Certain versions of WebBBS by Mike Bryeans of International TeleCommunications contain a flaw in the initial login program. User supplied data via the login name and password are not bounds checked and can result in a buffer overflow. This leads a compromise of the system running WebBBS.
There is a buffer overflow in the HELO command of the smtp gateway which ships as part of the VirusWall product. This buffer overflow could be used to launch arbitrary code on the vulnerable server.
Multiple SQL Injection vulnerabilities are detected in the CLscript v3.0 Content Management System. The vulnerability allows an attacker (remote) to inject/execute own sql commands on the affected application dbms. The vulnerabilities are located in the userDetail.php, advertise_detail.php or land.php files.
The GuestBook Scripts PHP v1.5 is vulnerable to multiple web vulnerabilities. The script allows visitors to leave comments and feedback on a website. However, it has several security issues including HTML and JavaScript injections, lack of input validation, and insufficient protection against spam. These vulnerabilities can potentially lead to unauthorized access, data manipulation, and denial of service attacks.
This exploits a buffer overflow in RealServers web authentication on the administrator port. By sending a long response to the authentication request, the buffer can be overwritten and arbitrary code can be executed on the server.
This exploit takes advantage of a buffer overflow vulnerability in the remote web administration feature of Real Server software. By sending a long response to the authentication request, arbitrary code can be executed on the server.
Certain versions of the AN-HTTPd server contain default CGI scripts that allow code to be executed remotely. This is due to poor sanity checking on user supplied data.
The Avirt Mail Server 3.3a and 3.5 packages are vulnerable to a remote buffer overflow vulnerability. The buffer overflow can be initiated by passing 856 characters in the password field.
A specially crafted packet can cause a denial of service on an NT 4.0 host, rendering local administration and network communication nearly unusable. This attack will crash the 'services' executable, which in turn, disables the ability for the machine to perform actions via named pipes. As a consequence, users will be unable to remotely logon, logoff, manage the registry, create new file share connections, or perform remote administration. Services such as Internet Information Server may also fail to operate as expected. Rebooting the affected machine will resolve the issue, provided it is not attacked again.The problem lies within the manner that srvsvc.dll makes calls to services.exe. Certain MSRPC calls will return NULL values which are not correctly interpreted by services.exe. This, in turn, may lead to a crash of Services.exe.If this denial of service is combined with a number of other exploits, it may be possible to have this attack spawn a Debugger (ie Dr Watson) call on the host, which, if trojaned, may execute malicious code on the target host.
The URL Live! free webserver from Pacific software is susceptible to the "../" directory traversal vulnerability. By using the '../' string in a URL, an attacker can gain read access to files outside the intended web file structure.
Services By CQR