Coolsoft PowerFTP <= v2.24 Denial of Service (Linux Source)

Coded for fun.. I had nothing else to code and had nothing else to do. :P I coded it cause Armand released C source that wuz for Windows. Enjoy, --p0pt4rtz /*uNF!uNF!uNF!uNF!uNF!uNF!uNF!uNF!uNF!uNF!uNF!uNF!uNF!uNF! *uNF! * PowerFTP Denial of Se

Re: phpBB2 Showing users ip adresses

In-Reply-To: <[EMAIL PROTECTED]> If anyone wanted to get board readers/posters IP addresses on any phpBB (and most other bulletin boards), another easy way would be to simply set up your profile with an off-site avatar. I.e. in the “Link to off-site Avatar:” box on the profile page, type i

Long URL causes TelCondex SimpleWebServer to crash

Hi! I've found a vulnerability in TelCondex SimpleWebServer 2.06.20817 Build 3128 (tested on Windows XP Professional). It could be that prior versions are also affected. It's possible to crash the web server application with a long URL (starting from 539 Chars)[1]. You'll see a popup message on

Security vulnerabilities in Polycom ViaVideo Web component

advisory @ prophecy.net.nz - 06/09/02 About - The Polycom Webserver is a component of 'ViaVideo' which can be found at: http://www.polycom.com/resource_center/0,1408,493,00.html Affected Versions - Polycom ViaVideo 2.2 Polycom ViaVideo 3.0 Problem #1: Buffer overflow in

Symantec Enterprise Firewall Secure Webserver info leak

Advanced IT-Security Advisory #02-10-2002 http://www.ai-sec.dk/ Issue: == Symantec Enterprise Firewall Secure Webserver info leak Problemdescription: === There exists a problem in Simple, secure webserver 1.1 which is shipped with Raptor Firewall 6.5 (among others), in whi

Multiple Symantec Firewall Secure Webserver timeout DoS

Advanced IT-Security Advisory #01-10-2002 http://www.ai-sec.dk/ Issue: == Multiple Symantec Firewall Secure Webserver timeout DoS Problemdescription: === There exists a problem in "Simple, secure webserver 1.1" which is shipped with numerous Symantec firewalls, in which an

SuSE Security Announcement: Heartbeat (SuSE-SA:2002:037)

-BEGIN PGP SIGNED MESSAGE- __ SuSE Security Announcement Package:heartbeat Announcement-ID:SuSE-SA:2002:037 Date: Monday,

Pyramid Research Project - atphttpd security advisorie

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -=- SECURITY ADVISORY PYR/\MID, Research Project - 101002 Members: Apm, flea, thread Title: ATP HTTP Daemon v0.4b Buffer Overflow Aut

[RHSA-2002:194-18] Command execution vulnerability in dvips

- Red Hat, Inc. Red Hat Security Advisory Synopsis: Command execution vulnerability in dvips Advisory ID: RHSA-2002:194-18 Issue date:2002-09-04 Updated on:2002-10-08 Product:

J2EE EJB privacy leak and DOS.

Hi, I've contacted Sun twice about this, and they've not responded to me. The EJB security model associates roles with users, and controls their access to object methods based on those roles. Where the object is a stateful session object, any user can access it, provided they have the necessa

Pyramid Research Project - ghttpd security advisorie

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -=- SECURITY ADVISORY PYR/\MID, Research Project - 100702 Members: Apm, flea, thread Title: GazTek HTTP Daemon v1.4-3 Buffer Overflow

GLSA: sendmail

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - GENTOO LINUX SECURITY ANNOUNCEMENT - - PACKAGE        :sendmail SUMMARY        :smsrh bypass vulnerabilites

[SECURITY] [DSA 174-1] New heartbeat packages fix buffer overflows

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -- Debian Security Advisory DSA 174-1 [EMAIL PROTECTED] http://www.debian.org/security/ Martin Schulze October 14th, 2002

Directory traversal in Daniel Arenz' Mini Server

Hi! There is a directory traversal flaw in Daniel Arenz' Mini Server 2.1.6 (tested on Windows XP Professional). It could be that prior versions are also affected. It's possible to show every by the web server readable file on the target system by using one of the following URLs: http://192.168.

Researcher seeking 'phage' and other security mailing list archives

I am a researcher constructing a history of computer security digests for which I have so far made positive steps in recovering copies of various 1980s mailing lists and locating key protagonists. You are welcome to view the work in progress at http://securitydigest.org. I am trying to locate

ECHU Alert #3 : Meunity 1.1 script injection vulnerability

-- | Meunity 1.1 script injection vulnerability | -- PROGRAM: Meunity Community System VULNERABLE VERSIONS: all IMMUNE VERSIONS: none SEVERITY: really high Tested version == Meunity Community S

GLSA: net-snmp

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - GENTOO LINUX SECURITY ANNOUNCEMENT - - PACKAGE        :net-snmp SUMMARY        :Denial of service DATE      

GLSA: heimdal

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - GENTOO LINUX SECURITY ANNOUNCEMENT - - PACKAGE : heimdal SUMMARY : remote command execution EXPLOIT : remote

GLSA: nss_ldap

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - GENTOO LINUX SECURITY ANNOUNCEMENT - - PACKAGE        :nss_ldap SUMMARY        :Buffer overflow DATE        

Input requested for second edition of "Firewalls and Internet Security"

We've just about finished the draft manuscript for the second edition of "Firewalls and Internet Security" (this time by Bill Cheswick, Steve Bellovin, and Avi Rubin). Given the tremendous change in the market (including both the prevalence of commercial firewalls and widespread easy access to op

CALL FOR PAPERS - SANTA DIED LAST YEAR

Dear BQ moderator, please forward this CFP to the list. [-]=[-] , , / \ . , / \ |/\ \ |\_,_/| / /\| TELL SANTA TO FSCK OFF - PHRACK MAGAZINE || \ |.-" "-.| / || IS BRINGING THE