|
|
Colapse all |
Post message
Serv-U LIST -l Parameter Buffer Overflow 2004-05-03 Aviram Jenik (aviram beyondsecurity com) Serv-U LIST -l Parameter Buffer Overflow ------------------------------------------------------------------------ Article reference: http://www.securiteam.com/windowsntfocus/5ZP0G2KCKA.html SUMMARY <http://www.serv-u.com/> Serv-U is a "powerful, easy-to-use, award-winning FTP server" creat [ more ] [ reply ] X-Chat[v1.8.0-v2.0.8]: socks-5 remote buffer overflow exploit. 2004-05-03 Vade 79 (v9 fakehalo deadpig org) X-Chat socks-5 exploit/explaination(in header). Original exploit url: http://fakehalo.deadpig.org/xxchat-socks5.c ------------------------ exploit: example usage ------------------------ # ./xxchat-socks5 2600 [*] X-Chat[v1.8.0-v2.0.8]: socks-5 remote buffer overflow exploit. [*] by [ more ] [ reply ] Re: Will the Sasser worm become the next Blaster? 2004-05-02 Damian Menscher (menscher uiuc edu) Gadi Evron <ge linuxbox org> wrote: > if you simply port scan for Sasser you get many false positives, as > that port (5554) is also used by Oracle. If you get "200 OK" as a > reply though in the first packet, it's Sasser. Another false positive is IRIX boxes which listen to port 5554/tcp for esp-h [ more ] [ reply ] [waraxe-2004-SA#026 - Multiple vulnerabilities in Coppermine Photo Gallery for PhpNuke] 2004-05-02 Janek Vind (come2waraxe yahoo com) Vulnerability in YaBB forum (Perl version without SQL) 2004-05-02 Dmitry Shurupov (root nixp ru) There's a vulnerability in non-SQL version of YaBB forum (I've checked it with YaBB 1 Gold - SP 1.2 written in Perl -- it's not new, but is in use even nowadays). You can input almost anything into .txt file from boards directory. The "subject" form field isn't checked for "\n" symbols, so crea [ more ] [ reply ] Crystal Reports Vulnerabilities 2004-05-02 Imperva Application Defense Center (adc imperva com) Dear List, Imperva(tm)'s Application Defense Center has discovered several vulnerabilities in BusinessObject's Crystal Reports' Web Interface. These vulnerabilities allow a potential hacker to retrieve and delete any file from the file system of the server on which it runs, as well as causing a com [ more ] [ reply ] W32/Sasser a and b SNORT Sigs 2004-05-02 Martin Overton (martin arachnophiliac com) Hi, To save my SNORT sigs board going into meltdown, I sm posting my Sasser snort sigs here for all interested parties. alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"W32/Sasser.worm.a [NAI])"; content:"|BC 3B 74 0B 50 8B 3D E8 46 A7 3D 09 85 B8 F8 CD 76 40 DE 7C 5B 5C D7 2A A8 E8 58 75 62 [ more ] [ reply ] EEYE: Apple QuickTime (QuickTime.qts) Heap Overflow 2004-05-02 Marc Maiffret (mmaiffret eeye com) Apple QuickTime (QuickTime.qts) Heap Overflow Release Date: May 02, 2004 Date Reported: February 18, 2004 Severity: High (Code Execution) Vendor: Apple Systems Affected: Apple QuickTime 6.5 Apple iTunes 4.2.0.72 Description: The Apple QuickTime media player is used for playing, interacting wit [ more ] [ reply ] PaX Linux Kernel 2.6 Patches DoS Advisory 2004-05-02 chris (chris cr-secure net) http://www.cr-secure.net Found by: borg (ChrisR-) A small bug in PaX was found. What is PaX? ----------------------- PaX is a collection of intrusion prevention patches for the Linux Kernel 2.2, 2.4, and 2.6. This advisory only affects the PaX patches for the 2.6 linux kernel. PaX i [ more ] [ reply ] [SECURITY] [DSA 500-1] New flim packages fix insecure temporary file creation 2004-05-02 Matt Zimmerman (mdz debian org) [SECURITY] [DSA 499-1] New rsync packages fix directory traversal bug 2004-05-02 Matt Zimmerman (mdz debian org) Will the Sasser worm become the next Blaster? 2004-05-02 kers0r (root asylum-nz com) (1 replies) The LSASS Sasser worm is spreading through the documented MS04-011 (LSASS) vulnerability. Presently this worm has not gotten to plague proportions but statistically it may well. Apart from the Sasser worm problem, there also remains the problem of human hackers exploiting this hole. Warez ftp [ more ] [ reply ] New LSASS-based worm finally here (Sasser) 2004-05-01 Ben Ryan (ben bssc edu au) (1 replies) As expected, LSASS exploit-based worm seems to have arrived. Fasten your seatbelts, those unpatched please use the spew bags provided :) I hope PSS resolves the issues discussed in KB835732. Sasser Worm: http://isc.sans.org/diary.php?date=2004-04-30 "ISC is aware of the LSASS Sasser worm. This w [ more ] [ reply ] Re: New LSASS-based worm finally here (Sasser) 2004-05-03 Javier Fernandez-Sanguino (jfernandez germinus com) LNSA-#2004-0014: X-Chat vulnerability in Socks-5 proxy 2004-05-01 Vincenzo Ciaglia (ciaglia netwosix org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ************************************************************************ ************ Netwosix Linux Security Advisory #2004-0014 <http://www.netwosix.org> - ------------------------------------------------------------------------ ----------- Package nam [ more ] [ reply ] Props 0.6.1 XSS and Remote File Viewing Vulnerability 2004-05-01 Manuel Lopez (mantra gulo org) #Title: Props 0.6.1 XSS and Remote File Viewing Vulnerability. #Software: Props 0.6.1 #Vendor: http://props.sourceforge.net/ #Platform: PHP4 and MySQL #Description: PROPS is an open, extensible Internet publishing system designed specifically for periodicals such as newspapers and magazine [ more ] [ reply ] RE: IE Certificate Stealing (Phising) bug 2004-05-01 Michael Wojcik (Michael Wojcik microfocus com) > From: E.Kellinis [mailto:me (at) cipher.org (dot) uk [email concealed]] > Sent: Friday, April 30, 2004 11:09 AM > > If inside the index page links and forms use virtual > pointers to directories or files > (e.g. images/ or form/submit.php) we can use the trust > of the visitor and steal information. Those aren't called [ more ] [ reply ] LNSA-#2004-0013: Multiple Vulnerabilities in Samba 2004-05-01 Vincenzo Ciaglia (ciaglia netwosix org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ************************************************************************ ************ Netwosix Linux Security Advisory #2004-0013 <http://www.netwosix.org> - ------------------------------------------------------------------------ ----------- Package nam [ more ] [ reply ] [product-security (at) apple (dot) com [email concealed]: APPLE-SA-2004-04-30 QuickTime 6.5.1] 2004-05-01 David Ahmad (da securityfocus com) ----- Forwarded message from Apple Product Security <product-security (at) apple (dot) com [email concealed]> ----- From: Apple Product Security <product-security (at) apple (dot) com [email concealed]> Subject: APPLE-SA-2004-04-30 QuickTime 6.5.1 To: <security-announce (at) lists.apple (dot) com [email concealed]> Date: Fri, 30 Apr 2004 16:07:57 -0700 User-Agent: Microsoft-Outlook-E [ more ] [ reply ] RE: Multi stage attacks on networks? 2004-04-30 Shaun Bertrand (sbertrand cbihome com) Dude this happens all the time. It's the essense of a hack. Case 1. 1. Webserver on the DMZ is running an older version of IIS that is vulnerable to *insert your buffer overflow here* Attacker inserts trojan and creates some variable that will either force the server to reboot or make the admin [ more ] [ reply ] |
|
Privacy Statement |
Multible Vulnerabilites in Aldos Webserver
==========================================
Aldo's Web Server is a super-compact Web service daemon that not only
let you share easily your files, it also acts as a Advertisment or
site blocker.
Version:
========
1.5 on Windows Platform
Vulnerabilities
[ more ] [ reply ]