I tested this on my Solaris NFS server and it didn't kill lockd.
However there are many ways to DoS a Solaris NFS server.
One of them is to put a RedHat 7.3 (original kernel) on the network
as an NFS client then initiate a large read over NFS and watch the
Solaris NFS server become unresponsive to
Molly 0.5 - Remote Command Execution
Discovered By guejez of scan-associates.net
About Molly:
--
[quote from Molly homepage]
"Molly is a small, simple IRC bot that I use for intra-office
communication. She
will handle lunch menus, stock quotes, take polls and stuff like that.
-
Red Hat, Inc. Red Hat Security Advisory
Synopsis: Updated Mozilla packages fix security vulnerabilities
Advisory ID: RHSA-2002:192-13
Issue date:2002-08-28
Updated on:2002-10-09
David Krum wrote:
> My attention was first drawn to this when I noticed KaZaA launching popups
> sourced from the local hard disk. Surely these ads are running in the local
> zone. To use software that does this I have to trust them to audit the ads
> given to them?
Then again, with KaZaA, yo
These ads are most likely "safe" as far as trojans go, depending on your
definition of trojan. Most of them, however, use ad tracking and
"phone-home" to the originating company. Many will install cookies and some
will even install other pop-up software on your computer without your
knowledge to
FYI the article "Chrooting Daemons and System Processes HOWTO" has been
updated to include some fixes to the document, how to tell if you're
operating in a chrooted environment, and links to other useful chroot
documentation. The URL to this doc is
http://www.networkdweebs.com/chroot.html
* Alan DeKok ([EMAIL PROTECTED]) [021018 13:21]:
> Paul Starzetz <[EMAIL PROTECTED]> wrote:
> > There are ambiguities in implementations of the TCP/IP suite for various
> > operating systems.
>
> What about the specifications?
>
> In my (admittedly quick) readings of RFC 793 and RFC 1122, I
perlbot 1.9.2 - Remote Command Execution
Discovered By guejez of scan-associates.net
About perlbot:
--
[quote from freshmeat]
"Perlbot is an IRC bot written in Perl. It depends on Net::IRC and its
goals are
simplicity, a small footprint, and modularity. It's meant as a more e
perlbot 1.0 beta - Remote Command Execution
Discovered By guejez of scan-associates.net
About perlbot:
--
[quote from perlbot website]
""
[/quote from perlbot website]
perlbot is avaliable at http://stigmata.gothcafe.com/~madhater
Vulnerable (tested) Versions:
At 03:55 PM 10/18/2002, Benjamin Krueger wrote:
One could also make a case for continuing to abide by the cardinal
rule "Be permissive in what you accept, and strict in what you send".
Tough call, but its difficult to justify describing stacks that are
permissive as "highly bogus" or "lazy" give
.:: vBulletin XSS Security Bug
vBulletin is a powerful and widely used bulletin board system, based on
PHP language and MySQL database. One of its features is the usage of
templates to modify the boards look. I discovered lately a Cross-Site
Scripting vulnerability that would attackers t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
GENTOO LINUX SECURITY ANNOUNCEMENT 200210-004
- -
PACKAGE : tetex
SUMMARY : Command execution vulnerability i
Two security vulnerabilities in YaBB allows stealing
users cookies and hijacking users accounts.
Tested on:
YaBB 1.40 & 1.41
Summary :
YaBB is a leading provider of free, downloadable php
forums for webmasters. Two security vulnerabilities in
the product
allows a remote attacker to steal users
1. Abstract
---
There are ambiguities in implementations of the TCP/IP suite for various
operating systems. Even if this fact has been used since a long time in
different software for OS fingerprinting, no real attempt has been made
to identify the security impact of the differences in
===[ interSEC - Advisory ]=[ Adv. ID: 2002-10-001 ]==
Advisory Information
Name : Multiple bugs in Web602 web server
Vendor Homepage: http://www.software602.cz
Platforms : Windows
Vulnerability Type : M
I'm concerned about all the applications which utilize ie browser controls.
There are a lot of adware programs with little ads. Some of these ads have
activex, java, flash, js. Any one of these capabilities in the wrong zone
could be dangerous.
My attention was first drawn to this when I not
Immunity Advisory to the General Public
Vulnerability: RPC Service DoS (port 135/tcp) on Windows 2000 SP3
Author: Dave Aitel
Date: October 18, 2002
Because the default SPIKE 2.7 run has been able to discover this
vulnerability, and various people have contacted me regarding it, I
offer this analy
In-Reply-To: <[EMAIL PROTECTED]>
>Can any one enlighten me on this statement in the PGP Corporation Beta
>License Agreement?
>
>YOU HEREBY EXPRESSLY CONSENT TO PGP'S PROCESSING OF YOUR
PERSONAL DATA
>(WHICH MAY BE COLLECTED BY PGP OR ITS DISTRIBUTORS) ACCORDING
TO PGP'S
>CURRENT PRIVAC
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 179-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
October 18th, 2002
[feel free to include in BugTraq, I haven't seen past reports for this
one]
Microsoft Windows Media Player v6.3 for Sparc/Solaris is available for
download from http://download.microsoft.com.
When you install it on Solaris (the program is distributed as an
executable installer, which takes care o
hi
planetdns ( http://www.planetdns.net)is
commercial software package that allows to
turn computer into an Internet server.
and be able to create an Internet Name, connect to
a web server, FTP, mail server, etc. running
on computer.
planetdns is vulnerable has a buffer overflow with a
overwrite of
On Thursday 17 October 2002 2:00 am, [EMAIL PROTECTED] wrote:
> Greetings.
>
> ABfrag - Linux Kernel ( <= 2.4.20pre20 ) Remote Syncing exploit
>
I think this is a bit of a giveaway: mentioning a kernel that doesn't exist
suggests this program is not what it claims to be (Marcelo released
2.4.20
Greetings.
Today I had a rather strange experiance. At about 4:30 pm GMT my
IDS began reporting strange TCP behaviour on my network segment. As I
was unable to verify the cause of this behaviour I was forced to remove
the Linux box that I use a border gateway and traffic monitor - at no small
23 matches
Mail list logo