Re: A few bugs...

On Fri, Sep 17, 1999 at 02:23:48PM -0500, Tymm Twillman wrote: > - Glibc 2.1.1: > > o unsetenv() off-by-one error: > The unsetenv function in glibc 2.1.1 suffers from a problem whereby > when running through the environment variables, if the name of the > variable being unset is p

Re: MW

Hello, I posted two short write-ups on recent Internet worms I've seen in the wild (ADMw0rm and Millennium Worm). http://whitehats.com/worms/. From these previous posts it looks like someone has launched a variation of the Millennium Worm. Max Vision At 05:23 PM 9/7/1999 +0200, Adam Morrison

Re: More fun with WWWBoard

On Fri, 17 Sep 1999 05:09:38 PDT, David Weins wrote: > Since I didn't see any of this mentioned in any of the archieved WWWBoard > articles from bugtraq, I decidied to send it in. [...] Does anyone maintain a list of WWWBoard bugs? (As Matt Wright clearly isn't interested...) > If you haven't l

Security Bulletins Digest

HP Support Information Digests === o HP Electronic Support Center World Wide Web Service --- If you subscribed through the HP Electronic Supp

Re: fixing all buffer overflows --- random magin numbers

Oliver Xymoron wrote: > On Tue, 14 Sep 1999, Crispin Cowan wrote: > > The result looks like this: > > > > InterfaceImplementation > > > > Restriction * Firewalls * Bounds checking > >* TCP Wrappers

Exploit for proftpd 1.2.0pre6

Tested on Linux with standard RedHat 6.0 install (w/glibc 2.0 compatability), proftpd installed with configure/make/make install... - ftp to host - login (anonymous or no) (this should be all on one line, no spaces) ftp> ls aaa%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u%u %u%u%u%u%

Re: NAI Security Advisory - Windows IP source routing

> Windows TCP/IP stacks configured to disable IP forwarding or IP > source routing, allow specific source routed datagrams to route > between interfaces. Effectively, the Windows TCP/IP stack can > not be configured to disable IP datagrams passing between > networks if two network cards have been

Microsoft Security Bulletin (MS99-038)

The following is a Security Bulletin from the Microsoft Product Security Notification Service. Please do not reply to this message, as it was sent from an unattended mailbox. Microsoft Security Bulletin (MS99-038) -

FreeBSD Security Advisory: FreeBSD-SA-99:06.amd

-BEGIN PGP SIGNED MESSAGE- = FreeBSD-SA-99:06Security Advisory FreeBSD, Inc. Topic: remote amd

BP9909-00: cfingerd local buffer overflow

-BEGIN PGP SIGNED MESSAGE- Babcia Padlina Ltd. Security Advisory (BP-9909:00) ~~ Synopsis: Cfingerd is vulnerable to local buffer overflow attack. Vulnerable versions: Cfingerd 1.4.2 and ea

Windows IP source routing attack

see fragrouter-1.6 for an implementation of Anthony Osborne's Windows IP source routing attack, as referenced in Microsoft Security Bulletin MS99-038. http://www.anzen.com/research/nidsbench/fragrouter-1.6.tar.gz -d.