Symantec Vulnerability Research SYMSA-2006-003 - Cisco Secure ACS 3.x for Windows stores passwords for administrative users in the registry. The passwords are encrypted using the Crypto API Microsoft Base Cryptographic Provider version 1.0. Along with the passwords, ACS also stores the key used to encrypt the information.
0becbb60b8417095fc88231c381bfd70Atstake Security Advisory A073103-1 - Three vulnerabilities exist in the McAfee Security ePolicy Orchestrator Server and Agent that allow an attacker to anonymously execute arbitrary code.
eaa57e9ee28759a45c62cf606144ccb5Atstake Security Advisory A072303-3 - By sending a specially crafted message to the local LPC port for Microsoft SQL Server, it is possible to overwrite information stored on the stack. This would allow an attacker to execute code under SQL Server's credentials thereby escalating privileges. This would then allow the user to read and write access to the database files. If the SQL Server is running under the Administrator or Local System account this would enable system compromise.
c0863db9db0f348cca07e5e8a49600c9Atstake Security Advisory A072303-2 - By sending a large request to a named pipe used by the Microsoft SQL Server, an attacker can render the service unresponsive. Under some circumstances, the host has to be restarted to recover from this situation.
5c20ea51f88f02fef72b548ecfedeb50Addition to Atstake Security Advisory A070803-1 clarifying that the named pipe vulnerability discussed lies within the Windows NT/XP/2000 platform and that SQL Server 7.0 can be used as an attack vector along with potentially many other applications.
dca4cd50185a12094680ba89d4e7e425Atstake Security Advisory A070803-1 - By specifying the name of a named pipe instead of a file, as an argument to Microsoft SQL Server's xp_fileexist extended stored procedure, one can impersonate the user account Microsoft SQL Server is running under. This is due to the behavior of the CreateFile system call and Windows named pipe impersonation. This is not limited to Microsoft SQL Server, but a system wide problem.
03b80c464a9be7e2fabaa4a546652611Atstake Security Advisory a102802-1 - The Oracle9iAS Web Cache contains two denial of service vulnerabilities that can be triggered remotely by sending specially crafted HTTP requests. The denial of service issues, which affect version 9.0.2.0.0 for Windows NT/2000 and XP, result in an immediate crash of the service. Oracle released a security advisory for this vulnerability. This advisory can be found here.
89e8742a8f5ef59e9dd916b6987f7ad5Atstake Security Advisory A080802-1 - WS_FTP server v3.1.1 for Windows NT/2000/XP contains a buffer overflow that allows remote users to execute code when they change their password. Since the WS_FTP Server is running as a service, an attackers code will be executing as SYSTEM.
305ff1ef2bd047188e5966a0f5a349cd
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed