-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
btw: *http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1009
*class a écrit :
As a recall, there is now two months, the Hat-Squad has published 2
high security risks still UNPATCHED for BakBone NetVault 6.x/7.x
all versions. In an Open Letter:
http://phx.corporate-ir.net/phoenix.zhtml?c=67723&p=irol-newsArticle&t=Regular&id=704547&;
Bakbone announce a new NetVault Q4 2005, and a new MACOSX version.
My suggestion to BakBone is to review their whole code because Im
aware that another Heap overflow has been found by a friend without
to be published.
We won't republish this warning as soon as BakBone choosed to wake
up, but we recommand to assest BakBone products if you are seeking
for security bugs, this is a nice peace of cheese.
BakBone NetVault 6.x/7.x Remote Heap Buffer Overflow advisory
class101.org/netv-remhbof.pdf
BakBone NetVault 6.x/7.x Remote Heap Buffer Overflow exploit
class101.org/36/55/op.php
BakBone NetVault 6.x/7.x Local Stack Buffer Overflow advisory
class101.org/netv-locsbof.pdf
BakBone NetVault 6.x/7.x Local Stack Buffer Overflow exploit
class101.org/36/55/op.php
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
iD8DBQFCggDILyZ8K9aT7rARAqU3AJ9ipPItlpY0n8sJK4+n3gQxTFjHfQCfboh3
4Z12G6RNiKM6yfy924Vuomo=
=664m
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
