Eeye Advisory - The "SQL Sapphire" worm is spreading quickly among unpatched Microsoft SQL Server 2000 pre SP 2 systems on the internet with are accessible over port 1434 udp. Includes a detailed analysis of the worms payload.
f427e8b507867589bbb319c87afdaf10Eeye Advisory - Both Macromedia Coldfusion 6.0 and Macromedia JRun 4.0 along with their prior versions are vulnerable to various heap overflows when handling URI filenames larger than 4096 bytes..
96c49895bf1c59575ac05118b0c5a19aEeye Security Advisory - iPlanet Web Server 4.1 and 6.0 contains a remotely exploitable heap overflow in the transfer chunking which allows remote code execution as SYSTEM/root on all platforms.
feeb456c7bf3b188ab42fe1ea8d631d8Eeye Advisory - All versions of Macromedia Shockwave Flash for Windows and Unix contains remotely exploitable overflows in the handling of SWF files. Since this is a browser based bug, it makes it trivial to bypass firewalls and attack the user at his desktop. Also, application browser bugs allow you to target users based on the websites they visit, the newsgroups they read, or the mailing lists they frequent.
af33f52e07dc5c95dbd4080da3918e89Eeye Advisory - The NAI PGP Outlook plug-in in NAI PGP Freeware 7.0.3, PGP Personal Security 7.0.3, and PGP Desktop Security 7.0.4 contains a remotely exploitable heap overflow which can lead to code execution. NAI patch available here.
d8fde3c414e5e9014e6948ac46ea8627Eeye Advisory - IIS 4.0 and 5.0 for Windows NT and 2000 contain a remotely exploitable heap overflow which allows remote code execution. The bug is in transfer chunking in combination with the processing of HTR request sessions.
ea8f14baaf628a0cd4ada641dee287e5A buffer overflow vulnerability has been found by eEye in the parameter handling of the MSN Messenger OCX and can allow remote code execution on affected systems.
dab68a66eea534a0ee7170655c80810bMacromedia Flash ActiveX Buffer overflow - Flash ActiveX Ocx Version 6, revision 23 and below contains a remotely exploitable buffer overflow which leads to the execution of attacker supplied code via email, web or any other avenue in which Internet Explorer is used to display html that an attacker can supply. All users of Internet Explorer are potentially vulnerable.
c83384ba183e2468cf217f2727105e1fEeye Security Advisory - Windows 2000 IIS 5.0 Remote buffer overflow vulnerability (Remote SYSTEM Level Access). Affects Microsoft Windows 2000 Internet Information Services 5.0 + Service Pack 1. The vulnerability arises when a buffer of aprox. 420 bytes is sent within the HTTP Host: header for a .printer ISAPI request. Successful attacks are not logged in the IIS access logs.
ae90cf7e855b551b48ca2f993f313ef4A buffer overflow has been discovered in the IIS 4.0 and 5.0 .asp file parsing mechanism. When IIS reads a malformed .asp file, code can be executed to take control of the local server as system. This can be exploited remotely by combining with the unicode bug or by paying for a web hosting account.
d2a02a73dd955eb0972499805b4f0632eeye.98-10-01.ie4_custom_folders
1415ebcb4147bdd4c8b0fb87d74023dceeye.99-01-24.iis.ftp.dos
acfeda35ad23cdacd558946fac9f46f3eeye.99-02-02.ws_ftp
e64a9f5c2615f24cc70089b83e3d01a3eeye.99-02-04.slmail
4db5130c85257288764a5327dd9e7ec8eeye.99-02-20.mdaemon_dos
9e818090081d9cc17fe347470bd0e8d9eeye.99-02-21.mercur_mail
5013a8cc335a8029f3feb6251c95921feeye.99-02-22.wingate
ca0a59f19e16a49971833f0b3d1504f2eeye.99-03-01.imail
bd7908a2d9e26ff9feea37423cc24e8eeeye.99-05-26.mult_web_interface
b95e8a5447bf2528ebc3e21e9db98c51eeye.99-06-08.iis_remote
24e45cff48869c9cc8d3b747983e0687
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed