A problem with the network software used with the Symmetra Uninterruptable Power Supply manufactured by American Power Conversation Corporation (APC) can allow a denial of service to the system, thus preventing administrative access. This problem is due to the handling of the telnet protocol by the firmware of the power supply. The system does not support more than one telnet session at a time, and when it encounters three failed login attempts, discontinues access for a configurable period between 1 and 10 minutes.
A remote user can cause a denial-of-service condition in Orange Software Orange Web Server by submitting a specially crafted GET request via a telnet connection to cause the server to crash. A restart of the server is required to gain normal functionality.
SunFTP is a freeware FTP server written by Rasmus J.P. Allenheim and associates for the Windows platform. SunFTP contains a vulnerability that may allow FTP users to compromise the server. Users may be able to upload or retrieve files from outside the protected FTP-root directory. This could allow, for example, users to place trojan horse programs on the system and gain control. Using this vulnerability to retrieve a file from outside the FTP-root (sunftptest.txt): ftp> get ../sunftptest.txt 200 Port command successful. 150 Opening data connection for ../sunftptest.txt. 226 File sent ok Using this vulnerability to place a file on the target filesystem outside the FTP-root (../autorun.bat): ftp> put Lokale Datei c:est.txt Remotedatei ../autorun.bat 200 Port command successful. 150 Opening data connection for ../autorun.bat. 226 File sent ok
A vulnerability in the versions of IOS 11.x and 12.0 could allow unauthorized access to certain configuration variables within a Cisco device. The ILMI SNMP Community string allows read and write access to system objects in the MIB-II community group. These configuration parameters do not affect the normal operation of the device, although if changed, can cause confusion or lead to a social engineering attack. It is possible for a malicious remote user to change configuration objects within the MIB-II Community, and rename the system, change the location name in the system, and/or the contact information for the system.
FtpQX is a ftp daemon designed to provide ftp services for Microsoft Operating Systems. It is maintained and distributed by Datawizard Technologies. A problem in the software could allow access to restricted resources. Due to insufficient input checking, it is possible to retrieve files outside of the ftp root directory. By preappending dots to a GET request, it is possible to traverse directories above the ftp root directory, and retrieve any known file. This makes it possible for a malicious user with access to the ftp server to gain access to sensitive information, including password files stored on the server.
WebReflex is a software package designed to operate a HTTP server off a cdrom, providing web hosting on Microsoft Windows systems. A problem with the software could allow a denial of service to legitimate users. By issuing an excessively long HTTP GET request to the web server, the server becomes unstable and exits with a General Protection Fault. It may also be possible to execute arbitrary code, although this claim is unverified.
Exploit based on LSD's solsparc_snmpxdmid.c. Exploit a simple overflow and return to the heap avoiding NX stacks.
Atrium Software Mercur Mail Server 3.3 contains an unchecked buffer for the EXPN command which may lead to a denial of service attack or execution of arbitrary code depending on the data entered. If a remote attacker were to telnet to the SMTP server and enter an overly long string of random characters following the EXPN command, the remote target would crash. The execution of arbitrary code is possible if a carefully crafted string that overwrote the EIP was entered into the buffer. The attacker would be able to perform virtually any action on the remote system under the context of the LocalSystem account.
There is a buffer overflow in elm 2.5 PL3. This overflow is accessible by passing a long string to the -f (Alternative-Folder) command-line option. This vulnerability may not be restricted to this version of elm.
A problem with the ASX-1000 Switches developed by Marconi Corporation could allow a management denial of service. The problem occurs in the handling of arbitrary packets with both the SYN-FIN flags set, and fragments. By sending packets of this nature, the services listening on the switch enter close_wait status, and do not reset until the port is reset or the switch is power cycled.
Services By CQR