Bugtraq mailing list archives

Various Lame Stuff

From: wizdumb () LEET ORG (wizdumb () LEET ORG)
Date: Tue May 16 15:04:28 2000


Hi all,

Just a summary of some vulnerabilities that have been covered in the Forbidden
Knowledge e-zine lately, which some people on the list may need to know...

Covered in Issue Eight

---
Proxy Plus <www.proxyplus.cz> has various insecure default settings.

NiteServer FTPd is vulnerable to several Denial of Service attacks.

ISpy Webcam <www.ispy.nl> stores the password for the FTP server it uploads
images to in the registry with a simple substitution cipher.

The XiRCON IRC client <www.xircon.com> dies when recieving long CTCP messages.

E-Serv directory climbing vulnerability. Turns out this was mentioned on
BugTraq the month before release, but it's worth mentioning anyway, because
the BugTraq post didn't mention that the FTPd is also vulnerable.
---

Covered in Issue Nine
---
All versions of Offline Explorer <www.metaproducts.com> prior to version 1.3
beta allow any file on the hard-drive to be remotely read.

The Argosoft FTP Server <www.argosoft.com> is affected by various overflows
AND allows directory climbing. We haven't checked if everything has been
fixed yet, but the author has been informed.
---

Covered in Issue Eleven
---
Spoon Proxy <www.pi-soft.com> is vulnerable to a nasty Denial of service.

Cisco's PIX Firewall <www.cisco.com> (and others) can be DoS'd

Killmod.php3 <packetstorm> (lame hax0r kiddie script) is exploitable

E-Serv <www.eserv.ru> is vulnerable to a DoS attack

Browsegate <www.netcplus.com> has a remotely exploitable buffer overflow

GateKeeper <www.infopulse.net> has a remotely exploitable buffer overflow

AllegroSurf <www.allegrosurf.com> is DoS'able

iCal <www.brownbearsw.com> has multiple vulnerabilties

Users with UID 1000 or higher can reboot RedHat 6.0 systems
---

Should any of these bugs affect you and/or should you like more details -
check out the e-zine at www.mdma.za.net/fk. It's distasteful, perverse, and
will probably be offensive to 99.9% of the people who read it. That's why
it's so damned cool, heh. ;)

Apologies for not posting earlier, and from now on, I will release a post to
BugTraq at the same time as (or in some cases, before) the e-zine.

Cheers,
Drew Lewis

--==--==--==--==-->>
wizdumb () leet org
+27 (82)
976-7246

Current thread:

I think, (continued)
- - - I think Jay Mobley (May 23)
    - Re: kscd vulnerability Katherine M. Moussouris (May 25)
  - Cisco Bug Esteve Espuna (May 16)
    - Re: Cisco Bug James Sneeringer (May 16)
    - Security Bulletins Digest (fwd) Mike Bush (May 17)
  - Cisco Bug Error Log Esteve Espuna (May 16)
  - CProxy v3.3 SP 2 DoS |[TDP]| (May 16)
  - Banner Rotation 01 zillion (May 16)
    - Re: Banner Rotation 01 Joao Pedro Gonçalves (May 17)
  - Vuln in calender.pl (Matt Kruse calender script) suid () SUID KG (May 16)
  - Various Lame Stuff wizdumb () LEET ORG (May 16)
- You can now track Bugtraq 24/7 with Software. Alfred Huger (May 15)
- Allmanage.pl Vulnerabilities bighawk (May 15)