The following is a Security Bulletin from the Microsoft Product Security
Notification Service.
Please do not reply to this message, as it was sent from an unattended
mailbox.
Microsoft Security Bulletin (MS99-060)
-
/*
Quake War Utils 1.1 - 1999 - By Sgi
This 'exploit' use the ugly Quake 1 UDP protocol.
When i send the 'conection Request' to the quake server, they will
reponse with tons of UDP's packets. And if the ip already conected. they
will be kicked from the game.
Functions:
1)
<<>>
>Here's the interesting bit: Modify the URL by removing the *.html file. Now
>you can browse the directory structure of the web server. Go to the
>/com/novell/webaccess directory and what do we find? The webacc.cfg file.
>The file actually contains the version of the server, Novell paths,
did you actually saw it crash or it just froze.
We did some testing like that and we found that GRoupeWise froze
but eventually came back .
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 21, 1999 5:12 AM
To: [EMAIL PROTECTED]
Subject: Re: Gro
On Tue, 21 Dec 1999, Dagmar d'Surreal wrote:
> IPV4 PACKET FORWARDING -- Should not be on by default
Above is true for Slackware 4.0
(...)
> RP_FILTER -- Probably incorrect assumption
> --
> Just below the section that turns on IP forwarding is a sectio
Ipswitch doesn't seem to get the point. This scheme is is only slightly
different than their old one(for version 4.X) which I released an advisory
about many months ago.
-steven
- Original Message -
From: Matt Conover <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, December 20
This vulnerability exists on the Enterprise Web Server.
Brian
>>> Raymond Dijkxhoorn <[EMAIL PROTECTED]> 12/20/99 02:29PM >>>
Hi!
> 1. The help argument in GWWEB.EXE reveal full web path on the server
> 2. anyone can read a .htm file on the system with the GWWEB.EXE and the HELP
> argument.
>
Hi,
during the exploiting process.. the final step as instructed by the auther
doesn't work
ftp> get "--use-compress-program=sh blah".tar
or
ftp> get "--use-compress-program=sh blah".tar
instead is gives a warning of permission denied!
in case of anon ftp logging
___
With the proliferation of these types of backdoors, is there any way to
prevent your 'r00t3d' box from being backdoored?
A simple approach for Linux would be something like this:
At boot, compile the list of modules that are 'known good' (for the sake
of argument, it's the /lib/modules/x.y.z), t
>What version running on what OS and what Web Server please.
>
>did you actually saw it crash or it just froze.
>
>Version of GW? Version of WebAccess? Web Server=?
>
AFAIK - after a query to IT services , version 3.5
netcraft reports 'Netscape-Enterprise/3.5-For-Netware on Netware'
No - I didn
Netscape 4.7 stores passwords in preferences.js even
if you never ever even once tell it 'remember passwords',
and even if its a fresh install of 4.7 (the solaris install I tested
on has never seen any other version of Netscape).
I thought I was loosing it with people pointing out that this didnt
On Wed, 22 Dec 1999, Mariusz Woloszyn wrote:
> "Disabled by default"! I noticed Patrick Volkerding long time before
> Slackware 7 (as soon as I found it in 4.0).
>
BTW: I got a replay (long time ago -- Fri, 16 Jul 1999) from Patrick
saying:
"You might want to report this to the kernel developer
Elias,
I would appreciate if you could post this information to bugtraq, if
appropriate (with or without the attachement, to conserve bandwidth). If
not, please ignore. If there is another list on securityfocus for which
these anouncements are more appropriate, please redirect it or let me know.
The buffer overflow problem in notes as mentioned by Alain Thivillion can be
worked around if you don't use cgi-scripts at all, or are prepared to do a
bit of work for all the scripts that are on the server.
The procedure (Lotus Notes knowledgebase) :
-
The workaround in v
Greetings,
OVERVIEW
Several holes in the Solaris 2.7 SPARC/x86 dmispd daemon will allow
malicious users to do various DoS attacks and probably more.
BACKGROUND
I've only tested 2.7 with the latest patches as of this writing.
dmispd is the "DMI service provider".
I would appreciate if som
I would check with Alan on the SYN cookies, iirc, there is a good reason why
SYN cookies are not turned on by default. In 2.3.x it is not turned on by
default in the kernel compile and again must be explicitly enabled in /proc
after adding it to the kernel.
According to the Configure.help:
If
>- If remote attacks are possible, how can the money:
> protocol be turned off in Web pages and Email
> messages, but still have Microsoft Money work
> properly?
>
In HKEY_CLASSES_ROOT any immediate subkey (eg HKCR\callto) that has a "URL
Protocol" value can be launched from IE
Raymond Dijkxhoorn wrote:
>
> As far as i know the Novell webserver is no longer in development and the
> new ones were builded under the 'Novonyx' flag Novell/Netscape.
Novell is not supporting its old web server product for Y2K, while the
Netscape Enterprise Server for NetWare 4 & 5 is avai
IE 5.01 vulnerabilities in external.NavigateAndFind()
Disclaimer:
The opinions expressed in this advisory and program are my own and not
of any company.
The usual standard disclaimer applies, especially the fact that Georgi
Guninski
is not liable for any damages caused by direct or indirect use
On Tue, 21 Dec 1999, Steve Reid wrote:
>Wmmon is a popular program for monitoring CPU load and other system
>utilization. It runs as a dockapp under WindowMaker.
>
>The FreeBSD version of this program has a feature that can be trivially
>exploited to gain group kmem in recent installs, or user ro
Tim Adams wrote:
>
> Here's the interesting bit: Modify the URL by removing the *.html file. Now you can
>browse the directory structure of the web server. Go to the /com/novell/webaccess
>directory and what do we find? The webacc.cfg file. The file actually contains the
>version of the ser
-snip-
>UnixWare read/modify users' mail (/var/spool/mail)
> This is also not applicable on OpenServer. OpenServer's >equivalent
>is /usr/spool/mail which has 1777 perms (world-writable, but >sticky
>so only owner can delete files). The local delivery agent
Greetings,
OVERVIEW
Anyone can gain remote root access to a UnixWare 7.1 system by exploiting
a vulnerability in the i2odialogd daemon. This daemon is installed and
running by default.
BACKGROUND
I've only tested UnixWare 7.1. OpenServer doesn't feature this particular
daemon, so it is not v
23 matches
Mail list logo