Wireshark DNP3 Dissector Infinite Loop Vulnerability

eration\n"; } sub usage { print "usage: $0 [-hHPt]\n"; print "-h\t: this help message\n"; print "-H\t: override default host - $host\n"; print "-P\t: override default port - $port\n"; print "-t\t: set socket timeout in seconds\n"; exit 0;

TFTPD32 Directory Traversal Vulnerability

xploit: Getting files: tftp host GET /boot.ini Storing files: tftp host PUT myfile /boot.ini ADDITIONAL INFORMATION The information has been provided by <mailto:[EMAIL PROTECTED]> SecurITeam Experts. -- Aviram Jenik Beyond Security Ltd. http://www.BeyondSecurity.com http://www.SecuriTeam.co

TFTPD32 Buffer Overflow Vulnerability (Long filename)

et::INET->new(Proto => "udp") or die "Socket error: $@\n"; $ipaddr = inet_aton($host) || $host; $portaddr = sockaddr_in($port, $ipaddr); send($socket, $buf, 0, $portaddr) == length($buf) or die "Can't send: $!\n"; print "Now, '$host' sho

Outlook Express Remote Code Execution in Preview Pane (S/MIME)

Outlook Remote Code Execution in Preview Pane (S/MIME) Article reference: http://www.securiteam.com/windowsntfocus/6D00B005PU.html SUMMARY The S/MIME standard attempts to raise the level of trust of email messages by enab

BearShare Directory Traversal Issue Resurfaces

has been provided by <mailto:[EMAIL PROTECTED]> Gluck and <mailto:[EMAIL PROTECTED]> Mario Solares. -- Aviram Jenik Beyond Security Ltd. http://www.BeyondSecurity.com http://www.SecuriTeam.com Know that you're safe: http://www.AutomatedScanning.com

Webmin Vulnerability Leads to Remote Compromise (RPC CGI)

Reference: http://www.securiteam.com/unixfocus/5CP0R1P80G.html Webmin Vulnerability Leads to Remote Compromise (RPC CGI) SUMMARY Webmin is a web-based interface for system administration for L

A Serious Security Vulnerability Found in BearShare (Directory Traversal)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com SUMMARY BearShare is a Windows file sharing program from Free Peers, Inc. that lets you, your friends, and everyone in the

DoS in Eicon ISDN Modem is now fixed

m/exploits/Eicon_s_ISDN_Modem_is_vulnerable_to_a_Den ial-of-Service_attack.html ----- Aviram Jenik SecuriTeam http://www.securiteam.com

Re: ActiveX Buffer Overruns and BSTR's

ping is done. This means that if COM wrapped the BSTR correctly (which is what we're assuming right now) the overflow can only occur when you extract the BSTR into a smaller buffer. I believe you have to be pretty stupid to do that (BSTR includes its own size,

Re: ActiveX Buffer Overruns

ugh to hold the string. The COM architecture has nothing to do with this buffer overflow (on the contrary: it makes it very difficult for programmers to create buffer overflows. But I guess some are talented enough to bypass this difficulty ;-) ) ----- Aviram Jen

Palm Hotsync vulnerable to DoS attack

ied of this, and promised that the next release of the Hotsync manager will be fixed. Our full advisory can be found at: http://www.securiteam.com/exploits/ Palm_HotSync_Manager_is_vulnerable_to_Denial_of_Service_attack.html (NOTE: URL wrapped) ----- Aviram Jenik SecuriTeam http://www.SecuriTeam.com