SAINT (Security Administrator's Integrated Network Tool) is an updated version of SATAN, designed to assess the remote security of computer networks. Features include scanning through a firewall, frequently updated security checks, 4 levels of vulnerability severity, and a feature rich HTML interface.
acfb8dc42f242b154922991a4c583d3ce494aa79fcf0ee43a2e647bf2ddfec86The NAPTHA dos vulnerabilities (Revised Edition - Dec 18) - The naptha vulnerabilities are weaknesses in the way that TCP/IP stacks and network applications handle the state of a TCP connection.
c292602620f5df846e547c83d8ca52048ace27d17ccb5b270d8f412c29746e7cOpenBSD Security Advisory - A one byte buffer overflow bug in ftpd(8) allows remote attackers to execute arbitrary code as root provided they can create a directory.
0dbdf75b4723fe8bfe9ab6d31f303c851e38ba61ac63eb3664deef47a6b5ed86Voyant Technologies Sonata Conferencing Software v3.x on Solaris 2.x comes with the setuid binary doroot which executes any command as root.
66e1e97f64c7220d0c49571196c3c0b688f31aa0b1d4177776bcaca25289e18fOmni httpd v2.07 and below remote denial of service exploit. Combines a shell script from sirius from buffer0vefl0w security with a bugtraq report from Valentin Perelogin.
4d3154c89c3ecd6fc2094b5e325fa6c37806583f8e2045d1e514e145f3c09e7bRed Hat Security Advisory - New slocate packages are available for Red Hat Linux 6.x and Red Hat Linux 7. These fix a heap overflow in the database parsing code of slocate allowing group slocate access.
9ef88c164fb6814d053efbaecb132a8bed3a64a0558c53ee57f3796cba96c540Defcom Labs Advisory def-2000-04 - Bea WebLogic Server for Windows NT prior to V5.1.0 (sp7) has a remotely exploitable buffer overflow in the handling of URL's which start with two dots. Arbitrary code can be executed as LocalSystem. Fix available here.
1c0de5ec329656e24655156e39a44ee2e64f733317110e581319f00cbc00b4baDefcom Labs Advisory def-2000-03 - MDaemon 3.5.0 for Windows NT and 2000 contains a remote denial of service vulnerability due to some problems handling buffers within the IMAP and webconfig services.
7b99f2952cca90165759bc8794ad6cf6d5f6f1cd26cb446ccebb1b66b11b240eRed Hat Security Advisory - Bad TCP packets (e.g. a SYN packet with kind=3, len=0) over a PPP-over-Ethernet link could lock up rp-pppoe, making it vulnerable to a remote denial of service attack.
4f1fe9966d6cf70c97c2b8b494b85e06c41e213cd709a98b257807d891031a5ePatch for GnuPG v1.04 to fix the signature verification vulnerability which can easily lead to false positives.
81673aa4b233497ea537475462b2a2d09fdd7a1b1b86e3fd833f5e1c7b3b3ba7Red Hat Security Advisory - When importing keys from public key servers, GnuPG will import private keys (also known as secret keys) in addition to public keys. If this happens, the user's web of trust becomes corrupted. Additionally, when used to check detached signatures, if the data file being checked contained clearsigned data, GnuPG would not warn the user if the detached signature was incorrect. Updated GnuPG packages are available for Red Hat 6.x and 7.x.
a3d7a469d62f08607589d4d684c30cde65da46296d86d4bf17374486f4d6ffb7NetBSD Security Advisory 2000-017 - A one-byte remote buffer overrun has been found in the ftp daemon which is believed to allow remote attackers to gain root access. A bad bounds check was found in the replydirname() function.
e0ab5c31958bafa483ecd3f408d2edbd579e570fd1a7c4b75e395e24680f2190NetBSD Security Advisory 2000-017 - Kerberised telnetd and libkrb contain exploitable local root bugs. There were two problems - first, telnetd allowed the user to provide arbitrary environment variables, including several that cause programs to behave differently. There was also a possible buffer overflow in the Kerberos v4 library.
e2ca278f746dd9a252a1141d30648c61f4059f12835a666a65c72466f7ff53b7Red Hat Security Advisory - When invoked in daemon mode (that is, without the -l or -f flags), stunnel will attempt to log its process ID to a file in the /var/stunnel directory, which does not exist. This errata changes the default directory used for PID files to /var/run.
0a182e09569679f9691a22b66cc4510f387b1bc75c377fbebc37fdc213c6d47fThe Korn Shell (ksh) uses temp files in an insecure manner. Demonstration included.
46bf095b3af47f5a39cd2ce0d8c077e482095e3d43d2cc6b15980c73f2114313Infinite InterChange is a Win95/98/NT/2k mail server which has a remote denial of service vulnerability where it can be caused to crash via a malformed post request. This has been fixed in Infinite InterChange v3.61.
559ea8e4a462900c2ff37f454cf8826455a86a72a81384b69ee480184c46eb97
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed