Section:  .. / 0407-advisories  /

Page 4 of 5
<< 1 2 3 4 5 >> Files 75 - 100 of 114
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: phpbbxssSplit.txt
Description:
PHPBB version 2.0.x is susceptible to an HTTP response splitting vulnerability and also a cross site scripting flaw.
Author:Ory Segal
Homepage:http://www.SanctumInc.com
File Size:4364
Last Modified:Jul 19 16:45:00 2004
MD5 Checksum:1108084d565f032bb04ff19b50c66873

 ///  File Name: pstoolsVuln.txt
Description:
Due to a vulnerability in the Sysinternals PsTools share mapping, an attacker with a user account can execute arbitrary code as an administrator.
Author:Alan Ridgeway
Homepage:http://www3.ca.com/securityadvisor/vulninfo/vuln.aspx?id=28304
File Size:3367
Last Modified:Jul 21 23:38:52 2004
MD5 Checksum:3c9f5bf0956dcfe82c3881a4a7caf0d9

 ///  File Name: sa11978.txt
Description:
Secunia Security Advisory - A 6 year old vulnerability has been discovered in multiple browsers, allowing malicious people to spoof the content of websites. The problem is that the browsers do not check if a target frame belongs to a website containing a malicious link, which therefore does not prevent one browser window from loading content in a named frame in another window. Successful exploitation allows a malicious website to load arbitrary content in an arbitrary frame in another browser window owned by e.g. a trusted site. Affected browsers: Safari 1.x, Opera 5-7.x, Netscape 6-7.x, Mozilla Firefox 0.x, Mozilla 0-1.6, Konqueror 3.x, and Internet Explorer 5.x for Mac.
Homepage:http://secunia.com/advisories/11978/
File Size:3379
Last Modified:Jul 1 13:28:00 2004
MD5 Checksum:bcb379122027a7b03deb633f933cae85

 ///  File Name: sa11986.txt
Description:
Secunia Security Advisory - Two vulnerabilities have been reported in RSBAC, potentially allowing malicious, local users to escalate their privileges. One allows a malicious user the ability to switch the AUTH module off. This affects 1.0.8 through 1.2.2. The other allows users to create suid and sgid files. This affects 1.2.2.
Homepage:http://secunia.com/advisories/11986/
File Size:2085
Last Modified:Jul 2 07:02:00 2004
MD5 Checksum:f5ab3013ab4a68f86a7e1b67fd99ec91

 ///  File Name: sa11992.txt
Description:
Secunia Security Advisory - Pure-FTPd versions 1.0.x suffer from a vulnerability that allow for a denial of service.
Homepage:http://secunia.com/advisories/11992/
File Size:1632
Last Modified:Jul 5 09:13:00 2004
MD5 Checksum:052d5f9209b2da6042913a3aa0e8ea52

 ///  File Name: sa11999.txt
Description:
Secunia Security Advisory - Jesse Ruderman has reported a security issue in Mozilla and Mozilla Firefox, allowing malicious websites to trick users into accepting security dialog boxes. The problem is that it may be possible to trick users into typing or clicking on a XPInstall / Security dialog box, using various interactive events, without the user noticing the dialog box. Successful exploitation may allow a malicious website to perform tasks that require user interaction. This has been fixed in Mozilla 1.7 and Mozilla Firefox 0.9.
Homepage:http://secunia.com/advisories/11999/
File Size:2173
Last Modified:Jul 5 08:44:00 2004
MD5 Checksum:ca6c84624d5835f20d80a1fc455fff0b

 ///  File Name: sa12008.txt
Description:
Secunia Security Advisory - kokanin has noticed that files are created in /tmp using 777 permissions for Oracle Database 10g during installation allowing malicious users to manipulate files.
Homepage:http://secunia.com/advisories/12008/
File Size:1673
Last Modified:Jul 4 12:38:00 2004
MD5 Checksum:b890c8788f36a2f0de2cc7ff93e3dcef

 ///  File Name: sa12011.txt
Description:
Secunia Security Advisory - Multiple vulnerabilities have been discovered in Mbedthis AppWeb 1.x. Some currently have an unknown impact and others may be exploited by malicious people to gain knowledge of sensitive information or bypass certain security restrictions.
Homepage:http://secunia.com/advisories/12011/
File Size:2546
Last Modified:Jul 6 15:17:00 2004
MD5 Checksum:48f51a4ae39dd13cb4cb53cd1edc0ea8

 ///  File Name: sa12017.txt
Description:
Secunia Security Advisory - Ken Girrard has reported a vulnerability in Open WebMail, which can be exploited by malicious users to execute arbitrary application. The vulnerability is caused due to the vacation.pl script opening list files without checking their existence.
Homepage:http://secunia.com/advisories/12017/
File Size:1885
Last Modified:Jul 6 11:21:00 2004
MD5 Checksum:3f96b881e608b15e05bfbf13cf30ace1

 ///  File Name: sa12076.txt
Description:
Secunia Security Advisory - Marcel Boesch has reported a vulnerability in Mozilla and Firefox, which can be exploited by malicious people to cause a denial of service. Versions affected: Mozilla 1.6, 1.7.x, and Firefox 0.x.
Homepage:http://secunia.com/advisories/12076/
File Size:2902
Last Modified:Jul 16 13:45:00 2004
MD5 Checksum:82dc87643d82fc278a7060df12e7c93b

 ///  File Name: sa12092.txt
Description:
Secunia Security Advisory - Cengiz Aykanat has reported two vulnerabilities in eTrust Common Services, allowing malicious people to cause a Denial of Service.
Homepage:http://secunia.com/advisories/12092/
File Size:2101
Last Modified:Jul 19 14:10:00 2004
MD5 Checksum:3bc9f9a88952edb7840c28eaa29fe276

 ///  File Name: sa12101.txt
Description:
Secunia Security Advisory - Lostmon has reported a weakness in I-Cafe client, allowing malicious users to by disable the software.
Homepage:http://secunia.com/advisories/12101/
File Size:1985
Last Modified:Jul 20 14:44:00 2004
MD5 Checksum:5b907abd136db2186c82eaf3c27505c8

 ///  File Name: sa12103.txt
Description:
Secunia Security Advisory - PlaySMS SMS Gateway 0.x is susceptible to SQL and Command Injection vulnerabilities due to a lack of input validation.
Homepage:http://secunia.com/advisories/12103/
File Size:1935
Last Modified:Jul 19 21:50:00 2004
MD5 Checksum:d11e97dfe897e00a66c4157e7176c2e8

 ///  File Name: sa12107.txt
Description:
Secunia Security Advisory - Komrade has reported a vulnerability in FTP Surfer, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when handling filenames. This can be exploited to cause a buffer overflow, which is triggered when the application is closed, by tricking a user into opening a file with an overly long filename from a malicious FTP server. Successful exploitation may potentially allow execution of arbitrary code. The vulnerability has been reported in version 1.0.7. Other versions may also be affected.
Homepage:http://secunia.com/advisories/12107/
File Size:1837
Last Modified:Jul 28 05:15:31 2004
MD5 Checksum:ab12a4ac2315678b57a905607062c695

 ///  File Name: sa12110.txt
Description:
Secunia Security Advisory - Jordi Corrales has reported a vulnerability in CADSLR1, allowing malicious people to cause a Denial of Service.
Homepage:http://secunia.com/advisories/12110/
File Size:1666
Last Modified:Jul 21 23:40:50 2004
MD5 Checksum:766da759c6980428af859df00ff32e8f

 ///  File Name: sa12127.txt
Description:
Secunia Security Advisory - Cyrille Barthelemy has reported a vulnerability in Nessus, potentially allowing malicious users to escalate their privileges. The problem is caused by a race condition in nessus-adduser if the user has not specified the environment variable TMPDIR. This has been reported to affect version 2.0.11. Prior versions may also be affected.
Homepage:http://secunia.com/advisories/12127/
File Size:1706
Last Modified:Jul 24 03:39:45 2004
MD5 Checksum:d96577b639dcfa77882c3e250348fc50

 ///  File Name: sa12150.txt
Description:
Secunia Security Advisory - Multiple vulnerabilities have been discovered in Hitachi's Web Page Generator versions 1.x and 2.x and also Enterprise releases 3.x and 4.x. These include denial of service, cross site scripting, and content disclosure attacks.
Homepage:http://secunia.com/advisories/12150/
File Size:2466
Last Modified:Jul 28 20:47:53 2004
MD5 Checksum:24a7ed4970aa66d8ac623a72ea68942c

 ///  File Name: sa12153.txt
Description:
Secunia Security Advisory - Arne Bernin has reported a vulnerability in Dropbear SSH Server, potentially allowing malicious people to compromise a vulnerable system. The vulnerability is caused due freeing of uninitialised variables in the DSS verification code. Successful exploitation may allow execution of arbitrary code. This affects version 0.42 and earlier.
Homepage:http://secunia.com/advisories/12153/
File Size:1700
Last Modified:Jul 26 17:52:50 2004
MD5 Checksum:2f7ef95acffd0ccdf437b4eb8fbb18fa

 ///  File Name: sa12159.txt
Description:
Secunia Security Advisory - A vulnerability has been discovered in OpenDocMan, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to a missing authentication check in commitchange.php when committing changes. This allows users to make unauthorised changes.
Homepage:http://secunia.com/advisories/12159/
File Size:1741
Last Modified:Jul 26 17:44:57 2004
MD5 Checksum:67d98ae0e085c2487980452dee3d6511

 ///  File Name: sa12165.txt
Description:
Secunia Security Advisory - Ziv Kamir has reported a security issue in FTPGlide, which can be exploited by malicious, local users to view usernames and passwords. The problem is that the profiles used for connecting to FTP servers are stored in clear text and are readable by any local user. This has been reported to affect version 2.43.
Homepage:http://secunia.com/advisories/12165/
File Size:1600
Last Modified:Jul 28 05:10:50 2004
MD5 Checksum:a208647134ede8c415895cb655e65c76

 ///  File Name: sambaOverruns.txt
Description:
Samba versions greater or equal to 2.2.29 and 3.0.0 have a buffer overrun located in the code used to support the mangling method = hash smb.conf option. Versions 3.0.2 suffer from buffer overrun in an internal routine used to decode base64 data during HTTP basic authentication.
Homepage:http://www.samba.org/
File Size:2947
Related CVE(s):CAN-2004-0600, CAN-2004-0686
Last Modified:Jul 23 00:49:12 2004
MD5 Checksum:049c56c69520c4a0f2554e200f42aa58

 ///  File Name: SCIphoto.txt
Description:
SCI Photo Chat Server version 3.4.9 is susceptible to a cross site scripting vulnerability.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1621
Last Modified:Jul 2 06:55:00 2004
MD5 Checksum:60f617448ee17a2e546fc9c02cc2a395

 ///  File Name: SCOSA-2004.7.txt
Description:
SCO Security Advisory - Multiple vulnerabilities have been found in the MMDF binaries included with SCO Openserver versions 5.0.6 and 5.0.7. These include buffer overflows, null dereferences, and core dumps.
Homepage:http://www.sco.com/support/security/index.html
File Size:3651
Related CVE(s):CAN-2004-0510, CAN-2004-0511, CAN-2004-0512
Last Modified:Jul 20 10:12:00 2004
MD5 Checksum:db0b55e12dc9b75998a44d9ad60a2cf4

 ///  File Name: screenos-av-xss-2.txt
Description:
Sending an infected ZIP archive with a filename containing HTML or Javascript may allow for a Cross-site scripting attack to be performed.
Homepage:http://www.juniper.net/support/security/alerts/screenos-av-xss-2.txt
File Size:2901
Last Modified:Jul 2 18:57:00 2004
MD5 Checksum:5e15fc9320672d08dbdce6f10e6d3447

 ///  File Name: spoofVulnMSIE.txt
Description:
MSIE suffers from a file spoofing vulnerability that tricks the browser into opening a file as something it is not. Tested against: IEXPLORE.EXE file version 6.0.2800.1106, MSHTML.DLL file version 6.00.2800.1400, Microsoft Windows XP SP2.
Author:Paul
Homepage:http://www.greyhats.cjb.net
File Size:1773
Last Modified:Jul 11 11:11:00 2004
MD5 Checksum:48599a0108bb178a60949e77da86e6ff