Section:  .. / 0402-advisories  /

Page 4 of 5
<< 1 2 3 4 5 >> Files 75 - 100 of 107
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: sa2988.txt
Description:
APC's hardware-based network management cards could be compromised by non-privileged users via Telnet or the local serial port using a static factory password.
Related File:apc_9606_backdoor.txt
File Size:9979
Last Modified:Feb 19 09:16:00 2004
MD5 Checksum:f3197af68f915a5efbc861d44f7c5cf9

 ///  File Name: samiFTP.txt
Description:
Sami FTP server version 1.1.3 has multiple vulnerabilities that can lead to a denial of service.
Author:intuit
Homepage:http://rootshells.tk
File Size:5318
Last Modified:Feb 13 19:05:00 2004
MD5 Checksum:732d3d423c952768d6ab9127dd9e6b89

 ///  File Name: sandblad13.txt
Description:
Using the mozilla browser, while linking to a new page it is still possible to interact with the old page before the new page has been successfully loaded. Any javascript events fired will be invoked in the context of the new page, making cross site scripting possible if the pages belong to different domains.
Author:Andreas Sandblad
File Size:2345
Last Modified:Feb 25 19:37:00 2004
MD5 Checksum:0182fb09a637cc8e469d1eb51bc5fbd4

 ///  File Name: servU.MDTM.txt
Description:
Serv-U MDTM versions 5.0.0.4 and below suffer from a command buffer overflow.
Author:bkbll
Homepage:http://www.cnhonker.com
File Size:1295
Last Modified:Feb 26 20:38:00 2004
MD5 Checksum:4daa465d2501788fda0d70d16a91407b

 ///  File Name: smallFTPd.txt
Description:
Smallftpd version 1.0.3 crashes when an attempted directory traversal occurs.
Author:intuit
Homepage:http://rootshells.tk/
File Size:4466
Last Modified:Feb 18 15:17:00 2004
MD5 Checksum:7c6bda452d125ca4a380cbe1d981d53c

 ///  File Name: symantec200.txt
Description:
Symantec FireWall/VPN Appliance model 200 displays its administrator password in clear text over a non-encrypted HTTP connection.
Author:Davide Del Vecchio
File Size:2511
Last Modified:Feb 16 22:13:00 2004
MD5 Checksum:9479159b078432fbe687b77cb8992459

 ///  File Name: symantecAV.txt
Description:
The Symantec AntiVirus Scan Engine for Linux has a possible race condition via a symlink attack in /tmp.
Author:Dr. Peter Bieringer
File Size:3482
Last Modified:Feb 17 00:09:00 2004
MD5 Checksum:829e9866d8da713a26cee51e8b107d05

 ///  File Name: symantecGS20.txt
Description:
A cross site scripting vulnerability exists in Symantec Gateway Security's management service which could allow an attacker to hijack a management session to the device. Version affected is 2.0.
Author:Brian Soby
File Size:2912
Last Modified:Feb 27 22:20:00 2004
MD5 Checksum:0826658d6b7788362f852a9bb21b8433

 ///  File Name: TA04-033A.txt
Description:
CERT Advisory TA04-033A - Microsoft Internet Explorer (IE) contains multiple vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code with the privileges of the user running IE. Versions affected: 5.01, 5.50, and 6.
Homepage:http://www.cert.org
File Size:4898
Related CVE(s):CAN-2003-01026, CAN-2003-01027, CAN-2003-01025
Last Modified:Feb 3 08:55:00 2004
MD5 Checksum:6d02e1047a533a12589bfe81a6bf7446

 ///  File Name: TA04-036A.txt
Description:
CERT Advisory TA04-036A - Several versions of Check Point Firewall-1 contain a vulnerability that allows remote attackers to execute arbitrary code with administrative privileges. This allows the attacker to take control of the firewall, and in some cases, to also control the server it runs on.
Author:Jeffrey P. Lanza
Homepage:http://www.cert.org
File Size:4286
Last Modified:Feb 6 01:08:00 2004
MD5 Checksum:9217a8c5b84c6617374e45f52787de87

 ///  File Name: TA04-041A.txt
Description:
CERT Advisory TA04-041A - Multiple integer overflow vulnerabilities in the Microsoft Windows ASN.1 parser library could allow an unauthenticated, remote attacker to execute arbitrary code with SYSTEM privileges. Related eEye advisory here and here.
Homepage:http://www.cert.org
File Size:3947
Last Modified:Feb 11 03:24:00 2004
MD5 Checksum:dfbbf45853d90228fbeeea6b54b4a5ac

 ///  File Name: teamfactor.txt
Description:
Team Factor versions 1.25 and below are susceptible to a remote server crash. Both the Windows and Linux platforms are affected.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:2628
Last Modified:Feb 24 03:08:00 2004
MD5 Checksum:0b545354858f0f101198b7019e71e592

 ///  File Name: thepalace.txt
Description:
Palace chat software versions 3.5 and below are susceptible to a stack overflow client-side when accessing hyperlinks.
Author:Peter Winter-Smith
Homepage:http://www.elitehaven.net/
File Size:5595
Last Modified:Feb 8 05:01:00 2004
MD5 Checksum:0479f730c38734b20aa54062f0fa4ac0

 ///  File Name: trillian.txt
Description:
Trillian versions 0.71 through 0.74 and Pro versions 1.0 through 2.01 have two vulnerabilities that allow for remote compromise.
Author:Stefan Esser
Homepage:http://security.e-matters.de/advisories/022004.html
File Size:5688
Last Modified:Feb 24 22:15:00 2004
MD5 Checksum:85754744a2d93a8e680aa1b45f9814bd

 ///  File Name: typsoft110.txt
Description:
TYPSoft FTP Server 1.10 for Windows 9X and WinNT is vulnerable to a denial of service attack when a blank username is supplied.
Author:intuit
File Size:2004
Last Modified:Feb 4 21:03:00 2004
MD5 Checksum:bf3f9ebbe5fcba752498d37620560981

 ///  File Name: TYPSoftFTP.txt
Description:
TYPSoft FTP Server version 1.10 is susceptible to denial of service attacks via most standard FTP commands.
Author:intuit
Homepage:http://rootshells.tk/
File Size:2382
Last Modified:Feb 24 03:47:00 2004
MD5 Checksum:88e4a5ad8548ea1cf52387515f2704d0

 ///  File Name: vbulletinXSS.txt
Description:
A cross site scripting vulnerability exists in VBulletin.
Author:Jamie Fisher
File Size:12808
Last Modified:Feb 12 12:53:00 2004
MD5 Checksum:7e8de45b47576e954d765cc8394b3b51

 ///  File Name: vbulletinXSS2.txt
Description:
A cross site scripting vulnerability exists in VBulletin.
Author:Rafel Ivgi aka The-Insider
Homepage:http://theinsider.deep-ice.com
File Size:3451
Last Modified:Feb 13 19:00:00 2004
MD5 Checksum:26f0cd97afa412955557dc027cc7618f

 ///  File Name: vizer191.txt
Description:
Vizer webserver version 1.9.1 is susceptible to a denial of service attack due to mismanaging input strings for HTTP requests.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1537
Last Modified:Feb 18 03:08:00 2004
MD5 Checksum:f9e8ea9de1a03f2ef23937c90bcc3f37

 ///  File Name: waraxe-2004-SA001.txt
Description:
GBook for Php-Nuke version 1.0 fails to sanity check user input allowing for script injection and cookie theft.
Author:Janek Vind aka waraxe
File Size:3896
Last Modified:Feb 3 06:36:00 2004
MD5 Checksum:a1641d12750185e939e6b0ac15679261

 ///  File Name: waraxe-2004-SA002.txt
Description:
A cross site scripting vulnerability exists in PHP-Nuke 7.1.0.
Author:Janek Vind aka waraxe
File Size:3050
Last Modified:Feb 9 02:03:00 2004
MD5 Checksum:46a324bf1a709174db6f8b7e6e96c47e

 ///  File Name: waraxe-2004-SA003.txt
Description:
PHP-Nuke versions 6.x through 7.1.0 are susceptible to SQL injection attacks.
Author:Janek Vind aka waraxe
File Size:3774
Last Modified:Feb 9 02:33:00 2004
MD5 Checksum:ad9f77125c5096f3d0585a34e45b6ac4

 ///  File Name: webforums16.txt
Description:
Web Forums Server versions 1.6 and below suffer from CSS/XSS vulnerability.
Author:nimber
File Size:2207
Last Modified:Feb 3 01:00:00 2004
MD5 Checksum:ab1fcda7b783e1eaddae29a12d185021

 ///  File Name: wftpdBO.txt
Description:
WFTPD server versions 3.1 through 3.21 and Pro server versions 3.2x have a stack based buffer overflow vulnerability that a remote attacker can exploit to execute arbitrary code. The daemon runs with SYSTEM privileges under Pro server releases and it runs under the user ID that spawn the process under regular server releases.
Author:axl
File Size:2583
Last Modified:Feb 29 02:12:00 2004
MD5 Checksum:f4963b824c10d98644f5bf9c6890e366

 ///  File Name: wftpdDoS.txt
Description:
WFTPD Pro Server 3.21 Release 1 allows a remote attacker to allocate arbitrary amounts of memory and force the WFTPD server process to use 100% of the CPU. Another DoS vulnerability allows an attacker to send a special string to crash WFTPD.
Author:axl
File Size:3902
Last Modified:Feb 28 23:06:00 2004
MD5 Checksum:26a388a0b241c32f35cda21cd047a30d