6 bytes small DoS-Badget-Game shellcode.
2175a0ea2479fae266085584f5edd85fUSSR Advisory USSR-2001001 - The Windows SSH server (sshd) v2.4 is vulnerable to a denial of service attack. It can not handle more than 64 simultaneous connections. Fixed in v2.5.
6f7d2103ddf5cd7250c6dfc9dddf2f19USSR Advisory #58 - The 1st Up Mail Server v4.1 contains a buffer overflow in a long "mail from:" tag which can result in denial of service. Fix available here.
c9ef8f54b753f84c0e129653d746aa46USSR Advisory #57 - An buffer overflow vulnerability has been discovered in the Microsoft System Monitor ActiveX control which can be exploited in Internet Explorer, Outlook, or Outlook Express running on Windows 2000. Demonstration available ms00-085 addresses this issue.
d7992cefd633163d42e975e1578f9cfbUSSR Advisory #56 - The Ultraseek search engine v3.1 and 3.1.10 is vulnerable to a denial of service attack on many platforms.
53ee69b76056ba21719b37761275acd1USSR Advisory #55 - A buffer overflow has been discovered in HyperTerminal which can cause arbitrary code from a HTML mail message to be executed via a telnet: URL, as described in here.
78e5e95fd4f4bacc79bc8616c97323e1USSR Advisory #54 - TransSoft's Broker FTP Server versions prior to v4.3.0.1 contains a buffer overflow which results in denial of service. Fix available here.
816250b0fb72f98902f3b0373014f4d0USSR Advisory #53 - Malformed Embedded Windows Media Player 7 "OCX Attachment" Vulnerability. The USSR Team has found a problem in the Windows Media Player 7 ActiveX control, which could be used in a denial of service attack against RTF-enabled e-mail clients such as Outlook 2000 and Outlook Express.
06dfbf213f68be2321c46e728d82b239Analogx.pl is a Local / Remote GET Buffer Overflow dos exploit for AnalogX SimpleServer:WWW HTTP Server v1.1. Based on USSR Advisory #29.
8c96c7c57e3dffd4c72a43bd2894485bUSSR Advisory #52 - Clarification. To clear up a few comments about USSR Advisory #52. One regarding the DoS against Iris 1.01 "BETA", and the other regarding "in this case Eeye".
cd4ba8091e57b1c091ee9009c57be8f6USSR Advisory #52 - The Ussr Team has found a problem in Eeye IRIS 1.01, There is a heap memory buffer overflow in IRIS 1.01 that causes not only this network sniffing program to crash, but also to take system resources up to 100% usage, until it crashes. The vulnerability arises after sending multiple udp connection to random ports on the host that IRIS or SpyNet CaptureNet is running.
30038b65ebfc2b99bc930cbe5db66655Advisory #50 - An exploitable buffer overflow has been found in all versions of Microsoft Outlook. The vulnerability could enable a malicious sender of an e-mail message with a malformed header to cause and exploit a buffer overrun on a user's machine. The buffer overrun could crash Outlook Express, Outlook e-mail client, or cause arbitrary code to run on the user's machine. The danger in this vulnerability is that the buffer overrun would occur even if the user does not open or preview the e-mail message.
eef7d696c7e59151fd534ff6d409a07dMicrosoft Outlook remote exploit - Tested on Outlook Express 5.0, Outlook 2000, Outlook 97.0, and Outlook 98. Includes Unix Perl version and windows source / binary. The included shellcode causes the victim computer to visit http://www.ussrback.com.
d5b13a892c0ca5085cae1d74bcd10376USSR Advisory #49 - Remote dos attack in WircSrv IRC Server v5.07s. A malformed request to port 6667 will cause the process containing the services to stop responding. Perl exploit included.
d768580e163a042d0003caa8aac51d92LocalWEB HTTP Server v. 1.20 remote dos attack - Sending a malformed URL to port 80 causes a buffer to be overflow resulting in a denial of service. Includes perl exploit.
82aeb64543a3df7a40b91f7d9dde6ec0USSR Advisory #47 - Remote dos attack in the Small HTTP Server ver. 1.212. Sending a malformed URL to port 80 will cause the proccess containg the services to stop responding.
44029fda905d96308dfd06af397c3bdfUSSR Advisory #46 - Remote dos attacks in the Dragon Server v1.00 and v2.00. Long FTP usernames cause the service to crash.
a79c978553bedb59e30e4aea3937e0f3USSR Advisory #45 - Remote dos attack in AnalogX SimpleServer v1.05. A malformed URL sent to port 80 will cause the proccess containg the services to stop responding.
4640badf23b187126e9ef620e79752d1USSR Advisory #44 - Network Assosciates PGP Certificate Server v2.5.0 and 2.5.1 for Windows and Solaris has a denial of service vulnerability. Connecting to the PGP Certificate Server Command Port (TCP port 4000 default) from a host without a DNS name causes the process containing the services to crash, causing this message to be displayed.
937e18d0f36251c2ef932b55b14d5e8dUSSR Advisory #43 - Remote dos attack against Real Networks Real Server version 7, 7.01, and G2 1.0. Sending malformed packets to the RealServer HTTP port (default 8080) will cause the service to stop responding. Exploit URL included. Affects Windoows NT/2000, Solaris 2.x, Linux, Irix, Unixware, and FreeBSD.
840b40693ba117badc34d7d40ef574cdUSSR Advisory #42 - HP Web JetAdmin remote denial of service attack. HP Web JetAdmin Version 6.0 for Windows NT / 2000 has a heap overflow. Sending a malformed URL the JetAdmin service which runs on port 8000 will cause it to stop responding.
c7fd48d073f937695c75cb38c2314d78USSR Advisory #41 - HP Web JetAdmin web interface server directory traversal vulnerability. HP Web JetAdmin Version 5.6 for Windows NT and 2000 (tcp port 8000) allows an attacker to read any file outside of the intended web-published filesystem directory. Exploit URL included.
f3e13959dca7e909eb46e99af864f024USSR Advisory #40 - Remote DoS attack in Microsoft IIS 4.0 & 5.0 - Malformed Extension Data in URL Vulnerability. The Ussr Labs Team has recently discovered a memory problem in IIS. Performing an attack with specially-malformed information extension data in the URL will cause the server to slow or stop.
8c911dadd41d6460b2a7c67c1ef1db73USSR Advisory #39 - Remote DoS attack in CASSANDRA NNTPServer v1.10 from ATRIUM SOFTWARE Vulnerability. The Ussr Labs Team has recently discovered a buffer overflow problem in the CASSANDRA NNTPServer v1.0. Performing an attack, with excessive login information on Port 119, can cause the process containg the services to stop responding.
887d7bd3766599aba5125bbf1c6e856cUSSR Advisory #38 - Remote DoS attack in Real Networks Real Server. The Ussr Labs team has recently discovered a memory problem in the RealServer 7 Server. By sending specially-malformed information to port 7070 the proccess containg the service will die.
4bae04fb4a5cfe73a5bb4d570af306ec
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed