-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
U.S.S.R labs
Buenos Aires, Argentina
http://www.ussrback.com
Topic: Remote DoS attack against SSH Secure Shell for
Windows Servers
eal Server 7 (linux or Windows)
Real Networks Real Server Pro (linux or Windows)
Real Networks Real Server Intranet (linux or Windows)
Real Networks Real Server Plus (linux or Windows)
Real Networks Real Server Basic (linux or Windows)
Real Networks Real Server G2 1.0
THE PROBLEM
The Ussr Lab
Windows NT 4.0 Server, Enterprise Edition
Microsoft Windows 2000 Professional
Microsoft Windows 2000 Server
Microsoft Windows 2000 Advanced Server
Services Affected:
SimpTCP,
DHCPServer
FTPSvc,
LPDSvc,
BinlSvc,
TCP/IP Print Request Server.
THE PROBLEM
Ussr Labs found a heap memory problem in TCP/IP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Local / Remote DoS Attack in MERCUR WebView WebMail-Client 1.0 for
Windows 98/NT Vulnerability
USSR Advisory Code: USSR-236
Release Date:
March 16, 2000
Systems Affected:
MERCUR WebMail-Client Version 1.0 port (1080)
THE PROBLEM
UssrLabs
bs / w00w00
http://www.roses-labs.com
Advanced Security Research.
- --
- ----
Ussr labs Release the Advisory the day 25/11/1999 reporting the
BisonWare FTP Server V3.5 problem, i don
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
-
New exploit found by the securax crew on 3/3/error
for: windoze 98 maybe 95 too...
not for NT4 or win2K
When we looked at the new exploit for ie that uses the image
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Local/Remote D.o.S Attack in InterAccess TelnetD Server Release 4.0
*ALL BUILDS* for Windows95/98/WinNT Vulnerability
USSR Advisory Code: USSR-234
Release Date:
February 24 2000
Systems Affected:
InterAccess TelnetD Server 4.0 for WinNT and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Pragma Systems response to USSRLabs report
On February 22, 2000, Pragma Systems received an anonymous email
regarding a security issue reported to NT Security News, hosted by
Windows 2000 magazine, with our InterAccess TelnetD Server 4.0 for
NT. We
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Local / Remote Exploiteable Buffer Overflow Vulnerability in
InterAccess TelnetD Server 4.0 for Windows NT
USSR Advisory Code: USSR-233
Release Date:
February 22, 2000
Systems Affected:
InterAccess TelnetD Server 4.0 for Windows NT and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Windows Api SHGetPathFromIDList Buffer Overflow
To all those people who sent email to us asking for more information
about
the SHGetPathFromIDList Windows Api overflow.
Here is a more specific description about the problem. All Structure
lengths,
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Local / Remote D.o.S Attack in Super Mail Transfer Package (SMTP)
Server for WinNT Version 1.9x
USSR Advisory Code: USSR-231
Release Date:
January 13, 2000
Systems Affected:
Nosque Workshop, Super Mail Transfer Package (PORT 25) Server for
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Happy New Year! to All!!
Local / Remote GET Buffer Overflow Vulnerability in AnalogX
SimpleServer:WWW HTTP Server v1.1
USSR Advisory Code: USSR-99029
Release Date:
December 31, 1999 [5/5] (not the original one), original [5/5] will
be released
Local / Remote D.o.S Attack in CSM Mail Server for Windows 95/NT
v.2000.08.A
USSR Advisory Code: USSR-99027
Release Date:
December 29, 1999 [3/5]
Systems Affected:
CSM Mail Server for Windows 95/NT and others old versions.
Version: 2000-01A
Version: 1999-07M
Version: 1999-07I
Version:
Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt
USSR Advisory Code: USSR-99025
Release Date:
December 27, 1999 [1/5]
Systems Affected:
Rover POP3 Server V1.1 NT and possibly others versions.
About The Software:
Rover POP3 Server V1.1 NT From aVirt, is a
Local / Remote GET Buffer Overflow Vulnerability in ZBServer 1.5 Pro Edition
for Win98/NT
USSR Advisory Code: USSR-99024
Release Date:
December 23, 1999
Systems Affected:
ZBServer 1.5 Pro Edition for Win98/NT and possibly others versions.
About The Software:
ZBServer Pro Edition is a
Remote D.o.S Attack in DNS PRO v5.7 WinNT From FBLI Software Vulnerability
USSR Advisory Code:22
Release Date:
December 21, 1999
Systems Affected:
DNS PRO v5.7 and possibly others.
About The Software:
The first DNS Server for Windows NT
- Database engine five time faster.
- Tabs now work
bytes of Random
data.
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h
http://www.ussrback.com
-Original Message-
From: Tim [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, December 15, 1999 12:16 PM
To: Ussr Labs
Cc: [EMAIL PROTECTED]
Subject: Re: Local / Remote D.o.S
Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability
PROBLEM
UssrLabs found a Local/Remote DoS Attack in War FTP Daemon 1.70
the buffer overflow is caused by a Multiples connections at the same time
(over 60) in the ftp server , and some characters in the login name.
There is not
-
From: Malartre [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, December 14, 1999 8:46 PM
To: Ussr Labs
Cc: [EMAIL PROTECTED]
Subject: Re: Local / Remote D.o.S Attack in War FTP Daemon 1.70
Vulnerability
Ussr Labs wrote:
Local / Remote D.o.S Attack in War FTP Daemon 1.70 Vulnerability
I am
Remote DoS Attack in GoodTech Telnet Server NT v2.2.1 Vulnerability
PROBLEM
UssrLabs found a Remote DoS Attack in GoodTech Telnet Server NT v2.2.1,
the buffer overflow is caused by a long user name 23870 characters.
There is not much to expand on just a simple hole
Example:
Remote DoS Attack in Serv-U FTP-Server v2.5a Vulnerability
PROBLEM:
UssrLabs found a Local/Remote DoS Attack in Serv-U FTP-Server v2.5a,
The buffer overflow is caused by a bad Formed (SITE) command
For the source / binary of this remote / local D.O.S
Go to: http://www.ussrback.com/servu/
Symantec Mail-Gear 1.0 Web interface Server Directory Traversal
Vulnerability
PROBLEM
UssrLabs found a Symantec Mail-Gear 1.0 Web interface Server Directory
Traversal Vulnerability
Using the string '../' in a URL, an attacker can gain read access to
any file outside of the intended
Remote DoS Attack in WorldClient Server v2.0.0.0 Vulnerability
PROBLEM:
UssrLabs found a buffer overflow in WorldClient Server v2.0.0.0 where they
do not use proper bounds checking.
The following all result in a Denial of Service against the service in
question.
affected services:
WorldClient:
Multiples Remotes DoS Attacks in MDaemon Server v2.8.5.0 Vulnerability
PROBLEM:
UssrLabs found multiple places in MDaemon v2.8.5.0 where they do not use
proper bounds checking.
The following all result in a Denial of Service against the service in
question.
affected services:
WorldClient: Port
Remote DoS Attack in Vermillion FTP Daemon (VFTPD) v1.23 Vulnerability
PROBLEM
UssrLabs found a Local/Remote DoS Attack in Vermillion FTP Daemon (VFTPD)
v1.23,
The buffer overflow is caused by a 3 times long cwd, 504 characters,
Example:
[gimmemore@itsme]$ telnet example.com 21
Trying
Well i work in the exploit of the WordPad/riched20.dll buffer overflow, and
i have to say something bad, IT CANT BE EXPLOITABLE FOR TWO REASONS.
1: the filter of the riched20.dll, only accepts letters from "a" to "z" or
"A" TO "Z", that says you only can change the returned EIP to address from :
Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability
PROBLEM
UssrLabs found a Local/Remote DoS Attack in G6 FTP Server v2.0 (beta 4/5),
the buffer overflow is caused by a long user name, 2000 characters.
the G6FTP start to do infinites loops in the main program,and start eating
NetCPlus SmartServer3 POP 3.51.1 EXPLOIT
Problem:
The POP server that is part of the NetcPlus SmartServer3 email server has an
unchecked buffer that could allow an attacker to execute code on the server.
If the USER command is followed by an argument of over 800 characters, the
input buffer
Multiples Remotes DoS Attacks in Artisoft XtraMail v1.11 Vulnerability
PROBLEM:
UssrLabs found multiple places in XtraMail v1.11 where they do not use
proper bounds checking.
The following all result in a Denial of Service against the service in
question.
Example:
The pop3 (110) service has an
Remote DoS Attack in TransSoft's Broker Ftp Server v3.5 Vulnerability
PROBLEM
UssrLabs found a Remote DoS Attack in TransSoft's Broker Ftp Server v3.5,
the buffer overflow is caused by a long user name 2730 characters.
If TransSoft's Broker Server is running as a service the service will start
Remote D.o.S Attack in ZetaMail 2.1 Mail POP3/SMTP Server Vulnerability
PROBLEM
UssrLabs found a Local/Remote DoS Attack in ZetaMail 2.1 Mail POP3/SMTP
Server,
the buffer overflow is caused by a long user name/password, 3500 characters.
There is not much to expand on just a simple hole
Eserv 2.50 Web interface Server Directory Traversal Vulnerability
Product:
Eserv/2.50 is the complete solution to access Internet from LAN:
- Mail Server (SMTP and POP3, with ability to share one mailbox
on the ISP, aliases and mail routing support)
- News Server (NNTP)
- Web Server (with
FTGate Version 2.1 Web interface Server Directory Traversal Vulnerability
Product:
FTGate Version 2.1
FTGate has many advanced features including:
- Proxy Support , Kill List , Advanced delivery options, Logging ,
Address Mapping-
- Domain Aliases, File import , Full Multithreading, HTML
33 matches
Mail list logo
