Section:  .. / 0411-advisories  /

Page 1 of 7
<< 1 2 3 4 5 6 7 >> Files 1 - 25 of 167
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 000077.txt
Description:
Hat Squad Advisory - Helm Web Hosting Control Panel is susceptible to cross site scripting and SQL injection vulnerabilities. Versions 3.1.19 and below are affected.
Author:Behrang Fouladi
Homepage:http://www.hat-squad.com/
File Size:2208
Last Modified:Nov 5 04:39:12 2004
MD5 Checksum:78f326a40bba8360a83c0d4572bfe5d3

 ///  File Name: 11.08.04.txt
Description:
iDEFENSE Security Advisory 11.08.04 - Remote exploitation of an input validation error in Samba could allow an attacker to consume system resources and potentially cause the target system to crash.
Author:Karol Wiesek
Homepage:http://www.idefense.com
File Size:3531
Related CVE(s):CAN-2004-0930
Last Modified:Nov 10 08:11:56 2004
MD5 Checksum:eeb9deef0bf252b50f560d80d13a7dda

 ///  File Name: 11.15.04.txt
Description:
iDEFENSE Security Advisory 11.15.04 - Multiple vulnerabilities have been found in Fcron 2.0.1 and 2.9.4. Local exploitation of vulnerabilities in the fcronsighup component of Fcron may allow users to view the contents of root owned files, bypass access restrictions, and remove arbitrary files or create arbitrary empty files.
Author:Karol Wiesek
Homepage:http://www.idefense.com/
File Size:7185
Related CVE(s):CAN-2004-1030, CAN-2004-1031, CAN-2004-1032, CAN-2004-1033
Last Modified:Nov 20 22:13:47 2004
MD5 Checksum:ed312db2703e2ef3d74583afd5c6360e

 ///  File Name: 11.22.04.txt
Description:
iDEFENSE Security Advisory 11.22.04 - J2SE prior to v1.4.2_06 contains serious remote vulnerabilities which allow applets loaded in browsers to load an unsafe class, and write to any file on a users system. IE, Mozilla, and Firefox can lead to compromise on Linux and Windows systems if a malicious web page is loaded.
Author:Jouko Pynnonen
Homepage:http://www.idefense.com
File Size:4310
Related CVE(s):CAN-2004-1029
Last Modified:Nov 24 08:03:46 2004
MD5 Checksum:589ce64427e67a02d8109eeaf1fd0809

 ///  File Name: 132004.txt
Description:
Samba versions 3 through 3.0.7 suffer from a buffer overflow inside the QFILEPATHINFO request handler. This vulnerability allows for remote code execution.
Author:Stefan Esser
Homepage:http://security.e-matters.de/
File Size:3905
Related CVE(s):CAN-2004-0882
Last Modified:Nov 20 20:39:56 2004
MD5 Checksum:2e206dfee16b6d2c1db677d7fc949b5d

 ///  File Name: 142004.txt
Description:
During an audit of the smb filesystem implementation within Linux several vulnerabilities were discovered ranging from out of bounds read accesses to kernel level buffer overflows. The 2.4 series up to 2.4.27 is affected and the 2.6 series up to 2.6.9 is affected.
Author:Stefan Esser
Homepage:http://security.e-matters.de/
File Size:6497
Related CVE(s):CAN-2004-0883, CAN-2004-0949
Last Modified:Nov 20 22:48:05 2004
MD5 Checksum:6dbd64513c8583c5c3583aa170d5180b

 ///  File Name: 152004.txt
Description:
Cyrus IMAP server versions 2.2.8 and below suffer from several vulnerabilities that allow for remote code execution.
Author:Stefan Esser
Homepage:http://security.e-matters.de/
File Size:6248
Related CVE(s):CAN-2004-1011, CAN-2004-1012, CAN-2004-1013
Last Modified:Dec 11 19:33:04 2004
MD5 Checksum:376d387fe5ca3758423f2541a97b5b72

 ///  File Name: 2004-0058.txt
Description:
Trustix Secure Linux Security Advisory #2004-0058 - Various security fixes have been released for gd, samba, sqlgrey, and sudo.
Homepage:http://www.trustix.org/
File Size:6218
Related CVE(s):CAN-2004-0941, CAN-2004-0990, CAN-2004-0882, CAN-2004-0930
Last Modified:Nov 20 22:33:59 2004
MD5 Checksum:a6b47168cf3544c71a84850af96a4db6

 ///  File Name: 20041103-1.txt
Description:
Zip console application by Info-Zip is susceptible to a buffer overflow condition that can be triggered and exploited during a recursive compression operation.
Homepage:http://www.hexview.com/
File Size:4208
Last Modified:Nov 5 05:33:20 2004
MD5 Checksum:a935cf0a01b3ad7007cda55353b3743f

 ///  File Name: 20041104-1.txt
Description:
Symantec LiveUpdate is susceptible to compressed archive attacks known as zip bombing.
Homepage:http://www.hexview.com/
File Size:4488
Last Modified:Nov 5 05:37:44 2004
MD5 Checksum:bbe97d4e3a80efbbd9bcbac09a1d69d6

 ///  File Name: 2427surprise.txt
Description:
A subtle race condition in Linux kernels below 2.4.28 allow a non-root user to increment (up to 256 times) any arbitrary location(s) in kernel space. This flaw could be used to gain elevated privileges.
Author:Paul Starzetz
Homepage:http://isec.pl/
File Size:1280
Last Modified:Nov 20 23:43:09 2004
MD5 Checksum:42de458b8f020d22510cbfb0a1a95d9e

 ///  File Name: 57606.html
Description:
Sun Security Advisory - Buffer overflow vulnerabilities in the Sun Java System Web Proxy Server may allow a remote unprivileged user to crash either the Web Proxy Server or the Admin Server (of the Web Proxy Server) or execute arbitrary code with the privileges of the respective server processes.
Homepage:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57606-1
File Size:5961
Last Modified:Nov 2 02:58:56 2004
MD5 Checksum:ff7518d2275c5f059050b1b4fdcd8d79

 ///  File Name: 57665.html
Description:
Sun Security Advisory - A security vulnerability in iPlanet Messaging Server/Sun ONE Messaging web-based e-mail may allow a remote unprivileged user the ability to gain unauthorized access to a webmail user's e-mail using a specially crafted e-mail message.
Homepage:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57665-1
File Size:6730
Last Modified:Nov 10 09:04:55 2004
MD5 Checksum:883bf941e604852669a17456baf950d3

 ///  File Name: 57669.html
Description:
Sun Security Advisory - Using malformed client certificates, a remote unprivileged user may be able to crash a Sun Java System Web Server or a Sun Java System Application Server.
Homepage:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1
File Size:6912
Last Modified:Nov 5 05:06:55 2004
MD5 Checksum:23f2769288782ec5810717b475bc778f

 ///  File Name: 602Lansuite.txt
Description:
602 Lan Suite versions 2004.0.04.0909 and below are susceptible to resource consumption and socket consumption attacks.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:602res.zip"
File Size:2582
Last Modified:Nov 10 07:24:24 2004
MD5 Checksum:4c3490c7aa4d9d23be1995c9dba449c1

 ///  File Name: 758884.html
Description:
NISCC Vulnerability Advisory 758884/NISCC/DNS - Several vulnerabilities have been discovered within the Domain Name System (DNS) protocol by two DNS experts.
Author:Roy Arends, Jakob Schlyter
Homepage:http://www.uniras.gov.uk/vuls/2004/758884/index.htm
File Size:49218
Last Modified:Nov 10 09:09:51 2004
MD5 Checksum:7e4a7ebf7b077bd4a370bd9fa9b3afee

 ///  File Name: 758884.txt
Description:
Unofficial addition to the NISCC DNS vulnerability advisory giving an additional list of vulnerable implementations.
Related File:758884.html
File Size:1632
Last Modified:Nov 20 23:15:46 2004
MD5 Checksum:d1daaf185fbd2a5d88c982e101bec10d

 ///  File Name: Ad20041026EN.txt
Description:
XDICT 2002 through 2005 all suffer from a buffer overrun vulnerability when attempting to examine a word for translation.
Author:Sowhat
Homepage:http://secway.org
File Size:2135
Last Modified:Nov 2 02:06:47 2004
MD5 Checksum:600a5a01f14eff1f7e10eb42afaf44d0

 ///  File Name: ADLAB-04002.txt
Description:
There is a remote buffer overflow in the C2S module of Jabberd 2.x which allows attackers to crash the Jabberd sever and possibly execute arbitrary code.
Author:icbm
File Size:16861
Related CVE(s):CAN-2004-0953
Last Modified:Dec 11 20:10:39 2004
MD5 Checksum:327661b7a2bda25c6b5153ae00300914

 ///  File Name: alcateladsl.txt
Description:
The Alcatel/Thomson Speed Touch Pro ADSL modem suffers two security flaws allowing an insider to poison the intranet zone configured in the modem's embedded DNS server.
Author:Gregory Duchemin
File Size:3771
Last Modified:Nov 13 03:41:26 2004
MD5 Checksum:191ee87840d6ff0e79859f12877abc0a

 ///  File Name: appservVulns.txt
Description:
AppServ versions 2.5.x and below use a blank root password allowing for compromise.
Author:saudi linux
File Size:2866
Last Modified:Nov 20 23:20:46 2004
MD5 Checksum:9132dd67cf51cae3f712c0a9c9fe1495

 ///  File Name: armymen10.txt
Description:
Army Men RTS version 1.0 is susceptible to a format string bug that results in a denial of service.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:1616
Last Modified:Nov 20 20:08:24 2004
MD5 Checksum:180c0dafcada1937e5d38a6c8b107397

 ///  File Name: artikel53297.txt
Description:
Flaws in SP2 security features, part II - With Service Pack 2, Microsoft introduced a couple of new security features. However, some of them suffer from implementation flaws.
Author:Juergen Schmidt
Homepage:http://www.heise.de/
File Size:2195
Last Modified:Nov 20 22:36:35 2004
MD5 Checksum:3993ab9c51af04af4297e45da508af4f

 ///  File Name: bogofilter-SA-2004-01.txt
Description:
A vulnerability in bogofilter/bogolexer causes a segmentation fault due to malformed input.
Author:Antti-Juhani Kaijanaho, Clint Adams, David Relson
File Size:3786
Last Modified:Nov 1 04:11:50 2004
MD5 Checksum:de3d71a71544b27c4427eac5daf74186

 ///  File Name: c040619-001.txt
Description:
Corsaire Security Advisory - The aim of this document is to clearly define several vulnerabilities in the Danware NetOp Host product that suffers from multiple information disclosure issues.
Author:Martin O'Neal
Homepage:http://www.penetration-testing.com/
File Size:4850
Related CVE(s):CAN-2004-0950
Last Modified:Nov 20 23:37:33 2004
MD5 Checksum:62ac9ea687c7f3b8d3f743ef6881f1f0