|
|
Colapse all |
Post message
simple buffer overflow in gedit 2003-11-23 Andreas Constantinides (MegaHz) (megahz megahz org) Hello, I discover a strange but simple buffer overflow in gedit. I am using RH9, to demostrate the buffer here is a simple file buffer generator: ===========buffer.c == cut here=============== /* simple buffer overflow generator by MegaHz megahz (at) megahz (dot) org [email concealed] */ #include <iostream> using namespace [ more ] [ reply ] [CommerceSQL] Remote File Read Vulnerability 2003-11-23 Mariusz Ciesla (craig tenbit pl) CommerceSQL shopping cart (http://commercesql.com) allows remote file reading. It only needs to specially prepared page variable in index.cgi to allow reading remote files (like /etc/passwd) By using prepared GET page variable it allows user to read remote files Example: With index.cgi?page [ more ] [ reply ] webfs 1.7.x:webserver remote file overflow exploit (use ftpd to mkdir) 2003-11-22 yan feng (jsk ph4nt0m net) /*********************************************************************** ***********hate money. if you have much. please shit ,lol... *only love #ph4nt0m(irc.ox557.org) #cheese..(sec..) *page: jsk.ph4nt0m.org *love taiwan. nah :( chen&li. go die........... *[root@localhost root]# ./hack -h [ more ] [ reply ] Opera directory traversal and buffer overflow 2003-11-22 Jouko Pynnonen (jouko iki fi) OVERVIEW ======== Two vulnerabilities were found in the Opera web browser versions up to 7.22. They are related to skin files. The first one is a directory traversal problem which allows an attacker to upload a file to an arbitrary location on the victim system. The second is a buffer overf [ more ] [ reply ] yet another panic() in OpenBSD 2003-11-21 noir uberhax0r net (1 replies) [SCSA-021] Anonymous Mail Forwarding Vulnerabilities in vbPortal 2003-11-22 Gregory LEBRAS (gregory lebras security-corporation com) ====================================================================== Security Corporation Security Advisory [SCSA-021] Anonymous Mail Forwarding Vulnerabilities in vbPortal ====================================================================== PROGRAM: vbPortal HOMEPAGE: http://www.vbp [ more ] [ reply ] PrimeBase SQL Database server cleartext password storage. (fwd) 2003-11-22 Larry W. Cashdollar (lwc vapid ath cx) PrimeBase SQL Database server cleartext password storage. Vapid Labs Security Note 10/20/03 The PrimeBase SQL Database Server 4.2 stores passwords in clear text, and based on the installation users umask settings maybe readable by all local users. From the readme.txt file: "The Admin server wil [ more ] [ reply ] DOE Releases Interim Report on Blackouts/Power Outages, Focus on Cyber Security 2003-11-21 Geoff Shively (gshively pivx com) The Department of Energy (http://www.energy.gov) has released a interim report on the Aug 14th power outages. http://energy.gov/engine/content.doPUBLIC_ID=11860&BT_CODE=DOEHOME&TT_CO DE=SPOTLIGHTDOCUMENT *remote terminal units (RTU) *distributed control systems (DCS) *supervisory control and data a [ more ] [ reply ] [SECURITY] Some Debian Project machines have been compromised 2003-11-21 Martin Schulze (joey infodrom org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory http://www.debian.org/security/ Some Debian Project machines compromised security (at) debian (dot) org [email concealed] November 21st, 2003 d [ more ] [ reply ] FreeRADIUS 0.9.2 "Tunnel-Password" attribute Handling Vulnerability 2003-11-21 S-Quadra Security Research (research s-quadra com) MSN messenger improper file transfer ip-address field parsing 2003-11-21 ronan o kane (hi_t3ch_ass4ssin hotmail com) Xitami Denial of Service in Handling malformed request 2003-11-21 Tri Huynh (trihuynh zeeup com) Xitami Denial of Service in Handling malformed request ================================================= PROGRAM: Xitami HOMEPAGE: http://www.xitami.com VULNERABLE VERSIONS: 2.5 and below DESCRIPTION ================================================= LiteServe is a very powerful, full-featured, o [ more ] [ reply ] [aadams (at) securityfocus (dot) com [email concealed]: Linux Kernel <= 2.4.21 MXCSR Local DOS Exploitation] 2003-11-21 David Ahmad (da securityfocus com) (2 replies) As far as I know, this bug was not discussed or exploited anywhere publicly. Also, the technique used to cause the memory copy to fail is clever and may be useful in other scenarios. ----- Forwarded message from Aaron Adams <aadams (at) securityfocus (dot) com [email concealed]> ----- From: Aaron Adams <aadams@securityfocus [ more ] [ reply ] Re: [aadams (at) securityfocus (dot) com [email concealed]: Linux Kernel <= 2.4.21 MXCSR Local DOS Exploitation] 2003-11-24 Matt Zimmerman (mdz debian org) Re: [aadams (at) securityfocus (dot) com [email concealed]: Linux Kernel <= 2.4.21 MXCSR Local DOS Exploitation] 2003-11-21 Thilo Schulz (arny ats s bawue de) RE: Router Worm? 2003-11-20 BugTrap (bugtrap intercept net) I am now seeing these as well, I believe this is something new as I have not seen this on my network until now and I've had infected welchia infected pc's. Michael -----Original Message----- From: David Gillett [mailto:gillettdavid (at) fhda (dot) edu [email concealed]] Posted At: Thursday, November 20, 2003 12:14 PM Posted [ more ] [ reply ] Remote DoS in FreeRADIUS, all versions. 2003-11-20 Alan DeKok (aland freeradius org) Application: FreeRADIUS, all versions (http://www.freeradius.org) Summary: A remote DoS, and possibly exploit, exists in all versions of the FreeRADIUS server. All users should upgrade to the latest version, as soon as it is officially release. For later announcements, see: http://www.freera [ more ] [ reply ] [securitylab.ru] EffectOffice Server 2.9 problem 2003-11-20 Alexander Antipov (antipov SecurityLab ru) Application: EffectOffice Server 2.9 Vendor: EffectOffice Vendor Site: http://www.EffectOffice.com Remote: Yes Exploitable: Yes Risk level: High Authors: D_BuG (d_bug @ bk.ru) Authors Site: http://www.securitylab.ru Description: A vulnerability identified in EffectOffice can be exploite [ more ] [ reply ] SIRCD: Anyone can set umode +o(oper). 2003-11-20 Victor Jerlin (vigge vigge fulhack nu) I recently accidentially set my own usermode to +o in SIRCD, (MODE <nick> +o), and hey! I was oper! :) Versions affected is atleast 0.5.2 och 0.5.3.. The developer has been informed about this, and I assume that it will be fixed ASAP. Here's a quick fix for those who doesnt have time to wait (at l [ more ] [ reply ] |
|
Privacy Statement |
___
. : Shell Security Advisory : .
Subject: Buffer overflow in the cable modem Thomson TCM315
Issue date: 2003 November 23
Related link: http://www.shellsec.net/leer_advisory.php?id=2
Homepage: ht
[ more ] [ reply ]