###
Luigi Auriemma
Application: Sielco Sistemi Winlog
http://www.sielcosistemi.com/en/products/winlog_scada_hmi/
Versions: = 2.07.16
Platforms:Windows
Bugs
###
Luigi Auriemma
Application: Samsung devices with support for remote controllers
http://www.samsung.com
Versions: current
Platforms:the vulnerable protocol is used on both
###
Luigi Auriemma
Application: Serv-U (FTP)
http://www.serv-u.com
Versions: = 11.1.0.3
Platforms:Windows, Linux
bug B should affect only some Windows versions
###
Luigi Auriemma
Application: 3S CoDeSys
http://www.3s-software.com/index.shtml?en_CoDeSysV3_en
Versions: = 3.4 SP4 Patch 2
Platforms:Windows
Bugs: A] GatewayService
###
Luigi Auriemma
Application: Siemens SIMATIC WinCC flexible (Runtime)
http://www.automation.siemens.com/mcms/human-machine-interface/en/visualization-software/wincc-flexible/wincc
###
Luigi Auriemma
Application: Siemens Automation License Manager
http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfolang=ensiteid=cseusaktprim=0extranet
###
Luigi Auriemma
Application: Cytel Studio: StatXact / LogXact / CrossOver
http://www.cytel.com/Software/StatXact.aspx
http://www.cytel.com/Software/LogXact.aspx
###
Luigi Auriemma
Application: GenStat
http://www.vsni.co.uk/software/genstat/
Versions: = 14.1.0.5943
Platforms:Windows
Bugs: A] array overflow with write2
###
Luigi Auriemma
Application: NCSS (aka NCSS 2007)
http://www.ncss.com/ncss.html
Versions: = 07.1.21
Platforms:Windows
Bug: array overflow with write2
Exploitation
###
Luigi Auriemma
Application: PcVue
http://www.arcinfo.com/index.php?option=com_contentid=2Itemid=151
Versions: PcVue = 10.0
SVUIGrd.ocx = 1.5.1.0
###
Luigi Auriemma
Application: Sunway ForceControl
http://www.sunwayland.com.cn/pro.asp
Versions: = 6.1 sp3 with AngelServer and WebServer updated
Platforms:Windows
Bugs
###
Luigi Auriemma
Application: Microsoft WINS service
http://www.microsoft.com
Versions: = 5.2.3790.4520
Platforms:Windows
Bug: arbitrary memory corruption
everything is correct although not much
detailed.
If there will be enough interest in these sectors I will release new
vulnerabilities in the next weeks.
---
Luigi Auriemma
http://aluigi.org
###
Luigi Auriemma
Application: BroadWin WebAccess Client
http://broadwin.com/Client.htm
Versions: bwocxrun.ocx = 1.0.0.10 (aka version 7.0)
Platforms:Windows
Bugs
###
Luigi Auriemma
Application: Sybase Adaptive Server
http://www.sybase.com/products/databasemanagement/adaptiveserverenterprise
Versions: = 15.5
Platforms:Solaris, Windows
###
Luigi Auriemma
Application: HP OpenView Communication Broker
http://www8.hp.com/us/en/software/enterprise-software.html
Versions: ovbbccb.exe = 11.0.43.0
Platforms:Windows
###
Luigi Auriemma
Application: foobar2000
http://www.foobar2000.org
Versions: = 1.1.7
Platforms:Windows
Bug: integer overflow
Date: 03 Jul 2011
Author
###
Luigi Auriemma
Application: Winamp
http://www.winamp.com
Versions: = 5.61
Platforms:Windows
Bugs: A] in_midi Controller messages heap overflow
B
###
Luigi Auriemma
Application: Sybase Adaptive Server
http://www.sybase.com/products/databasemanagement/adaptiveserverenterprise
Versions: = 15.5
Platforms:Solaris, Windows
###
Luigi Auriemma
Application: Winamp
http://www.winamp.com
Versions: = 5.61
Platforms:Windows
Bugs: A] vp6 heap corruption
B] h263 heap corruption
###
Luigi Auriemma
Application: Sybase Advantage Server
http://www.sybase.com/products/databasemanagement/advantagedatabaseserver
Versions: = 10.0.0.3
Platforms:Windows
###
Luigi Auriemma
Application: Microsoft HTML Help
http://www.microsoft.com
Versions: = 6.1
Platforms:Windows (any version included the latest Windows 7)
Bug: stack
like the crashing and
the freezing of the services with CPU at 100%:
http://aluigi.org/adv/snabase_1-adv.txt
---
Luigi Auriemma
http://aluigi.org
of
the vendors.
---
Luigi Auriemma
http://aluigi.org
you guys have some potential issues, here they are!!!
I have done it in the exact moment that I have uploaded my advisories on
my website making anyone aware of the problems, included the same
vendors that now can fix them.
---
Luigi Auriemma
http://aluigi.org
/realwin_7-adv.txt
http://aluigi.org/adv/realwin_8-adv.txt
---
Luigi Auriemma
http://aluigi.org
###
Luigi Auriemma
Application: RealPlayer
http://www.real.com
Versions: = 14.0.1.633
Platforms:Windows, Macintosh OSX, Linux, Symbian, Palm
Bug: heap overflow
###
Luigi Auriemma
Application: Microsoft Fax Cover Page Editor
http://windows.microsoft.com/en-US/windows-vista/Create-or-edit-a-fax-cover-page
Versions: = 5.2.3790.3959
###
Luigi Auriemma
Application: Unreal engine
http://www.unrealtechnology.com
Versions: the games which have been tested and resulted vulnerable
are Unreal
###
Luigi Auriemma
Application: Unreal engine
http://www.unrealtechnology.com
Versions: almost any game which uses the Unreal engine is affected
###
Luigi Auriemma
Application: Ventrilo
http://www.ventrilo.com
Versions: = 3.0.2
Platforms:Windows, Linux i386, Solaris SPARC, Solaris x86, FreeBSD
i386
###
Luigi Auriemma
Application: Halo: Combat Evolved
http://www.microsoft.com/games/pc/halo.aspx
Versions: = 1.0.7.0615 (before 30 Jul 2008)
Platforms:Windows
Bugs
###
Luigi Auriemma
Applications: America's Army
http://www.americasarmy.com
Versions: = 2.8.3.1
Platforms:Windows (tested), Linux and Mac
Bug: server termination due
###
Luigi Auriemma
Application: Unreal Tournament III
http://www.unrealtournament3.com
Versions: = 1.2 and 1.3beta4
Platforms:Windows (tested), Linux, PS3 and Xbox360
Bugs
###
Luigi Auriemma
Application: Unreal Tournament 2004
http://www.unrealtournament2003.com/ut2004/index.html
Versions: = v3369
Platforms:Windows and Linux
Bug: NULL
###
Luigi Auriemma
Application: ZDaemon
http://www.zdaemon.org
Versions: = 1.08.07
Platforms:Windows and Linux
Bug: NULL pointer
Exploitation: remote, versus server
###
Luigi Auriemma
Application: SĂ–LDNER - Secret Wars
http://www.secretwars.net
http://soldner.jowood.com
Versions: = 33724
Platforms:Windows
Bug
Version 1.7 of CoD4, released yesterday, is vulnerable too.
---
Luigi Auriemma
http://aluigi.org
###
Luigi Auriemma
Application: Call of Duty 4: Modern Warfare
http://www.callofduty.com
Versions: = 1.6
Platforms:Windows (tested) and Linux
Bugs: A] Attempted
###
Luigi Auriemma
Application: World in Conflict
http://www.worldinconflict.com
Versions: = 1.008
Platforms:Windows
Bug: NULL pointer
Exploitation: remote, versus
###
Luigi Auriemma
Application: Crysis
http://www.ea.com/crysis/home.jsp
Versions: = 1.21 (1.1.1.6156 showed as gamever)
Platforms:Windows
Bug: NULL pointer
###
Luigi Auriemma
Application: Skulltag
http://www.skulltag.com
Versions: = 0.97d2-RC2
Platforms:Windows, Linux and FreeBSD
Bug: loop during the parsing
###
Luigi Auriemma
Application: S.T.A.L.K.E.R.: Shadow of Chernobyl
http://www.stalker-game.com
Versions: = 1.0006
Platforms:Windows
Bug: Denial of Service
by the same vendor (Double-Take, not HP).
---
Luigi Auriemma
http://aluigi.org
in zlib.
---
Luigi Auriemma
http://aluigi.org
###
Luigi Auriemma
Application: HP OpenView Network Node Manager
http://www.openview.hp.com/products/nnm/
Versions: = 7.53
Platforms:Windows (tested), Solaris, Linux, HP-UX
Forget the yesterday's advisory, the setup didn't installed the 7.53
patches from the ISO and so I was working on an old version.
The following is a new vulnerability tested on 7.53:
http://aluigi.org/adv/closedview-adv.txt
---
Luigi Auriemma
http://aluigi.org
###
Luigi Auriemma
Application: HP OpenView Network Node Manager
http://www.openview.hp.com/products/nnm/
Versions: = 7.53
Platforms:Windows (tested), Solaris, Linux, HP-UX
###
Luigi Auriemma
Application: LANDesk Management Suite
http://www.landesk.com/products/ldms/index.aspx
Versions: = 8.80.1.1
Platforms:Windows
Bug: directory
###
Luigi Auriemma
Application: 2X ThinClientServer
http://www.2x.com/thinclientserver/
Versions: = v5.0_sp1-r3497
(TFTPd.exe = 3.2.0.0)
Platforms:Windows
Bug
###
Luigi Auriemma
Application: IBM solidDB
http://www.solidtech.com/en/products/relationaldatabasemanagementsoftware/embed.asp
Versions: = 06.00.1018
Platforms:Windows
###
Luigi Auriemma
Application: ASUS Remote Console
http://www.asus.com/999/html/share/9/icon/9/index.htm#asmb3
Versions: = 2.0.0.24
Platforms:Windows
Bug: buffer
###
Luigi Auriemma
Application: xine-lib
http://xinehq.de
Versions: = 1.1.11
Platforms:Linux, *BSD, Solaris, Irix, MacOSX, Windows and others
Bugs: A] heap-overflow
-of-concept was built just to test
this specific buffer-overflow and in fact it works on the new VLC version
too without modifications 8-)
Instead the SVN version was and is patched from 10 months as I wrote in
my old advisory:
http://aluigi.org/adv/vlcboffs-adv.txt
---
Luigi Auriemma
http
###
Luigi Auriemma
Application: McAfee Framework
(implemented in McAfee ePolicy Orchestrator 4.0
http://www.mcafee.com/us/enterprise/products/system_security_management
###
Luigi Auriemma
Application: pt360 Tool Suite PRO
http://www.packettrap.com/product/index.aspx
Versions: = 2.0.3901.0
Platforms:Windows
Bug: Denial of Service
###
Luigi Auriemma
Application: Remotely Anywhere Server and Workstation
http://www.remotelyanywhere.com
Versions: = 8.0.668
Platforms:Windows
Bug: NULL pointer
###
Luigi Auriemma
Application: Acronis PXE Server
http://www.acronis.com/enterprise/products/snapdeploy/
Versions: = 2.0.0.1076
Platforms:Windows
Bugs: A] directory
###
Luigi Auriemma
Application: Timbuktu Pro Remote Control Software
http://www.netopia.com/software/products/tb2/
Versions: = 8.6.5 [RC 229]
Platforms:Windows
###
Luigi Auriemma
Application: ASG-Sentry
http://www.asg-sentry.com
Versions: = 7.0.0
Platforms:Windows and Unix
Bugs: A] arbitrary files deleting
B
###
Luigi Auriemma
Application: Acronis True Image Group Server
http://www.acronis.com/enterprise/products/ATIES/group-server.html
Versions: = 1.5.19.191
(included
###
Luigi Auriemma
Application: Acronis True Image Windows Agent
http://www.acronis.com/enterprise/products/ATIES/windows-agent.html
Versions: = 1.0.0.54
(included
###
Luigi Auriemma
Application: Argon Client Management Services
http://www.argontechnology.com/product.aspx/cid1/43
Versions: = 1.31 (TFTP Boot Server = 2.5.3.1)
Platforms
###
Luigi Auriemma
Application: MailEnable Professional and Enterprise
http://www.mailenable.com
Versions: = 3.13
Platforms:Windows
Bugs: A] multiple post-auth buffer
###
Luigi Auriemma
Application: MicroWorld eScan Server (aka eScan Management Console)
http://www.mwti.net
Versions: = 9.0.742.98
Platforms:Windows
Bug: directory
###
Luigi Auriemma
Application: Perforce Server
http://www.perforce.com
Versions: = 2007.3/143793
Platforms:Windows, Unix, Linux and Mac
Bugs: NULL pointers, invalid
###
Luigi Auriemma
Application: Versant Object Database
http://www.versant.com/en_US/products/objectdatabase
Versions: = 7.0.1.3
Platforms:Windows, Solaris, HP-UX, AIX, Linux
###
Luigi Auriemma
Application: SurgeFTP
http://www.netwinsite.com/surgeftp/
Versions: = 2.3a2
Platforms:Windows, Linux and Solaris
Bug: NULL pointer access
###
Luigi Auriemma
Application: Double-Take
http://www.doubletake.com
Versions: = 5.0.0.2865
(version 4.5.x tested with success too)
Platforms:Windows
Bugs
###
Luigi Auriemma
Application: Sybase MobiLink
http://www.sybase.com/developer/mobile/sqlanywhere/mobilink
Versions: = 10.0.1.3629
Platforms:Windows and Linux/Unix
Bug
###
Luigi Auriemma
Application: freeSSHd
http://www.freesshd.com
Note: is possible that the problem affects also
wodSSHServer anyway this has not been
###
Luigi Auriemma
Application: webcamXP
http://www.webcamxp.com
Versions: = 3.72.440.0
= beta 4.05.280
Platforms:Windows
Bug: access violation
###
Luigi Auriemma
Application: Foxit Remote Access Server (WAC Server)
http://www.foxitsoft.com/wac/server_intro.php
Versions: = 2.0 Build 3503
Platforms:Windows
Bugs
###
Luigi Auriemma
Application: Now SMS/MMS Gateway
http://www.nowsms.com
Versions: = v2007.06.27
Platforms:Windows
Bugs: A] web authorization buffer-overflow
###
Luigi Auriemma
Application: RPM Remote Print Manager
http://lpd.brooksnet.com
Versions: = 4.5.1.11 (tested both the Elite and Select versions)
the beta version
to 7.4.1.0 and 1.0.4.0.
---
Luigi Auriemma
http://aluigi.org
###
Luigi Auriemma
Application: Intermate WinIPDS
http://www.intermate.com/ipdssoftware
Versions: = Release 3.3 Revision G52-33-021
Platforms:Windows
Bugs
uninstalled, redownloaded and reinstalled both the program
and the patch just in this moment and I can confirm the exact behaviour
described above.
---
Luigi Auriemma
http://aluigi.org
###
Luigi Auriemma
Application: Larson Software Technology Network Print Server
http://www.cgmlarson.com/products/NetworkPrintServer.php
Versions: = 9.4.2 build 105
Platforms
###
Luigi Auriemma
Applications: Opium OPI Server
http://www.cyansoftware.com/Opium_OPI.htm
cyanPrintIP Easy OPI
http://www.cyansoftware.com
###
Luigi Auriemma
Application: EztremeZ-IP File and Printer Server
http://www.grouplogic.com/products/extreme/overview.cfm
Versions: = 5.1.2x15
Platforms:Windows
Bugs
###
Luigi Auriemma
Application: SafeNet Sentinel Protection Server
SafeNet Sentinel Keys Server
http://www.safenet-inc.com
Versions: = 7.4.1.0 (aka
###
Luigi Auriemma
Application: Ipswitch Instant Messaging
http://www.ipswitch.com/products/instant_messaging
Versions: = 2.0.8.1
Platforms:Windows
Bugs: A] pre-auth
###
Luigi Auriemma
Application: WS_FTP Server Manager
http://www.wsftp.com
Versions: WS_FTP Server = 6.1.0.0
Platforms:Windows
Bugs: A] authorization bypassing in log
###
Luigi Auriemma
Application: TinTin++ / WinTin++
http://tintin.sourceforge.net
Versions: = 1.97.9
Platforms:Windows, Linux and Mac
Bugs: A] chat buffer-overflow
###
Luigi Auriemma
Application: FTP Log Server
http://www.wsftp.com
Versions: = 7.9.14.0
Platforms:Windows
Bug: socket termination
Exploitation: remote
Date
###
Luigi Auriemma
Application: SAPlpd
http://www.sap.com
Versions: = 6.28 (included in SAP GUI 7.10)
Platforms:Windows
Bugs: various vulnerabilities
Exploitation
###
Luigi Auriemma
Application: WinCom LPD Total - Line Printer Daemon
http://clientsoftware.com.au/lpd.html
Versions: = 3.0.2.623
Platforms:Windows
Bugs: A] buffer
vulnerables 1.7.x
versions of uTorrent.
Then some days ago has been released BitTorrent 6.0.1 which fixes the
vulnerability in this client too.
---
Luigi Auriemma
http://aluigi.org
###
Luigi Auriemma
Applications: BitTorrent and uTorrent
http://www.bittorrent.com
http://www.utorrent.com
Versions: BitTorrent = 6.0 (build 5535
used in my PoC has been added because during my tests
gave better results.
Naturally mine is only an idea on which I worked for testing in practice
the effects of the bug here on my system (Windows XP SP2), so anyone can
find better methods and solutions moreover about the compability.
---
Luigi
to who simply did a personal test.
---
Luigi Auriemma
http://aluigi.org
system on which it runs, Windows XP,
Windows Vista, Mac OS X, Y, Z and so on.
BYEZ
---
Luigi Auriemma
http://aluigi.org
###
Luigi Auriemma
Application: Quicktime Player
http://www.apple.com/quicktime
Versions: = 7.3.1.70
Platforms:Windows and Mac
Bug: buffer-overflow
Exploitation
###
Luigi Auriemma
Application: SAP MaxDB
https://www.sdn.sap.com/irj/sdn/maxdb
http://www.sap.com
Versions: = 7.6.03 build 007
Platforms:Windows, Linux
###
Luigi Auriemma
Application: yaSSL
http://www.yassl.com
Versions: = 1.7.5
Platforms:Windows and *nix
Bugs: A] buffer-overflow in ProcessOldClientHello
it are the usage of SSL on the server and
naturally having an IP address with access to the database.
By default mySQL uses yaSSL (1.6.0) for avoiding licences conflicts,
anyway if the test server has been compiled with specific OpenSSL
support it is NOT vulnerable.
---
Luigi Auriemma
http://aluigi.org
Denial of Service in Pragma TelnetServer 7.0.4.589
http://aluigi.org/adv/pragmatel-adv.txt
Exception message in Seattle Lab Telnet Server 4.1.1.3758
http://aluigi.org/adv/slnetmsg-adv.txt
Exception message in VanDyke VShell 3.0.3.569
http://aluigi.org/adv/vshellmsg-adv.txt
---
Luigi
###
Luigi Auriemma
Application: White_Dune
http://vrml.cip.ica.uni-stuttgart.de/dune/
Versions: = 0.29beta791
Platforms:Unix/Linux/MacOSX and Windows
Bugs: A] buffer
###
Luigi Auriemma
Application: Georgia SoftWorks SSH2 Server (GSW_SSHD)
http://www.georgiasoftworks.com/prod_ssh2/ssh2_server.htm
Versions: = 7.01.0003
Platforms:Windows
Bugs
1 - 100 of 182 matches
Mail list logo