-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
---
PROGENY SERVICE NETWORK -- SECURITY ADVISORY PROGENY-SA-2001-13
---
Synopsis:
On Sun, 06 May 2001, Ofir Arkin wrote:
The first ICMP Echo request sent from the Microsoft NT 4 based machine was
sent with IP ID of 28416. The second ICMP Echo request was sent with IP ID
value of 28672. Simple calculation will show a gap of 256 between the IP ID
field values.
And some
On Sat, May 05, 2001 at 11:21:55PM -0700, Ofir Arkin wrote:
RFC 791 gives a description about the IP Identification field.
...
The first ICMP Echo request sent from the Microsoft NT 4 based machine was
sent with IP ID of 28416. The second ICMP Echo request was sent with IP ID
value of 28672.
This is mostly an FYI for everyone on this list, as I assume everyone
reading emails on this list has already patched themselves if they were
vulnerable - running ISS 5. While this issue had been made very well known
to those who actually admin servers / networks, there are still those who
call
On Sat, 5 May 2001, Ofir Arkin wrote:
With the implementation in many operating systems, the Kernel is increasing
the IP ID field value by 1, from one packet to the next.
There is something much more interesting about non-random incrementing IP
ID numbers: you can use such operating systems
-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: Updated nedit packages available
Advisory ID: RHSA-2001:061-02
Issue date:2001-04-27
Updated on:2001-05-08
Product:
Winamp 2.74 doesnt seem to be affected by the bug
(although I thought it would be), only 2.60 - 2.73
are affected, the AIP file format is some format
invented by AudioSoft to provide a legal way to get
MP3's from the net. AIP files or AudioSoft parameter
files seem to contain weakly encrypted
I found yet another bof condition in the ASX VERSION
tag : an *.ASX file with the contents :
ASX VERSION=AAA ... AAA
crashes MPLAYER 6.4 in dxmasf.dll...
greetz,
[ByteRage] [EMAIL PROTECTED]
http://elf.box.sk/byterage
REVELATION:
HREF attribute of BANNER tag can be abused to
Yes, this vulnerability has been patched a few weeks ago, anyway here is
another exploit for it.
venomous
http://www.rdcrew.com.ar
/* remote exploit for linux/x86 - cfingerd = 1.4.3
* coded by venomous of rdC - 16/apr/01
*
* Its just a common formatstring bug using syslog() incorrectly.
Strumpf Noir Society Advisories
! Public release !
--#
-= Denicomp REXECD/RSHD Denial of Service Vulnerability =-
Release date: Thursday, May 3, 2001
Introduction:
Denicomp's REXECD and RSHD products are ports of their counterparts
on Unix-based systems, allowing the use of the rcp, rsh and
Hi all!!
I tried all 3 exploit's that can be found.
First what I did is trying webexplt.pl which reported
IIS servers vulnerable.
After that I tried iishack2000 which did place eeye's txt
file in C:\
Than I tried jill with nc and it
1. Is there any current way of exploiting this vulnerability when
there is no scripting or execution allowed?
I do not think so. Fault is placed in particular ISAPI extension
msw3prt.dll, which by default is run by means of script mapping. If mapping
for this DLL is not configured, it will
Vulnerabilty in TYPsoft FTP server v0.95
Overview:
TYPsoft FTP Server is a freeware ftp server available from
http://typsoft.n3.net .
Affected systems:
FTP server v0.95 - 0.93 and probably prior versions for
Windows 95/98/NT/2000/ME
-BEGIN PGP SIGNED MESSAGE-
-
Debian Security Advisory DSA-055-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Wichert Akkerman
May 8, 2001
-
-BEGIN PGP SIGNED MESSAGE-
-
Debian Security Advisory DSA-054-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Wichert Akkerman
May 7, 2001
-
15 matches
Mail list logo