CVE-2006-5478 – Novell Netmail User Authentication Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2006-5478
Multiple stack-based buffer overflows in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8, and Novell NetMail before 3.52e FTF2, allow remote attackers to execute arbitrary code via (1) a long HTTP Host header, which triggers an overflow in the BuildRedirectURL function; or vectors related to a username containing a . (dot) character in the (2) SMTP, (3) POP, (4) IMAP, (5) HTTP, or (6) Networked Messaging Application Protocol (NMAP) Netmail services. Múltiples desbordamientos de búfer basado en pila en Novell eDirectory 8.8.x anterior a 8.8.1 FTF1, y 8.x hasta 8.7.3.8, y Novell NetMail anterior a 3.52e FTF2, permite a atacantes remotos ejecutar código de su elección mediante (1) una cabecera HTTP Host larga, que provoca el desbordamiento en la función BuildRedirectURL; o vectores relacionados con un nombre de usuario que contiene un carácter . (punto) en los servicios Netmail (2) SMTP, (3) POP, (4) IMAP, (5) HTTP o (6) Networked Messaging Application Protocol (NMAP). This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Netmail. • https://www.exploit-db.com/exploits/28835 https://www.exploit-db.com/exploits/28836 https://www.exploit-db.com/exploits/28837 https://www.exploit-db.com/exploits/16773 http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050382.html http://lists.grok.org.uk/pipermail/full-disclosure/2006-October/050388.html http://secunia.com/advisories/22519 http://securitytracker.com/id?1017125 http://securitytracker.com/id?1017141 http://support.novell.com/cgi-bin/search/searchti • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-5479
https://notcve.org/view.php?id=CVE-2006-5479
The NCP Engine in Novell eDirectory before 8.7.3.8 FTF1 allows remote attackers to cause an unspecified denial of service via a certain "NCP Fragment." El motor NCP en Novell eDirectory anterior a 8.7.3.8 FTF1 permite a atacantes remotos provocar una denegación de servicio no especificada mediante un cierto "Fragmento NCP". • http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm •
CVE-2006-4177
https://notcve.org/view.php?id=CVE-2006-4177
Heap-based buffer overflow in the NCP engine in Novell eDirectory before 8.8.1 FTF1 allows remote attackers to execute arbitrary code via a crafted NCP over IP packet that causes NCP to read more data than intended. Desbordamiento de búfer basado en montículo en el motor NCP en Novell eDirectory anterior a 8.8.1 FTF1 permite a atacantes remotos ejecutar código de su elección mediante un paquete artesanal NCP sobre IP que provoca que NCP lea más información de la deseada. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=426 http://secunia.com/advisories/22506 http://securitytracker.com/id?1017104 http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974600.htm http://www.securityfocus.com/bid/20664 http://www.vupen.com/english/advisories/2006/4142 https://exchange.xforce.ibmcloud.com/vulnerabilities/29768 •
CVE-2004-0081
https://notcve.org/view.php?id=CVE-2004-0081
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. OpenSSL 0.9.6 anteriores a la 0.9.6d no manejan adecuadamente los tipos de mensajes desconocidos, lo que permite a atacantes remotos causar una denegación de servicios (por bucle infinito), como se demuestra utilizando la herramienta de testeo Codenomicon TLS. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt ftp://patches.sgi.com/support/free/security/advisories/20040304-01-U.asc http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 http://fedoranews.org/updates/FEDORA-2004-095.shtml http://marc.info/?l=bugtraq&m=107955049331965&w=2 http://marc.info/?l=bugtraq&m=108403850228012&w=2 http://rhn.redhat.com/errata/RHSA-2004-119.html http://secunia.com/advisories/11139 http://security.gen •
CVE-2004-0112
https://notcve.org/view.php?id=CVE-2004-0112
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. El código que une SSL/TLS en OpenSSL 0.9.7a, 0.9.7b y 0.9.7c, usando Kerberos, no comprueba adecuadamente la longitud de los tickets de Kerberos, lo que permite que atacantes remotos provoquen una denegación de servicio. • ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2004-005.txt.asc ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2004.10/SCOSA-2004.10.txt http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000834 http://docs.info.apple.com/article.html?artnum=61798 http://lists.apple.com/archives/security-announce/2005//Aug/msg00001.html http://lists.apple.com/archives/security-announce/2005/Aug/msg00000.html http://lists.apple.com/mhonarc/security-announce/msg00045.html http: • CWE-125: Out-of-bounds Read •