|
|
Prev week |
Colapse all |
Post message
EEYE: RealSecure/BlackICE Server Message Block (SMB) Processing Overflow 2004-02-27 Marc Maiffret (mmaiffret eeye com) RealSecure/BlackICE Server Message Block (SMB) Processing Overflow Release Date: February 26, 2004 Date Reported: February 18, 2004 Severity: High (Remote Code Execution) Vendor: Internet Security Systems Software Affected: RealSecure Network 7.0, XPU 20.15 through 22.9 Real Secure Server Senso [ more ] [ reply ] iDEFENSE Security Advisory 02.27.04a: WinZip MIME Parsing BufferOverflow Vulnerability 2004-02-27 idlabs-advisories idefense com WinZip MIME Parsing Buffer Overflow Vulnerability iDEFENSE Security Advisory 02.27.04a: http://www.idefense.com/application/poi/display?id=76&type=vulnerabiliti es February 27, 2004 I. BACKGROUND WinZip is an archiving utility for the Microsoft Windows platform featuring built-in support for CAB [ more ] [ reply ] iDEFENSE Security Advisory 02.27.04b: Microsoft Internet ExplorerCross Frame Scripting Restriction Bypass 2004-02-27 idlabs-advisories idefense com Microsoft Internet Explorer Cross Frame Scripting Restriction Bypass iDEFENSE Security Advisory 02.27.04b: http://www.idefense.com/application/poi/display?id=77&type=vulnerabiliti es February 27, 2004 I. BACKGROUND Internet Explorer is a set of core technologies in Microsoft Windows operating sys [ more ] [ reply ] New version of ike-scan (IPsec IKE scanner) available - v1.6 2004-02-27 Roy Hills (Roy Hills nta-monitor com) ike-scan v1.6 has been released. The key changes from v1.5.1 are: a) The ISAKMP payloads in the returned packet are now decoded; b) New options --quiet (-q) to prevent payload decoding, and --multiline (-M) to split the decode across multiple lines to make it easier to read; c) Added support [ more ] [ reply ] Calife heap corrupt / potential local root exploit 2004-02-27 DownBload (downbload hotmail com) Calife heap corrupt / potential local root exploit -------------------------------------------------- by Leon Juranic a.k.a DownBload <downbload (at) hotmail (dot) com [email concealed]> / II-Labs Version affected(tested): calife-2.8.4c and calife-2.8.5 - calife can be found at packages.debian.org, FreeBSD 5.0 (securi [ more ] [ reply ] [SECURITY] [DSA 450-1] New Linux 2.4.19 packages fix several local root exploits (mips) 2004-02-27 joey infodrom org (Martin Schulze) Extremail Security Problem 2004-02-26 Andrey Smirnov (smirnov net21 ru) Extremail Security Problem Extremail 1.5.9 www.extremail.com MTA If account is created with only digit password or password begins with digit - login is processing with any digit password or without password. -------------------- Andrey Smirnov smirnov (at) net21 (dot) ru [email concealed] Russia Moscow [ more ] [ reply ] Nmap Security Scanner 3.50 Released 2004-02-26 Fyodor (fyodor insecure org) -----BEGIN PGP SIGNED MESSAGE----- Hello Bugtraq, I am pleased to announce the immediate, free availability of the Nmap Security Scanner version 3.50 from http://www.insecure.org/nmap/ . Actually it was released a few weeks back, but I wanted to ensure it is actually stable :). Nmap ("Network Map [ more ] [ reply ] Immunix Secured OS 7+ kernel update 2004-02-26 Immunix Security Team (security immunix com) [Dearest Bugtraq readers, please do not use challenge-response antispam tools, please do not report our GPG signature as a virus, and please do not send us out of office autoreplies. Thanks.] ----------------------------------------------------------------------- Immunix Secured OS Security Adviso [ more ] [ reply ] RE: Serv-U "MDTM" buffer overflow PoC DoS exploit 2004-02-26 Peter Buijsman (peter bryte net) > Here it is, test your systems, temporarily disable Serv-U, > and wait for the vendor to release a patch. Serv-U has released a security patch yesterday. An e-mail has been send out to registered users. It fixes the MDTM problem and some other small bugs. "Serv-U 5.0.0.4 has been released. Th [ more ] [ reply ] SGI Advanced Linux Environment security update #11 2004-02-26 SGI Security Coordinator (agent99 sgi com) SGI Advanced Linux Environment security update #12 2004-02-26 SGI Security Coordinator (agent99 sgi com) Re: Windows XP explorer.exe heap overflow. 2004-02-26 Dragos Ruiu (dr kyx net) > > To exploit this flaw (in explorer), simply place a malformed (invalid > > "size" field) .emf file in any directory, open explorer to that path, > > and view as Thumbnails. Bang. In it's simplest form it's a DOS - it > > affects all explorer windows, including File Open dialogs for many > > prog [ more ] [ reply ] SGI ProPack v2.4: Kernel fixes and security update 2004-02-26 SGI Security Coordinator (agent99 sgi com) Serv-U "MDTM" buffer overflow PoC DoS exploit 2004-02-26 Shaun Colley (shaunige yahoo co uk) Hello Bugtraq, I have written a PoC exploit for the MDTM command buffer overflow found in Serv-U by bkbll. This exploit only crashes the Serv-U server, as releasing a arbitrary code execution exploit when the vendor has not yet supplied a patch/fix is not a good idea when certain unruly people mig [ more ] [ reply ] SmoothWall Project Security Advisory SWP-2004:002 2004-02-26 William Anderson (neuro smoothwall org) Dell OpenManage Web Server Heap Overflow (Pre-Auth) 2004-02-26 wirepair (wirepair roguemail net) This advisory can also be found on my site: http://sh0dan.org/files/domadv.txt I'm currently installing 3.7.0 and will add my results to this advisory. -wire Product: Dell OpenManage Web Server 3.4.0 and others assumed vulnerable. Vulnerability: Pre-Authentication Heap Based Buffer Overflow Sever [ more ] [ reply ] [RHSA-2004:091-01] Updated libxml2 packages fix security vulnerability 2004-02-26 bugzilla redhat com [RHSA-2004:063-01] Updated mod_python packages fix denial of service vulnerability 2004-02-26 bugzilla redhat com MDKSA-2004:015-1 - Updated x86_64 kernel packages fix multiple vulnerabilities 2004-02-26 Mandrake Linux Security Team (security linux-mandrake com) Sandblad #13: Cross-domain exploit on zombie document with event handlers 2004-02-25 Andreas Sandblad (sandblad acc umu se) Re: [waraxe-2004-SA#004] - Multiple vulnerabilities in XMB 1.8 Partagium Final SP2 2004-02-25 Ben (it xmbforum com) In-Reply-To: <20040223184737.27470.qmail (at) www.securityfocus (dot) com [email concealed]> TO ALL XMB USERS: All vulnerabilities have now been patched. XMB 1.8 SP3 will be released in the next hour. See the XMB Website for details. XMB 1.9 Nexus BETA has been updated in the CVS system - and a new build is now availa [ more ] [ reply ] PSOProxy's exploit for Windows by Rosiello Security 2004-02-25 Angelo Rosiello (angelo rosiello katamail com) Fw: [Unpatched] The Bizex worm 2004-02-25 Thor Larholm (thor pivx com) We have all talked about how most viruses and worms that actually spread in the wild could have been written so much better by any one of us. I guess someone stepped forward and took the bait. Everything indicates that Bizex is a worm which was created as a hired job. It's primary purpose was to co [ more ] [ reply ] Re: Windows XP explorer.exe heap overflow. 2004-02-25 Eli Kara (elik beyondsecurity com) The author spoke of a heap-based overflow (which we know can lead to code execution). Although peaking the CPU at 100% shouldn't happen, it is still quite different than an overflow :) E On Wednesday 25 February 2004 17:48, Larry Seltzer wrote: > The sample someone sent around that caused the 10 [ more ] [ reply ] RE: Windows XP explorer.exe heap overflow. 2004-02-25 Larry Seltzer (larry larryseltzer com) The sample someone sent around that caused the 100% CPU hogging had the Size field set to 0000h. Try that. Perhaps it's not just a matter of the value being lower, but below some small threshold. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ larryseltzer (at) ziffdavis (dot) com [email concealed] [ more ] [ reply ] |
|
Privacy Statement |
this is a exploit for Serv-U mdtm vulns.
test on windows 2000/xp.
Cheers,
Sam Chen <Sam (at) 0x557 (dot) org [email concealed]>
http://0x557.org
[ more ] [ reply ]