi.com SSH1 CRC-32 compensation attack detector vulnerability Date Published: 2001-02-08 Advisory ID: CORE-20010207 Bugtraq ID: 2347 CVE CAN: CAN-2001-0144 Title: SSH1 CRC-32 compensation attack detector vulnerability Class:...

[CORE SDI ADVISORY] WinVNC server buffer overflow

CORE SDI http://www.core-sdi.com Vulnerability report for server overflow in ATT VNC for Windows Date Published: 2001-01-29 Advisory ID: CORE-2001011502 Bugtraq ID: 2306 CVE CAN: None currently assigned. Title; ATT VNC Windows Server Buffer Overflow Class: Boundary Error...

vulnerability #1 in Oracle Internet Directory 2.1.1.1 in Oracle 8.1.7

WWW.PLAZASITE.COM System & Security Division Title: Vulnerability in oidldapd in Oracle 8.1.7 Date: 10-12-2000 Platform: Only tested in Linux, but can be exported to others. Impact: Any user gain euid=root. Author: Juan Manuel Pascual...

[CORE SDI ADVISORY] MS Windows NT4 and Windows 2000 Phonebook Service overflow

CORE SDI http://www.core-sdi.com Vulnerability Report For Microsoft PhoneBook Server overflow Date Published: December 4th, 2000 Advisory ID: CORE-20001204 Bugtraq ID: 2048 CVE CAN: None currently assigned. Title: Microsoft PhoneBook Server buffer overflow...

vulnerability in Connection Manager Control binary in Oracle 8.1.5 Linux Platform.

Hello Elias Colud you make public this advisory. Oracle people dont send an answer in 6 days. Please cut this lines. Thanks WWW.PLAZASITE.COM System & Security Division Title: ...

[CORE SDI ADVISORY] RealServer memory contents disclosure

CORE SDI http://www.core-sdi.com Report for RealServer memory contents disclosure vulnerability Date Published: November 16th, 2000 Advisory ID: CORE-20001116 Bugtraq ID: 1957 CVE CAN: None currently assigned. Title: RealServer memory contents disclosure...

Windows NT 4.0 Terminal Server RegAPI.DLL Buffer Overflow

CORE SDI http://www.core-sdi.com Vulnerability Report For Microsoft Windows NT 4.0 Terminal Server GINA Date Published: 2000-11-08 Advisory ID: CORE-20001108 Bugtraq ID: 1924 CVE CAN: Non currently assigned. Title: Windows NT 4.0 Terminal Server...

[CORE SDI ADVISORY] Netscape servers heap buffer overflow

CORE SDI http://www.core-sdi.com Vulnerability Report For Netscape Servers Heap Buffer Overflow Date Published: 2000-10-31 Advisory ID: CORE-2000103101 Bugtraq ID: 1865 CVE CAN: Non currently assigned. Title: Netscape Servers Heap Buffer Overflow...

[CORE SDI ADVISORY] Netscape servers Denial of Service

CORE SDI http://www.core-sdi.com Vulnerability Report For Netscape servers Denial of Service Date Published: 2000-10-31 Advisory ID: CORE-2000103102 Bugtraq ID: 1867 CVE CAN: Non currently assigned. Title: Netscape servers Denial of Service...

[CORE SDI ADVISORY] iPlanet Certificate Management System 4.2 path traversal bug

CORE SDI http://www.core-sdi.com Vulnerability Report For iPlanet CMS and Netscape Directory Server Date Published: 2000-10-26 Advisory ID: CORE-2000-10-26 Bugtraq ID: 1839 CVE CAN: Non currently assigned. Title: Path traversal and administrator password in clear text...

[CORE SDI ADVISORY] Cisco IOS HTTP server DoS

CORE SDI http://www.core-sdi.com Vulnerability Report For Cisco IOS Web Administration DoS Date Published: 2000-10-25 Advisory ID: CORE-20002510 Bugtraq ID: 1838 CVE CAN: None currently assigned. Title: Cisco IOS Web Administration Denial of Service Class:...

[CORE SDI ADVISORY] MySQL weak authentication

CORE SDI http://www.core-sdi.com Vulnerability Report for MySQL Authentication Vulnerability Date Published: 2000-10-23 Advisory ID: CORE-20001023 Bugtraq ID: 1826 CVE CAN: Not currently assigned. Title: MySQL Authentication Vulnerability Class:...

vulnerability in Oracle Internet Directory in Oracle 8.1.6

WWW.PLAZASITE.COM System & Security Division Title: Vulnerability in oidldapd in Oracle 8.1.6 Date: 16-10-2000 Platform: Only tested in Linux, but can be exported to others. Impact: Any user gain euid=oracle. Author: Juan Manuel Pascual...

Unixware SCOhelp http server format string vulnerability

CORE SDI Inc. http://www.core-sdi.com Unixware SCOhelp http server format string vulnerability Date Published: 09/27/00 Advisory ID: CORE-092700 Bugtraq ID: 1717 CVE CAN: None currently assigned. Title: Unixware SCOhelp http server format string...

UNIX locale format string vulnerability

CORE SDI http://www.core-sdi.com UNIX locale format string vulnerability Date Published: September 4th, 2000 (early release) Advisory ID: CORE-090400 Bugtraq ID: 1634 CVE CAN: None currently assigned. Title: UNIX locale format string vulnerability Class: Input...

BEA Weblogic server proxy library vulnerabilities

CORE SDI http://www.core-sdi.com Vulnerability Report For BEA Weblogic's Proxy Date Published: August 15, 2000 Advisory ID: CORE-081300 Bugtraq ID: 1570 CVE CAN: None currently assigned. Title: BEA Weblogic Multiple Buffer Overflow Vulnerabilities Class:...

majordomo.txt

...

Local root compromise in GNQS 3.50.6 and 3.50.7

A large security hole was uncovered last month in Generic-NQS ver. 3.50.6 and 3.50.7. This hole leads to immediate local root compromise. All users of those versions are requested to upgrade to ver. 3.50.8 or later ASAP. The updated package can be downloaded from...

ssh-1.2.27-exploit.txt

...

RSA Security RSAREF 2.0 - Local Buffer Overflow

RSA Security RSAREF 2.0 - Local Buffer...

RSA Security RSAREF 2.0 - Local Buffer Overflow

...

linux_stealth_module.txt

...

ssh-insertion-attack.txt

...

redhat.su.ghost.bug.txt

...