Information Security News mailing list archives
NT: Five Buffer Overflows; One Denial of Service
From: mea culpa <jericho () DIMENSIONAL COM>
Date: Thu, 4 Nov 1999 10:22:42 -0700
From: WinSA Publisher <winsa () NTSECURITY NET> November 2, 1999 - WINSA - At least five different programs were recently reported to contain possible buffer overflow condition that may allow arbitrary code to execute on the server. The programs reported to be vulnerable are as follows: * Avirt Mail Server * CMail Server * ExpressFS FTPServer * Xitami Web Server * WFTPD Server In addition, a new exploit was released that can cause NT's native SERVICES.EXE process to crash, thereby crippling much functionality in the wake of the crash. For complete details on all six of these newly discovered security risks, including sample code that demonstrates some of these issues against certain software packages, please visit our Web site: * RFPoison (Services.exe DoS) http://www.ntsecurity.net/go/load.asp?iD=/security/services.htm * Avirt Mail Server http://www.ntsecurity.net/go/load.asp?iD=/security/avirt1.htm * CMail Server http://www.ntsecurity.net/go/load.asp?iD=/security/cmail1.htm * ExpressFS FTPServer http://www.ntsecurity.net/go/load.asp?iD=/security/expressfs1.htm * Xitami Web Server http://www.ntsecurity.net/go/load.asp?iD=/security/xitami1.htm * WFTPD Server http://www.ntsecurity.net/go/load.asp?iD=/security/wftpd1.htm Thanks for subscribing to WinSA. Please tell your friends about this mailing list! Sincerely, The WinSA Team ISN is sponsored by Security-Focus.COM
Current thread:
- NT: Five Buffer Overflows; One Denial of Service mea culpa (Nov 04)