Hashcash Malformed Reply Address Format String

Network Security News – Tuesday, March 08, 2005 Events

Hashcash Malformed Reply Address Format String

HashCash contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when a format string in the way HashCash handles the "From:" Email header occurs. It is possible that the flaw may allow remote system access resulting in a loss of confidentiality, integrity, and/or availability.. Read more at osvdb.org/14566

Crystal FTP Client LIST Remote Overflow

The Crystal FTP client contains a buffer overflow that allows a malicious FTP server to execute arbitrary code on the client computer. The client fails to properly check the bounds of LIST responses from the server.. Read more at osvdb.org/12494

Chaser Large Nickname Remote Overflow

A remote overflow exists in Chaser. Chaser fails to handles a large nickname of a player resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service resulting in a loss of availability.. Read more at osvdb.org/14567

lukemftp FTP Client PASV Overflow

The lukemftp FTP client contains a buffer overflow that allows a malicious FTP server to execute arbitrary code on the client computer. The client fails to properly check the bounds of PASV commands sent by the server.. Read more at osvdb.org/5112

nftp FTP Client Server Response String Overflow

The nftp FTP client contains a buffer overflow that allows a malicious FTP server to execute arbitrary code on the client computer. The client fails to properly check the bounds of responses returned by the server.. Read more at osvdb.org/11099

PBLang delpm.php Arbitrary Private Message Deletion

PBLang contains a flaw that may allow a malicious user to delete arbitrary personal messages. The issue is triggered when an attacker sends a specially crafted URL to the server running PBLang with the personal message id and user name of an arbitrary message to delete passed in as parameters to the delpm.php script. It is possible that the flaw may allow a malicious user to delete arbitrary messages resulting in a loss of integrity.. Read more at osvdb.org/14360

Prishtina FTP Client Site Banner Overflow DoS

Prishtina FTP client contains a flaw that may allow a remote denial of service. The issue is triggered by receiving a long banner from an FTP server and will result in the FTP client crashing.. Read more at osvdb.org/8156

Yahoo! Messenger Offline Mode Status Remote Buffer Overflow Vulnerability

Yahoo! Messenger is a freely available chat client distributed and maintained by Yahoo! It is available for the Apple Mac OS and Microsoft Windows platform.It has been …. Read more at securityfocus.com/bid/12750?ref=rss

Nokia Series 60 BlueTooth Remote Denial Of Service Vulnerability

The Series 60 Operating System (OS) is an embedded operating system that is based on the Symbian OS. Series 60 supports multiple communication protocols including Bluetoo…. Read more at securityfocus.com/bid/12743?ref=rss

Oracle Database 8i/9i Multiple Remote Directory Traversal Vulnerabilities

Oracle Database server is reported prone to multiple directory traversal vulnerabilities that may allow a remote attacker to read, write, or rename arbitrary files with t…. Read more at securityfocus.com/bid/12749?ref=rss

Hosting Controller Multiple Information Disclosure Vulnerabilities

Hosting Controller is an application that consolidates all hosting tasks into one interface. Hosting Controller runs on Microsoft Windows operating systems. Hosting Con…. Read more at securityfocus.com/bid/12748?ref=rss

Samba Directory Access Control List Remote Integer Overflow Vulnerability

Samba is a freely available file and printer sharing application maintained and developed by the Samba Development Team. Samba allows file and printer sharing between ope…. Read more at securityfocus.com/bid/11973?ref=rss

Re: Gene6 FTP Server Local Privilege Escalation Vulnerability

Sender: Matthieu [gene6 at gene6 dot com]. Read more at securityfocus.com/archive/1/392567?ref=rss

UnixWare 7.1.4 : squid updated package fixes several security issues

Sender: [please_reply_to_security at sco dot com]. Read more at securityfocus.com/archive/1/392563?ref=rss

UnixWare 7.1.4 : Samba multiple security issues

Sender: [please_reply_to_security at sco dot com]. Read more at securityfocus.com/archive/1/392556?ref=rss

Hosting Controller Multiple Unauthenticated information disclose

Sender: small mouse [small dot mouse at gmail dot com]. Read more at securityfocus.com/archive/1/392557?ref=rss