what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 15 of 15 RSS Feed

Files from NGSSoftware

Email addressresearch at ngssoftware.com
First Active2002-05-24
Last Active2005-01-06
Next Generation Security Advisory 205012005I
Posted Jan 6, 2005
Authored by David Litchfield, NGSSoftware | Site nextgenss.com

NGSSoftware Insight Security Research Advisory #NISR05012005I - IBM's DB2 database server contain four XML functions that can be used to read and write files on the system. Systems Affected: DB2 8.1.

tags | advisory
SHA-256 | b96a26b299af6b8dfd51f75246b6c5b612402295c834c9712ad99334ce4a205f
Next Generation Security Advisory 205012005H
Posted Jan 6, 2005
Authored by David Litchfield, NGSSoftware | Site nextgenss.com

NGSSoftware Insight Security Research Advisory #NISR05012005H - IBM's DB2 database server contain four XML functions that suffer from stack based buffer overflow vulnerabilities. Systems Affected: DB2 8.1.

tags | advisory, overflow, vulnerability
SHA-256 | 9a5db27238d552f7b43a081f1565127b3d1b829c519051fd7154784b75627dc8
Next Generation Security Advisory 205012005G
Posted Jan 6, 2005
Authored by NGSSoftware, Chris Anley | Site nextgenss.com

NGSSoftware Insight Security Research Advisory #NISR05012005G - IBM DB2 is vulnerable to denial of service conditions when processing certain function calls. Systems Affected: DB2 8.1.

tags | advisory, denial of service
SHA-256 | f3c908713847b92460a5a7d99df17b60b369dd3c656c7cfc290d0f990ee42c85
Next Generation Security Advisory 205012005F
Posted Jan 6, 2005
Authored by NGSSoftware, Chris Anley | Site nextgenss.com

NGSSoftware Insight Security Research Advisory #NISR05012005F - Almost all shared memory sections and events in the Windows version of DB2 have weak permissions; all sections can be read and written by Everyone, and all events can be set and waited on by Everyone. This results in a number of security issues relating to the privileges of local users. Systems Affected: DB2 8.1.

tags | advisory, local
systems | windows
SHA-256 | 710a1b87f503f48ddd770bd0d5c49acdd7ab71124cf9f67ce6157ca99e17f3fc
Next Generation Security Advisory 205012005E
Posted Jan 6, 2005
Authored by David Litchfield, NGSSoftware | Site nextgenss.com

NGSSoftware Insight Security Research Advisory #NISR05012005E - IBM's DB2 database server, when configured for Satellite Administration includes a number of SQL functions. One of these, the SATENCRYPT function, suffers from a stack based buffer overflow vulnerability. Systems Affected: DB2 8.1.

tags | advisory, overflow
SHA-256 | 7d386e3e0437c1c85d6802b327e3efb8a9fa4ca901feee75516c9820b611581d
Next Generation Security Advisory 205012005D
Posted Jan 6, 2005
Authored by David Litchfield, NGSSoftware | Site nextgenss.com

NGSSoftware Insight Security Research Advisory #NISR05012005D - IBM's DB2 JDBC Applet Server suffers from a stack based buffer overflow vulnerability that can be exploited remotely without a user ID or password. Systems Affected: DB2 8.1.

tags | advisory, overflow
SHA-256 | f1b0c032caaaca34c6de39e4209280e534786f0ddb5e39bce1e00bd9d05f0ca7
Next Generation Security Advisory 205012005C
Posted Jan 6, 2005
Authored by David Litchfield, NGSSoftware | Site nextgenss.com

NGSSoftware Insight Security Research Advisory #NISR05012005C - IBM's DB2 database server suffers from a stack based buffer overflow vulnerability when using call. Systems Affected: DB2 8.1/7.x.

tags | advisory, overflow
SHA-256 | 75e7cc2f74b9c5d19bd9e5a521176de0f8c998d0326b2e48c27a990f35438cf9
Next Generation Security Advisory 205012005B
Posted Jan 6, 2005
Authored by David Litchfield, NGSSoftware | Site nextgenss.com

NGSSoftware Insight Security Research Advisory #NISR05012005B - libdb2.so.1, one of the libraries supplied with IBM's DB2 database server suffers from a buffer overflow vulnerability. Systems Affected: DB2 8.1/7.x.

tags | advisory, overflow
SHA-256 | a81f720fbef9bf57c906d4ba4a8c6424583a17436daff3676135f7916fd24c36
Next Generation Security Advisory 205012005A
Posted Jan 6, 2005
Authored by David Litchfield, NGSSoftware | Site nextgenss.com

NGSSoftware Insight Security Research Advisory #NISR05012005A - IBM's DB2 database server suffers from a local attack whereby passing an overly parameter to the db2fmp binary will overflow a stack based buffer. Systems Affected: DB2 8.1/7.x.

tags | advisory, overflow, local
SHA-256 | b4c01bb875e8e863804f2afe3c1a596a966e1de1a34b6e4081a98bc4bc0a23a1
Next Generation Security Advisory 223122004L
Posted Dec 31, 2004
Authored by David Litchfield, NGSSoftware | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR2122004L - IBM's DB2 database server contains a procedure, generate_distfile. This procedure suffers from a stack based buffer overflow vulnerability. Systems Affected: DB2 8.1/7.x.

tags | advisory, overflow
SHA-256 | 3ef55a702511cb8221131c88341c2991b45a10ee7c8b153e5ddda2eb0ad3028e
Next Generation Security Advisory 223122004K
Posted Dec 31, 2004
Authored by Mark Litchfield, NGSSoftware | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR2122004J - IBM's DB2 database server contains a function, rec2xml, used to format a string in XML. This function suffers from a stack based buffer overflow vulnerability. Systems Affected: DB2 8.1/7.x.

tags | advisory, overflow
SHA-256 | b8613611d22ef6e27ef52155f6315c5d527c17d33199e9824cdca2fd21abca6f
Next Generation Security Advisory 2004.7
Posted Aug 26, 2004
Authored by FJ Serna, NGSSoftware | Site ngsec.com

Next Generation Advisory NGSEC-2004-7 - NtRegmon, the Registry monitoring utility for Windows, suffers from an unvalidated pointer referencing. While any privileged user is using NtRegmon, any local and unauthorized user can crash the system. Versions below 6.12 are susceptible.

tags | advisory, local, registry
systems | windows
SHA-256 | 25183dcc3f859b4639c3d21491f15da6b81da0e387b46e9c99dcf6f07cb351fa
Next Generation Security Advisory 2004.6
Posted Aug 18, 2004
Authored by FJ Serna, NGSSoftware | Site ngsec.com

Next Generation Advisory NGSEC-2004-6 - The IPD, or Integrity Protection Driver, from Pedestal Software suffers from an unvalidated pointer referencing in some of its kernel hooks. Any local and unauthorized user can crash the system with some simple coding skills. Versions up to 1.4 are affected.

tags | advisory, kernel, local
SHA-256 | 50720f87318f3a42e9784937201bd48fcc7fed7624a51ca79ec89c25f61005c5
Next Generation Security Advisory 2002.4
Posted Nov 19, 2002
Authored by FJ Serna, NGSSoftware | Site ngsec.com

The iPlanet WebServer v4.x up to SP11 contains vulnerabilities which allow remote root command execution by using a cross site scripting vulnerability to redirect the Administrator's browser to a URL in a vulnerable perl script that will cause the open() command injection.

tags | advisory, remote, root, perl, vulnerability, xss
SHA-256 | e6d57374873ddcf0334a40142fc81f76dc5c0eaf48548811bef588fe324a0d20
Next Generation Security Advisory 2002.3
Posted May 24, 2002
Authored by FJ Serna, NGSSoftware | Site ngsec.com

Next Generation Advisory NGSEC-2002-3 - Sun Solaris in.talkd is vulnerable to a remote root format string bug. An attacker can request a talk session with a especially crafted user field able to write memory and gain control of the flow of the in.talkd.

tags | remote, root
systems | solaris
SHA-256 | 7fa8d1d538e9e06e7e46c09cb39e2c8630bd909c9fbb9f637606a8b0e9b96d44
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close