CA Security Advisory - Multiple vulnerabilities exist in BrightStor ARCserve Backup that can allow a remote attacker to cause a denial of service, execute arbitrary code, or take privileged action.
b570156ca875e160d5434e5fb72b11c5eEye Security Advisory - Windows VDM #UD Local Privilege Escalation. Describes in more detail but with different terminology the "shatter" attacks corrected by MS04-032, and also discussed in a paper by Brett Moore.
18ef69a018824f10c0a4a7a20f297046eEye Security Advisory - A critical vulnerability has been discovered in the PAM component used in all current ISS host, server, and network device solutions. A routine within the Protocol Analysis Module (PAM) that monitors ICQ server responses contains a series of stack based buffer overflow vulnerabilities. If the source port of an incoming UDP packet is 4000, it is assumed to be an ICQ v5 server response. Any incoming packet matching this criterion will be forwarded to the vulnerable routine. By delivering a carefully crafted response packet to the broadcast address of a network operating RealSecure/BlackICE agents an attacker can achieve anonymous, remote SYSTEM access across all vulnerable nodes.
89bb0e2f36e4df086c28ec3597fcec82eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in both RealSecure and BlackICE. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code within the SYSTEM context. This attack will succeed with BlackICE using its most paranoid settings.
cf58862e37b168562457080264c01a9deEye Security Advisory - Zonelabs Pro/Plus/Integrity versions 4.0 and above are susceptible to a stack based buffer overflow within vsmon.exe that can be exploited to execute code with the context of the SYSTEM account. The vulnerability exists within the component responsible for processing the RCPT TO command argument.
2cb205821b026ed7fc8c0f56c3bd9e22eEye Security Advisory - eEye Digital Security has discovered a second critical vulnerability in Microsoft's ASN.1 library (MSASN1.DLL) that allows an attacker to overwrite heap memory with data he or she controls and cause the execution of arbitrary code. ASN.1 is an industry standard used in a variety of binary protocols, and as a result, this flaw in Microsoft's implementation can be reached through a number of Windows applications and services. Ironically, the security-related functionality in Windows is especially adept at rendering a machine vulnerable to this attack, including Kerberos (UDP/88) and NTLMv2 authentication (TCP/135, 139, 445).
26ef179631af5d137184078e5afc6cc1eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in Microsoft's ASN.1 library (MSASN1.DLL) that would allow an attacker to overwrite heap memory on a susceptible machine and cause the execution of arbitrary code. Because this library is widely used by Windows security subsystems, the vulnerability is exposed through an array of avenues, including Kerberos, NTLMv2 authentication, and applications that make use of certificates (SSL, digitally-signed e-mail, signed ActiveX controls, etc.).
c0156c394d63b5b3a7acf625bcfe9775Macromedia Shockwave Flash Malformed Header Overflow #2 - Macromedia Flash Player versions less than 6.0.65.0 allows remote code execution via HTML email and web pages. Fix available here.
07549f1260ac92979135ce5c2094d948EEye Security Advisory - During a review of the PNG image format implemented in Microsoft Windows, pngfilt.dll, serious vulnerabilities were discovered related to the interpretation of PNG image data. The more serious bug is a heap overflow which can be exploited to execute code when the malicious PNG image is viewed. IE 5.01-6.0 is vulnerable, along with the IE web control for Outlook, Access 2000, Backoffice, Microsoft Visual Studio .NET 2002, Office 2000, Office XP pro, Project 2002 Professional, Publisher 98, SNA Server 4.0, SQL Server 7.0, Visio 2002, Visual Basic .NET Standard 2002, Visual C, Visual C++ .NET Standard 2002, Visual FoxPro 7.0, Visual Studio 6.0, Windows 2000, Windows 95, Windows 98, NT, and XP. Microsoft advisory is ms02-066.
3b5ca24a44ef397fc091de50f829969cEeye Advisory - IIS 4.0 and 5.0 for Windows NT and 2000 contain a remotely exploitable heap overflow which allows remote code execution. The bug is in transfer chunking in combination with the processing of HTR request sessions.
ea8f14baaf628a0cd4ada641dee287e5A buffer overflow vulnerability has been found by eEye in the parameter handling of the MSN Messenger OCX and can allow remote code execution on affected systems.
dab68a66eea534a0ee7170655c80810bMacromedia Flash ActiveX Buffer overflow - Flash ActiveX Ocx Version 6, revision 23 and below contains a remotely exploitable buffer overflow which leads to the execution of attacker supplied code via email, web or any other avenue in which Internet Explorer is used to display html that an attacker can supply. All users of Internet Explorer are potentially vulnerable.
c83384ba183e2468cf217f2727105e1fIISHack 1.5 attempts to remotely exploit a local buffer overflow in the IIS 4.0 and 5.0 .asp file parsing mechanism using the unicode bug, resulting in remote system access.
0e93fe3c0957a33b823f033e90abec56A buffer overflow has been discovered in the IIS 4.0 and 5.0 .asp file parsing mechanism. When IIS reads a malformed .asp file, code can be executed to take control of the local server as system. This can be exploited remotely by combining with the unicode bug or by paying for a web hosting account.
d2a02a73dd955eb0972499805b4f0632IIS FTP Exploit/DoS Attack - Buffer Overflow in 3.0 and 4.0 versions of IIS results in Denial of Service attacks and possibility of remote execution of code.
eeca972f4cf1d65bc333ef4b5df5b3c9Detailed description of the Brain File used to uncover the eEye NT4+IIS4 URL buffer overflow remote exploit.
8b5cc8a34ba6773971ecd60efbe0e4f0Details about how and why the eEye NT4+IIS4 URL buffer overflow remote exploit hole was exploited and released.
ad5ca07e7344c147a9081189d10e58ebGeneral description of the eEye NT4+IIS4 URL buffer overflow remote exploit.
0a21ec62341dc80786a2b555b20e9090asm source code for the eEye NT4+IIS4 URL buffer overflow remote exploit. Use with one of the ncx* files.
07ae897571aca1155192358535cf0530Executable eEye NT4+IIS4 URL buffer overflow remote exploit program. Use with one of the ncx* files.
c5a177c806c380caded35902f26f348aHacked netcat-based trojan used to exploit the eEye NT4+IIS4 URL remote buffer overflow - gain remote control over NT servers with this backdoor.
b60dfd35dd34cb7a38470e181962b361Hacked netcat-based trojan used to exploit the eEye NT4+IIS4 URL remote buffer overflow (for use on port 99) - gain remote control over NT servers with this backdoor.
885e74a43b4f7caec3cfb4dba0787de4The actual Brain File used by Retina to uncover the IIS4 URL buffer overflow.
56d9bd9decb9ceb77393b821cd6651d2Security hole in Windows NT 4 web servers running IIS allows remote attacker to execute arbitrary code. Detailed exploit description, four exploit scripts (2 perl, 2 C), VB app fix, Microsoft advisory, CERT advisory, more.
6c6a426509d8785a6ee08bb7a8ba82f0Complete package of the eEye NT4+IIS4 URL buffer overflow remote exploit advisory and code. Includes: retina.vs.iis4-round2.txt, retina.vs.iis4-round2-the.brain.txt, retina.vs.iis4-round2-the.exploit.txt, brain.ini, iishack.asm, iishack.exe, ncx.exe, ncx99.exe.
d49298a0e3ebc80e3fcf01b8cc71159f
© 2012 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed
