Archive for the ‘C’ Category
syslog-fuzzer.txt
Wednesday, April 9th, 2008
Syslog Fuzzer is a small perl script tool that is useful for testing some attack vectors against syslog servers. It has support for buffer/integer overflows and format string vulnerabilities.
silk-1.0.0.tar.gz
Wednesday, April 9th, 2008
SiLK (System for Internet-Level Knowledge) consists of two sets of tools: a packing system and an analysis suite. The packing system receives Netflow V5 PDUs and converts them into a more space efficient format, recording the packed records into service-specific binary flat files. The analysis suite consists of tools that can read these flat files and then perform various query operations, ranging from per-record filtering to statistical analysis of groups of records. The analysis tools interoperate using p
hpopenview-multi.txt
Wednesday, April 9th, 2008
HP OpenView Network Node Manager versions 7.53 and below suffer from format string, buffer overflow, and denial of service vulnerabilities.
greenbow-memory.txt
Wednesday, April 9th, 2008
TheGreenBow IPSec VPN client version 4.10.010 suffers from a vulnerability where login credentials are stored in the clear in memory.
prozilla-stats.txt
Wednesday, April 9th, 2008
Prozilla Top 100 version 1.2 suffers from an arbitrary delete stats vulnerability.
dda-insecure.txt
Wednesday, April 9th, 2008
Data Dynamics ActiveBar suffers from multiple insecure methods in Actbar3.ocx version 3.2.
CAarc-multi.txt
Wednesday, April 9th, 2008
CA Security Advisory - CA ARCserve Backup for Laptops and Desktops Server contains multiple vulnerabilities that can allow a remote attacker to execute arbitrary code or cause a denial of service condition. CA has issued updates to address the vulnerabilities. The first issue occurs due to insufficient bounds checking on command arguments by the LGServer service. The second issue occurs due to insufficient verification of file uploads by the NetBackup service. In most cases, an attacker can potentially gain
CAalert-multi.txt
Wednesday, April 9th, 2008
CA Security Advisory - CA Alert Notification Server service contains multiple vulnerabilities that can allow a remote authenticated attacker to execute arbitrary code or cause a denial of service condition. CA has issued updates to address the vulnerabilities. The vulnerabilities are due to insufficient bounds checking in multiple procedures. A remote authenticated attacker or local user can exploit a buffer overflow to execute arbitrary code or cause a denial of service.
Don Parker: Catch Them If You Can
Wednesday, April 9th, 2008
Catch Them If You Can