Section:  .. / 0405-advisories  /

Page 2 of 5
<< 1 2 3 4 5 >> Files 25 - 50 of 105
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: sa11678.txt
Description:
A vulnerability, caused due to an unspecified error within Xconfig, has been discovered in Exceed versions 9.x. When exploited, local users can bypass certain restrictions.
File Size:1603
Last Modified:May 21 21:31:15 2004
MD5 Checksum:ada06fe31a9d22224b90f762e8905320

 ///  File Name: snsadv72.txt
Description:
An ActiveX Control provided by Symantec Norton Antivirus 2004 contains a remotely exploitable DoS condition. In order to trigger this vulnerability, malicious website administrators must induce Internet Explorer users to view a specially crafted web site, which will consequently consume a lot of system resources.
Author:Yuu Arai
File Size:1861
Last Modified:May 21 20:50:54 2004
MD5 Checksum:0c470107c4caf6f7546c5adf7298267e

 ///  File Name: snmpdadv.txt
Description:
ucd-snmp versions 4.2.6 and below suffer from a buffer overflow on the command line when the daemon is spawned.
Author:priestmaster
Homepage:http://www.priestmaster.org
File Size:2096
Last Modified:May 21 20:44:25 2004
MD5 Checksum:be122a288bab3da10ef20d0d72f77d32

 ///  File Name: e107flaw.txt
Description:
All versions of e107 have a vulnerability that allows html tags and content to be posted to the stats page and to be listed under Referers. This allows an attacker to put any site link or code they want on the list of Referers.
Author:Chinchilla
File Size:1302
Last Modified:May 21 20:41:55 2004
MD5 Checksum:41a2f539fb007db163ce4892b4db18a9

 ///  File Name: clsid.txt
Description:
Microsoft Windows Explorer suffers from a flaw where it will execute underlying files when they are linked in html pages.
Author:Roozbeh Afrasiabi
File Size:3500
Last Modified:May 21 20:37:22 2004
MD5 Checksum:df6bf2cdb3a2dc7dc34812a92cf3252a

 ///  File Name: 062004.txt
Description:
libneon versions 0.24.5 and below have a date parsing vulnerability that can cause a heap overflow leading to remote code execution.
Author:Stefan Esser
Homepage:http://security.e-matters.de/
File Size:4002
Last Modified:May 19 23:20:34 2004
MD5 Checksum:c6bfda648f44323f5cda88b0d79b9cb7

 ///  File Name: 082004.txt
Description:
Subversion versions 1.0.2 and below suffer from a date parsing vulnerability that can be abused to allow remote code execution server-side.
Author:Stefan Esser
Homepage:http://security.e-matters.de/
File Size:4215
Last Modified:May 19 23:18:30 2004
MD5 Checksum:d795881a64a6d0778dd44d89589da77f

 ///  File Name: 57560.txt
Description:
Sun has released an advisory regarding Java Secure Socket Extension. Versions 1.0.3, 1.0.3_01, and 1.0.3_02 of JSEE allow malicious web sites to impersonate trusted web sites.
Homepage:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57560
File Size:2879
Last Modified:May 19 23:16:17 2004
MD5 Checksum:444343f673aa630825f8c790d085b52c

 ///  File Name: zencart112d.txt
Description:
Zen Cart version 1.1.2d fails to properly validate user-supplied input and in turn allows remote attackers the ability to perform SQL injection attacks.
Author:Oliver Minack
File Size:722
Last Modified:May 19 20:40:03 2004
MD5 Checksum:b4770c2d3d0c9e3874c75e2ea480dd9b

 ///  File Name: 052004.txt
Description:
Within phpMyFAQ an input validation problem exists which allows an attacker to include arbitrary local files. With known tricks to inject PHP code into log or session files this could lead to remote PHP code execution. Versions affected are 1.3.12 and below for the stable releases, and 1.4.0-alpha1 and below for the developer releases.
Author:Stefan Esser
Homepage:http://security.e-matters.de/advisories/052004.html
File Size:4349
Last Modified:May 19 20:35:05 2004
MD5 Checksum:21f10be7bea92bf3e9b8f03c6050e747

 ///  File Name: adv-desktopini.txt
Description:
Certain system folders on Microsoft Windows XP are created referencing the shellclassinfo in desktop.ini, allowing for executables to be masked as elsewise.
Author:Roozbeh Afrasiabi
File Size:3475
Last Modified:May 19 20:30:35 2004
MD5 Checksum:3efeebce972ebe99a83b3b1f29f838e7

 ///  File Name: 072004.txt
Description:
Stable CVS releases up to 1.11.15 and CVS feature releases up to 1.12.7 both contain a flaw when deciding if a CVS entry line should get a modified or unchanged flag attached. This results in a heap overflow which can be exploited to execute arbitrary code on the CVS server. This could allow a repository compromise.
Author:Stefan Esser
Homepage:http://security.e-matters.de/
File Size:3678
Related CVE(s):CAN-2004-0396
Last Modified:May 19 20:21:05 2004
MD5 Checksum:09c615ca4949fdcef92d552a9c7314a9

 ///  File Name: advisory_private_key_compromise.htm..>
Description:
Blue Coat Security Gateway OS (SGOS) 3.x releases suffer from a private key disclosure vulnerability where the key and passphrase are stored in clear text when being imported via the web-based management console.
Homepage:http://www.bluecoat.com/support/knowledge/advisory_private_key_compromise.html
File Size:16518
Last Modified:May 19 01:56:45 2004
MD5 Checksum:bb393fcd549f928a4e2e1c9101875f59

 ///  File Name: outlooksilent.txt
Description:
Microsoft Outlook 2003 allows for a security zone bypass when an embedded OLE object with a reference to a Windows media file in a Rich Text Format (RTF) message is received.
Author:http-equiv
File Size:2373
Last Modified:May 19 01:53:33 2004
MD5 Checksum:418f4bf45bb6bfd608761d865ff267d5

 ///  File Name: sa11632.txt
Description:
Secure Computing has reported multiple denial of service vulnerabilities in their Sidewinder G2 firewall.
Related File:SW61002Rel_Notes_0512.pdf
File Size:2023
Last Modified:May 19 01:48:35 2004
MD5 Checksum:d2cf35493bd23c4bd77ecbdb4a11dc84

 ///  File Name: 20040503-01-P.asc
Description:
SGI Security Advisory 20040503-01-P - Under certain conditions, rpc.mountd goes into an infinite loop while processing some RPC requests, causing a denial of service. Affected releases: SGI IRIX 6.5.x.
Homepage:http://www.sgi.com/support/security/
File Size:9061
Last Modified:May 19 01:46:47 2004
MD5 Checksum:e771b7ecc64247707f40f03dc5da3f98

 ///  File Name: ActivePerlSystemBOF.txt
Description:
ActiveState's ActivePerl version 5.8.0 and 5.8.3 on the Win32 platform seems to have a buffer overflow that allows for the crashing of Perl.exe.
Author:Oliver
File Size:57781
Last Modified:May 18 06:19:18 2004
MD5 Checksum:ca10a27ff71f233103693960ea389edd

 ///  File Name: waraxe-2004-SA029.txt
Description:
PHP-Nuke versions 6.x to 7.3 allow for possible file inclusion.
Author:Janek Vind aka waraxe
Homepage:http://www.waraxe.us/
File Size:4773
Last Modified:May 18 06:15:09 2004
MD5 Checksum:0103012506b8246cda5c7092c61fec41

 ///  File Name: ieImageMap.txt
Description:
A vulnerability has been found in Microsoft Internet Explorer that allows an attacker to use a specially coded ImageMap to spoof the URL displayed in the lower, left hand corner of the browser.
Author:Paul Kurczaba
Homepage:http://www.kurczaba.com/
File Size:960
Last Modified:May 18 06:10:46 2004
MD5 Checksum:90f0acee4e7ae4b72da9e91108fd49c9

 ///  File Name: safari12.txt
Description:
Safari versions 1.2 and below suffer from a vulnerability that can lead to remote arbitrary code execution via the runscript aspect of the HTML rendering functionality.
Author:kang
File Size:1486
Last Modified:May 18 06:08:46 2004
MD5 Checksum:fb01452d5c8420ed352357b019941075

 ///  File Name: webctxss.txt
Description:
WebCT is susceptible to cross site scripting vulnerabilities.
Author:spiffomatic64
File Size:1881
Last Modified:May 18 06:05:57 2004
MD5 Checksum:793da5337c66e4626ad0ae969206ede5

 ///  File Name: tttc.txt
Description:
TTT-C is susceptible to multiple cross site scripting attacks due to the fact that it does not sanitize variables.
Author:Kaloyan Olegov Georgiev
File Size:4381
Last Modified:May 18 05:55:59 2004
MD5 Checksum:1a02809db58f3bb930bb86e3d98bbccf

 ///  File Name: netchat73.txt
Description:
NetChat, an application intended to allow users on the same subnet to chat with one another, is susceptible to a stack-based buffer overflow. Versions 7.3 and below are affected. The overflow allows for arbitrary code execution under the user running the application.
Author:Marius Huse Jacobsen
File Size:1992
Last Modified:May 18 05:53:43 2004
MD5 Checksum:43ac9c127208900025e4d35d23a4c6d8

 ///  File Name: 802.11vuln.txt
Description:
AUSCERT Advisory - A vulnerability exists in hardware implementations of the IEEE 802.11 wireless protocol that allows for a trivial but effective attack against the availability of wireless local area network (WLAN) devices.
Homepage:http://www.auscert.org.au/
File Size:8280
Last Modified:May 18 05:41:35 2004
MD5 Checksum:c72c436cc778a5c208a7754dba4d14f2

 ///  File Name: lhasilly.txt
Description:
LHA has some additional buffer overflows in the extract_one function.
Author:Lukasz Wojtow
File Size:613
Last Modified:May 18 05:34:15 2004
MD5 Checksum:0e27f4f6cbb53a85340d08b4f22c2e08