LigerTeam, strongly propose inserting of
solution code before the computing of flag
variable.
flag = flags 0x3f;
The more robust fix is to systematically test for TCP flags by masking
to the value being tested. For example:
#define TEST_FLAGS(flags, mask) (((flags) (mask)) ==
Georgi Guninski security advisory #7, 2000
Wordpad vulnerability, exploitable also in IE for Win9x
Disclaimer:
The opinions expressed in this advisory and program are my own and not
of any company.
The usual standard disclaimer applies, especially the fact that Georgi
Guninski is not liable for
Hello,
I could find out the denial of service effected to iPlanet
Web Server, Enterprise Edition 4.1 on Linux 2.2.5(Redhat6.1J;
Kernel 2.2.12).
When I tried to send the request "GET" of seven hundred times
your product consumed all memory resouce and karnel paniced.
The size of GET command to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
All versions of the publicly available MMDF prior to version
2.44.b4 are vulnerable. The version of MMDF distributed with SCO
OpenServer was found to be vulnerable, and NAI's advisory was based
on this information.
The latest stable version is 2.44
Hello!
PRODUCT
---
The Sambar Server is a multi-threaded HTTP, FTP and
Proxy server for Windows NT and Windows 95.
AFFECTED VERSIONS
-
All version of Sambar server running under Windows NT 4.0 and
Windows 2000. Windows 98 version is vulnerable.
VULNERABILITY DESCRIPTION
[EMAIL PROTECTED] said once upon a time (Tue, 22 Feb 2000):
I would like to clarify some aspects from the Elias post regarding
Microsoft signed software. The fact that anybody could install MS
signed software using Active Setup component in not very important.
The issue is : MS can silently
Alert: Multiple vulnerabilities with Outblaze-based e-mail providers
Date: February 16, 2000
Author: .sozni
Overview
By using authentication strings in the URL after logging in to a mailbox,
Outblaze-powered e-mail accounts are left vulnerable to unauthorized
The following is a Security Bulletin from the Microsoft Product Security
Notification Service.
Please do not reply to this message, as it was sent from an unattended
mailbox.
Microsoft Security Bulletin (MS00-012)
On Mon, Feb 21, 2000 at 02:36:17PM -0800, Vern Paxson wrote:
LigerTeam, strongly propose inserting of
solution code before the computing of flag
variable.
flag = flags 0x3f;
Otherwise you are still vulnerable to attackers setting legitimate flags
in bogus combinations, such as
On Mon, 21 Feb 2000 out of nowhere LigerTeam spoke:
~ :The flag value Each one correspond to 1 bit,
~ :but it have unused 2 bit.
~ :
~ :|unused|unused|URG|ACK|PSH|RST|SYN|FIN|
~ :
~ :Understanding of the very problem is simple.
not new. These bits have been already used by queso fingerprints
Sp00n,
Sorry to rain on your parade but I'm sure this has been reported some
time back. This is the default operation for Sun's licensing but
you can solve this easily.
While the file is there you don't need to be root to install licenses.
The GlobeTrotter website (www.globetrotter.com), who
Hello,
As a lot of people asked me information on the unsecure win2k pro
installation process, we wish to bring further information on this
vulnerability.
All these tests have been made and checked with Denis Ducamp and
Alain Thivillon, 2 serious security experts.
What we have done :
1.
I don't recall this being reported before...
When booting into single user with redhat 6.0, it prompt you for
the root password (maintenance mode) just like solaris does.
Unlike Solaris, pressing ^C drops you straight to a "bash#" prompt.
I imagine this has since been fixed...
With the re-occurrence of this unused TCP flags fiasco, I am getting off my
ass and releasing a tool to stress test IP stacks, firewall rulesets,
firewall resilience and IDS implementations.
ISIC - 0.05 (IP Stack Integrity Check)
Crafts random packets and launches them. Can fix or randomize
At 05:15 PM 2/22/2000 -0500, Mullen, Patrick wrote:
From the Snort Portscan module
(http://www.clark.net/~roesch/security.html)
spp_portscan.c:
/* Strip off the reserved bits for the testing, but flag
that a scan is being done.
*/
th_flags_cleaned = th_flags ~(R_RES1 |
At 04:35 PM 2/22/2000 +, you wrote:
I would like to clarify some aspects from the Elias post
regarding Microsoft signed software.
With this in mind...I really wish that a favorite Win98 utility of mine,
98Lite, would get some more airtime. (http://www.98lite.net) This latest
stab in the back
16 matches
Mail list logo