The 4D webserver v4.7.3 has a buffer overflow condition in the username or password field in a basic authentication resulting in EIP overwrite and possible arbitrary code execution.
b96f3931116f62370d7fc24b352b14216c1aa472d09e0f7a13ec66181f1c021fRemote FreeBSD cURL exploit for versions 6.1 - 7.3. More info available here.
cb3b41070a035495a6c0d2f9b4a6cfc27b235c73e132f73706c9a2910cdd0597Remote linux cURL exploit for versions 6.1 - 7.3. More info available here.
dad91fe61044ca9a5d49c69ade363fac8dad8e28d8281dc3943fb2ce21ed8fb8Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks inetd entries and looks for unneeded RPM packages. It is being expanded to work with Linux distributions other than Red Hat, and checks for kernel versions.
52892f514f310b0e0929cbd03ed544a7652ba88640cc4ed57c4d787006117e00Cqure.net Security Advisory cqure.net.20020412.bordermanager_36_mv1.a - Three vulnerabilities were identified in Novell Border Manager 3.6. The vulnerabilities will cause the handling NLM to abend, and in some cases result in a denial of service to to Novell server.
f299bcf1188f4c8c7d32630643702fd962fc7a016d90a590fa5014a2d1f6d783Cqure.net Security Advisory cqure.net.20020412.netware_sdmr.a - The IPX compatibility issue Posted to BugTraq on July 11, 2000 by Dimuthu Parussalla applies to Netware 6.0 SP 1 as well. An attacker could cause the SDMR.NLM to abend and in some cases reboot the server.
6e6452d419db4e473889709434156d711e2dea30704458f960ad8691c0bfdd80Cqure.net Security Advisory cqure.net.20020412.netware_client.a - Multiple buffer overflow conditions exist in the Novell Netware client for Windows v4.83 which allow an attacker to crash any software relying in name resolution.
acf676864959962a18ec7ee46cd42809dc4d8f63457b8d3aa66b57a2932b55b5ISC DHCPD in its version 3 introduced new dns-update features. ISC DHCPD v3.0 to 3.0.1rc8 is vulnerable to a remote root format string bug attack, while reporting the result of a dns-update request.
a290c9d40604af3f940c6014c394c6ae911843feb29f15807b203cd233a48342Fwlogwatch analyzes the ipchains, netfilter, iptables packet filter, and Cisco logfiles and generates text and HTML summaries. Features realtime anomaly alerting capability, an interactive report generator, and the ability to cut off attacks by adding firewall rules.
795c67cf5a2db29ed7dd5a76ae3f841e7a8d70ca6895bf6f78bbc9910c6b3ab3portfwd is a small userlevel daemon which forwards incoming TCP connections or UDP packets to remote hosts. Multiple forwarders can be specified in a flexible configuration file. There is support for FTP forwarding and transparent proxy.
abd24d938ea563ceb77b2bf0b4564443d027463dbb2b03979e7b61d5943405f4Dirwatch is a (/tmp) directory watcher written to to aid in the discovery of race conditions. Dirwatch has multiple speed settings, the fastest of which can even catch a successive link() unlink(). Dirwatch also has the ability to filter files based on user, group, suid bit, and wildcard (*?) file names.
5cdc8fea6ea4919bd2106e78c2892ae715e43baa15d23ca4eec2a512646b6089Confuse Router v1.0 is an arp cache poisoner which allows you to see traffic in a switched environment such as a cable modem network. Requires libnet.
3f39d0ee3be48ebe6c2f78d8012c01677c3f389706c1f2b080b773de1fd86e82Microsoft Security Advisory MS02-022 - A buffer overflow in the MSN Chat control allows remote attackers to run arbitrary code if a user runs MSN Messenger or Exchange Instant Messenger. It is also possible to exploit this vulnerability via a web site or HTML email. Microsoft FAQ on this issue available here.
b87ce4858a40e34353bddfda6a10d403e7641db211ecf164002df49eb80edf8cLocal root exploit for OpenBSD up to 3.1 which takes advantage of the fd race and skeyaudit binary.
942689559f299505c2d3b0892168e2f9e4a4e49b301c8a85a802e0d8e1361e0dOn current OpenBSD systems, any local user can fill the kernel file descriptors table, leading to a denial of service. Because of a flaw in the way the kernel checks closed file descriptors 0-2 when running a setuid program, it is possible to combine these bugs and earn root access by winning a race condition.
e1b6639e9a5ff47fdbc4fbd454486735d12558a62364c4a7a3c8f06239895718SGI Security Advisory 20020503-01-I - A vulnerability found in netstat allows local users to detect whether a file exists, even when the permissions and ownership of that file should not allow it. This vulnerability has been corrected in IRIX 6.5.12 and patches are available.
ecfddfe1a5d66662e1eacb3e599522d5cc271ef9922a8b2cb650afd55c1f66d3Cqure.net Security Advisory 20020408.netware_nwftpd.a - A vulnerability found in the Novell Netware 6.0 SP1 FTP daemon can be used in a denial of service against this application. Exploitation of this problem can result that the daemon starts consuming all CPU resources.
090c17bdcfa438d7edb5199d6b979d712c815b29b6cfad263682923334c7e20bSuSE Security Announcement: sysconfig (SuSE-SA:2002:016) - On SuSE 8.0 information gained from DHCP packets is used in commands line execution by the ifup-dhcp script. This vulnerability has been fixed in the sysconfig-0.23.14-60.i386.rpm package.
c82cc50639bd3babda48b1d2a00ee6187697cb5e6a2f5fdd0ee5849e68c17de6CERT Advisory CA-2002-12 - A format string vulnerability in ISC DHCP 3 to 3.0.1rc8 can be used to remotely execute code through this application. Because ISC DHCP runs with root privileges, exploitation of this vulnerability can lead to a root compromise.
04162819e3ff2eccb2f46aeb34787f7c46b175659b06ede22042c9ce455db002
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed