lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <4281FE31.9080500@class101.org>
Date: Wed May 11 13:46:54 2005
From: ad at class101.org (class)
Subject: BakBone NetVault last warning

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
As a recall, there is now two months, the Hat-Squad has published 2
high security risks still UNPATCHED for BakBone NetVault 6.x/7.x all
versions. In an Open Letter:

http://phx.corporate-ir.net/phoenix.zhtml?c=67723&p=irol-newsArticle&t=Regular&id=704547&

Bakbone announce a new NetVault Q4 2005, and a new MACOSX version. My
suggestion to BakBone is to review their whole code because Im aware
that another Heap overflow has been found by a friend without to be
published.

We won't republish this warning as soon as BakBone choosed to wake up,
but we recommand to assest BakBone products if you are seeking for
security bugs, this is a nice peace of cheese.

BakBone NetVault 6.x/7.x Remote Heap Buffer Overflow advisory

class101.org/netv-remhbof.pdf

BakBone NetVault 6.x/7.x Remote Heap Buffer Overflow exploit

class101.org/36/55/op.php

BakBone NetVault 6.x/7.x Local Stack Buffer Overflow advisory

class101.org/netv-locsbof.pdf

BakBone NetVault 6.x/7.x Local Stack Buffer Overflow exploit

class101.org/36/55/op.php


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
 
iD8DBQFCgf4vLyZ8K9aT7rARAqu3AJ411cU2YZkRcOwFfRlF1PMLWvFaRACdGAvo
belmxbd7Z/peu5L154pS02k=
=hHqE
-----END PGP SIGNATURE-----


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ