Section:  .. / 0407-advisories  /

Page 4 of 5
<< 1 2 3 4 5 >> Files 75 - 100 of 114
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: sa12017.txt
Description:
Secunia Security Advisory - Ken Girrard has reported a vulnerability in Open WebMail, which can be exploited by malicious users to execute arbitrary application. The vulnerability is caused due to the vacation.pl script opening list files without checking their existence.
Homepage:http://secunia.com/advisories/12017/
File Size:1885
Last Modified:Jul 6 11:21:00 2004
MD5 Checksum:3f96b881e608b15e05bfbf13cf30ace1

 ///  File Name: covert.txt
Description:
The Microsoft Java Virtual Machine suffers from a cross-site communication vulnerability that allows Java applets originating from different domains to communicate.
Author:Marc Schoenefeld
File Size:1860
Last Modified:Jul 12 19:10:00 2004
MD5 Checksum:61ab28abd50ab3af13559c8c4509bfc7

 ///  File Name: sa12107.txt
Description:
Secunia Security Advisory - Komrade has reported a vulnerability in FTP Surfer, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when handling filenames. This can be exploited to cause a buffer overflow, which is triggered when the application is closed, by tricking a user into opening a file with an overly long filename from a malicious FTP server. Successful exploitation may potentially allow execution of arbitrary code. The vulnerability has been reported in version 1.0.7. Other versions may also be affected.
Homepage:http://secunia.com/advisories/12107/
File Size:1837
Last Modified:Jul 28 05:15:31 2004
MD5 Checksum:ab12a4ac2315678b57a905607062c695

 ///  File Name: noranvDoS.txt
Description:
Symantec Norton AntiVirus 2003 Professional Edition and Symantec Norton AntiVirus 2002 suffer from a denial of service condition when scanning files deeply embedded in directories.
Author:Bipin Gautam
Homepage:http://www.geocities.com/visitbipin/
File Size:1795
Last Modified:Jul 9 20:10:00 2004
MD5 Checksum:a3dc0a9842107bbe0f94e585cd96c558

 ///  File Name: Ability_mail_server_1.18.txt
Description:
Ability Mail Server 1.x is susceptible to a cross site scripting flaw and a denial of service vulnerability.
Author:Dr Insane
Homepage:http://members.lycos.co.uk/r34ct/
File Size:1777
Last Modified:Jul 12 19:06:00 2004
MD5 Checksum:98395edd824ab89b51bab14584e8e4a0

 ///  File Name: spoofVulnMSIE.txt
Description:
MSIE suffers from a file spoofing vulnerability that tricks the browser into opening a file as something it is not. Tested against: IEXPLORE.EXE file version 6.0.2800.1106, MSHTML.DLL file version 6.00.2800.1400, Microsoft Windows XP SP2.
Author:Paul
Homepage:http://www.greyhats.cjb.net
File Size:1773
Last Modified:Jul 11 11:11:00 2004
MD5 Checksum:48599a0108bb178a60949e77da86e6ff

 ///  File Name: enpa-sa-00015.txt
Description:
Ethereal Security Advisory Enpa-sa-00015 - It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire or by convincing someone to read a malformed packet trace file due to three flaws. Versions affected: 0.8.15 up to and including 0.10.4.
Homepage:http://www.ethereal.com/
File Size:1763
Related CVE(s):CAN-2004-0633, CAN-2004-0634, CAN-2004-0635
Last Modified:Jul 6 15:12:00 2004
MD5 Checksum:31e42c899537017a75214de29881bbc9

 ///  File Name: sa12159.txt
Description:
Secunia Security Advisory - A vulnerability has been discovered in OpenDocMan, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to a missing authentication check in commitchange.php when committing changes. This allows users to make unauthorised changes.
Homepage:http://secunia.com/advisories/12159/
File Size:1741
Last Modified:Jul 26 17:44:57 2004
MD5 Checksum:67d98ae0e085c2487980452dee3d6511

 ///  File Name: sa12127.txt
Description:
Secunia Security Advisory - Cyrille Barthelemy has reported a vulnerability in Nessus, potentially allowing malicious users to escalate their privileges. The problem is caused by a race condition in nessus-adduser if the user has not specified the environment variable TMPDIR. This has been reported to affect version 2.0.11. Prior versions may also be affected.
Homepage:http://secunia.com/advisories/12127/
File Size:1706
Last Modified:Jul 24 03:39:45 2004
MD5 Checksum:d96577b639dcfa77882c3e250348fc50

 ///  File Name: sa12153.txt
Description:
Secunia Security Advisory - Arne Bernin has reported a vulnerability in Dropbear SSH Server, potentially allowing malicious people to compromise a vulnerable system. The vulnerability is caused due freeing of uninitialised variables in the DSS verification code. Successful exploitation may allow execution of arbitrary code. This affects version 0.42 and earlier.
Homepage:http://secunia.com/advisories/12153/
File Size:1700
Last Modified:Jul 26 17:52:50 2004
MD5 Checksum:2f7ef95acffd0ccdf437b4eb8fbb18fa

 ///  File Name: sa12008.txt
Description:
Secunia Security Advisory - kokanin has noticed that files are created in /tmp using 777 permissions for Oracle Database 10g during installation allowing malicious users to manipulate files.
Homepage:http://secunia.com/advisories/12008/
File Size:1673
Last Modified:Jul 4 12:38:00 2004
MD5 Checksum:b890c8788f36a2f0de2cc7ff93e3dcef

 ///  File Name: sa12110.txt
Description:
Secunia Security Advisory - Jordi Corrales has reported a vulnerability in CADSLR1, allowing malicious people to cause a Denial of Service.
Homepage:http://secunia.com/advisories/12110/
File Size:1666
Last Modified:Jul 21 23:40:50 2004
MD5 Checksum:766da759c6980428af859df00ff32e8f

 ///  File Name: sa11992.txt
Description:
Secunia Security Advisory - Pure-FTPd versions 1.0.x suffer from a vulnerability that allow for a denial of service.
Homepage:http://secunia.com/advisories/11992/
File Size:1632
Last Modified:Jul 5 09:13:00 2004
MD5 Checksum:052d5f9209b2da6042913a3aa0e8ea52

 ///  File Name: hijackclick3.txt
Description:
A flaw in Microsoft Internet Explorer allows malicious remote users the ability to manipulate access controls in popup.show() resulting in executable mouse click actions.
Author:Paul
Homepage:http://www.greyhats.cjb.net
File Size:1623
Last Modified:Jul 11 11:42:00 2004
MD5 Checksum:8c4fa0dc9ad741010e4495ed7f881881

 ///  File Name: SCIphoto.txt
Description:
SCI Photo Chat Server version 3.4.9 is susceptible to a cross site scripting vulnerability.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1621
Last Modified:Jul 2 06:55:00 2004
MD5 Checksum:60f617448ee17a2e546fc9c02cc2a395

 ///  File Name: sa12165.txt
Description:
Secunia Security Advisory - Ziv Kamir has reported a security issue in FTPGlide, which can be exploited by malicious, local users to view usernames and passwords. The problem is that the profiles used for connecting to FTP servers are stored in clear text and are readable by any local user. This has been reported to affect version 2.43.
Homepage:http://secunia.com/advisories/12165/
File Size:1600
Last Modified:Jul 28 05:10:50 2004
MD5 Checksum:a208647134ede8c415895cb655e65c76

 ///  File Name: 12PlanetXSS.txt
Description:
12Planet Chat server version 2.9 suffers from a cross site scripting flaw.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1571
Last Modified:Jul 5 07:52:00 2004
MD5 Checksum:6e9932c77f1061e857ef4d1679d9ae6c

 ///  File Name: domino651.txt
Description:
Lotus Domino 6.5.0/6.5.1 has a flaw that allows every user the ability to change their quota on an imap-enabled Domino Server to any value.
Author:Andreas Klein
File Size:1521
Last Modified:Jul 1 13:33:00 2004
MD5 Checksum:04d6aebd6dd58b66b662226d23b31021

 ///  File Name: novellVPN.txt
Description:
Novell Bordermanager 3.x suffers from a flaw that allows for a denial of service attack due to an unspecified error within the VPN service IKE.NLM.
Homepage:http://support.novell.com/cgi-bin/search/searchtid.cgi?/10093576.htm
File Size:1491
Last Modified:Jul 15 03:44:00 2004
MD5 Checksum:aa781b8516490d82b07f814aa693a955

 ///  File Name: Enceladus_web_server.txt
Description:
A directory traversal vulnerability has been discovered in Enceladus web server beta 4.0.2. It can be trivially exploited by simply tying ../ as part of the URL to view directories or files outside of the webroot.
Homepage:http://members.lycos.co.uk/r34ct/
File Size:1380
Last Modified:Jul 1 14:01:00 2004
MD5 Checksum:9afa43e3750e0a07d1d3e9cb3ed59991

 ///  File Name: mod_authz_svn-copy-advisory.txt
Description:
Subversion versions up to and including 1.0.5 have a bug in mod_authz_svn that allows users with write access to read portions of the repository that they do not have read access to.
Homepage:http://subversion.tigris.org/
File Size:1353
Last Modified:Jul 26 18:00:23 2004
MD5 Checksum:2520a76f3d17802a2d29d13ad9b66794

 ///  File Name: 000385.txt
Description:
A vulnerability exists in the way that Shorewall handles temporary files and directories. The vulnerability can allow a non-root user to cause arbitrary files on the system to be overwritten.
Homepage:http://lists.shorewall.net/pipermail/shorewall-announce/2004-June/000385.html
File Size:1220
Last Modified:Jul 8 18:35:00 2004
MD5 Checksum:f514a237bf4dc129e168a1f8150d60d5

 ///  File Name: winmediaExec.txt
Description:
A flaw exists in Windows Media Player that allows a malicious asx file to be executed running javascript in a local zone. Tested against MSDXM.DLL file version 6.4.09.1128 on Microsoft Windows 2000.
Author:Paul
Homepage:http://www.geryhats.cjb.net
File Size:1163
Last Modified:Jul 11 11:45:00 2004
MD5 Checksum:d9d57e639a404636401e7610d05eb4fe

 ///  File Name: ZH2004-15SA.txt
Description:
I-Mall Commerce is susceptible to remote arbitrary command execution due to a lack of variable sanity checking.
Author:SPAX
Homepage:http://www.zone-h.org
File Size:1143
Last Modified:Jul 5 08:43:00 2004
MD5 Checksum:9a169081332944c9dcd152290b3fa100

 ///  File Name: fedora_im-switch_tempfile_race.txt
Description:
Tatsuo Sekine has reported a vulnerability in Fedora, which can be exploited locally to increase privileges via a file race condition.
Homepage:http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=126940
File Size:1132
Last Modified:Jul 13 15:00:00 2004
MD5 Checksum:e5923cd113eda9bf872008fbf480df8d