USSR Advisory #34 - Local/Remote D.o.S Attack in InterAccess Telnet Server Release 4.0 (All Builds) Windows95/98/WinNT. The code that handles the Terminal client configurations to the Telnet server in the connection procedure contains a buffer overflow, causing Telnetd to crash.
bb5bc854bda426299e0c6345acc7fe8cInterAccess Telnet Server Release 4.0 DoS exploit - Windows executable.
7019cce14f26c3809e74407624a8d7cfInterAccess Telnet Server Release 4.0 DoS exploit - Windows source code.
21be79e8d0e15b85a060de721f1badbaUSSR Advisory #33 - InterAccess Telnetd 4.0 for Windows NT has a remotely exploitable buffer overflow at the login: prompt.
563425a9ee8f3aa7803c5df7743d05b6Windows Api SHGetPathFromIDList Buffer Overflow - All Structure lengths, or Length of string, can be a modified or altered and cause whatever handles the shortcuts to crash.
a3a29cb02126932cf421ecfb3aa2942cServ-u FTP-Server v2.5b for Win9x/WinNTFTP-Server v2.5b will crash if you upload a malformed link file and type the ftp command LIST, due to overflow in Windows API SHGetPathFromIDList.
f0259e7812e7f973d7dc26e04e04b040A memory leak exists in the Super Mail Transfer Package for Windows NT that may cause an NT host to stop functioning and/or need to be rebooted. DoS exploit description included.
1f323c42a552bfecf7ec058be4736b63Local / Remote D.o.S vulnerability has been discovered in IMail IMONITOR Server for WinNT Version 5.08. The status.cgi script takes up too much CPU time, if you run status.cgi lots of times, the server will crash.
8dad027ca19cadb9d2e4b31e5a502d5fLocal / Remote GET Buffer Overflow Vulnerability in AnalogX SimpleServer:WWW HTTP Server v1.1. Windows 95 is confirmed vulnerable, possibly other platforms.
bfcb87fe0f3a982d6ba231788b36c004The Savant Web Server V2.0 Win9X / NT / 2K and possibly other versions has a buffer overflow caused by a NULL Character in the parsing Get Command routine.
37c609c30feae7aea4e588a1b42dfc9fLocal / Remote D.o.S Attack in CSM Mail Server for Windows 95/NT v.2000.08.A and other older versions. Possibly exploitable.
884e327248c64268b3d38a83f6df6395CamShot is a Windows 95/98/NT web server that serves up web pages containing time stamped images captured from a video camera. The images can be viewed from anywhere on the network with a web browser. UssrLabs found a Local / Remote Buffer overflow, The code that handles GET commands has an unchecked buffer that will allow arbitrary code to be executed if it is overflowed.
d69851af4fe78c129d5c6e50d73308cfLocal / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt. Source / Binary for exploit here.
38e52c5c3607f0cd918cfd6604e7b858Remote exploit for ZBServer 1.5 Pro Edition for Win98/NT. Source code. Binary available here.
65ebf12ae6f7c64fbe4f59b31d967299[w00giving #11] An exploitable buffer overflow was found in ZBServer 1.5 Pro Edition for Win98/NT. The code that handles GET commands has an unchecked buffer that will allow arbitrary code to be executed if it is overflowed. Source / Binary for the exploit available here.
a06e657a5b2fed874e163f0081266eebRemote DoS attack discovered in DNS Pro 5.7 for Windows NT, caused by over 30 connections to port 53 at the same time.
99df5cc1dd61bba111e3876cea3acb6aInfoseek Ultraseek 3.1 for NT contains an exploitable remote buffer overflow. Versions 2.1 through 3.1 are confirmed vulnerable. Patch available here.
d448c63f0dbd3925b86b67e39247a696UssrLabs found a Local/Remote DoS Attack in War FTP Daemon 1.70 the buffer overflow is caused by a Multiple connections at the same time.
1fa2b0fdb03f7a59fd456c4d5542e6c2Microsoft Internet Explorer 4.x and 5.x - Frame Loop Vulnerability. By creating an endless loop of frames, it is possible to create a malicious webpage that when visited by an IE user all of their system resources are devoured and depending on the system its probable that the machine will crash and reboot itself. Exploit code included.
a7788b4d0249eb17375d1a6adcbbc8e0UssrLabs found a Remote DoS Attack in GoodTech Telnet Server NT v2.2.1, the buffer overflow is caused by a long user name of 23870 characters.
f6136542409d03d377475544ed42a85bSymantec Mail-Gear 1.0 Web interface Server Directory Traversal Vulnerability. Example included.
eb91520100b44195cf2c486b42fae145UssrLabs found a Local/Remote DoS Attack in BisonWare FTP Server V3.5. The buffer overflow is caused by a long user name, 2000 characters. Source / Binary for DoS attack here.
8e7b88c4be31f6623cb5265d9376ee13UssrLabs found a buffer overflow in WorldClient Server v2.0.0.0 where they do not use proper bounds checking on WorldClient TCP Port 2000. Denial of service exploit available.
e7cd861e30878a7551f4a0936bcc69a0Multiple remote DoS vulnerabilities have been found in the MDaemon 2.8.5.0 server. Binary / Source for this MDaemon Server v2.8.5.0 Denial of Service here.
6e5f9fa57f03d986e57c7fa7ec0f307dThe Vermillion ftp daemon (VFTPD) version 1.23 has a remote DOS attack. Example included.
691f3143b178a8ef00f3f09fd47c60bb
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed