Section:  .. / 0402-advisories  /

Page 4 of 5
<< 1 2 3 4 5 >> Files 75 - 100 of 107
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: maxwebportal.txt
Description:
MaxWebPortal is vulnerable to a cross site scripting and SQL injection attack.
Author:Manuel L pez
File Size:2636
Last Modified:Feb 10 19:15:00 2004
MD5 Checksum:403d4d022d010104bcdc748ef2a8fcc5

 ///  File Name: phpnukeSQL.txt
Description:
PHPNuke versions greater than 6.9 are susceptible to SQL injection attacks that allow a remote attacker to get an administrator's hash to achieve to administrator access.
Author:pokleyzz
File Size:2139
Last Modified:Feb 10 18:12:00 2004
MD5 Checksum:10409d176ded0ab738e079c21cc40ce7

 ///  File Name: XBOXoverflow.txt
Description:
The XBOX EvolutionX dashboard has buffer overflows in both the ftp cd and telnet dir commands.
Author:Jokko
File Size:1988
Last Modified:Feb 10 17:00:00 2004
MD5 Checksum:9842125792702e3e853074e72ee471e2

 ///  File Name: brinkster.txt
Description:
Brinkster, the web hosting company, is susceptible to multiple attacks allowing remote attacker to retrieve other user's ASP source code, access to database files, and bypass of code controls.
Author:Ferruh Mavituna
Homepage:http://ferruh.mavituna.com
File Size:2795
Last Modified:Feb 9 23:56:00 2004
MD5 Checksum:545e9a255abf77903e558f35052bed31

 ///  File Name: LoadLibrary.txt
Description:
A LoadLibrary / LoadLibraryEx weakness makes SSL on Internet Explorer very vulnerable to a DLL proxy attack. If exploited, unencrypted data can be intercepted before Internet Explorer uses the SSL module to encrypt the data.
Author:OS Security
Homepage:http://www.ossecurity.ca
File Size:4881
Last Modified:Feb 9 23:17:00 2004
MD5 Checksum:be9f982d682ea51f7153b6f707a08b18

 ///  File Name: 031003.txt
Description:
The Red-M RedAlert wireless 802.11b/Bluetooth probe version 2.75 has multiple security issues. Any unauthenticated user can reboot the appliance through the webserver. The administrator's access is bound by IP address, allowing anyone coming in via NAT from a shared network the same levels of control. The device also filters out specific characters in SSIDs representing them all as a single space character.
Author:Bruno Morisson
Homepage:http://genhex.org/releases/031003.txt
File Size:3019
Last Modified:Feb 9 22:58:00 2004
MD5 Checksum:f7a4556f01ea0e902cfe2038fed5fa39

 ///  File Name: eTrust60.txt
Description:
eTrust Virus Protection 6.0 InoculateIT for Linux is vulnerable to various symlink attacks and also creates multiple world writeable files and directories that can lead to system compromise.
Author:l0om
File Size:5252
Last Modified:Feb 9 22:52:00 2004
MD5 Checksum:c50f1b9150db331ae5c5cd26774d54d1

 ///  File Name: NokiaVuln.txt
Description:
Nokia 6310i cellular phones (and possibly others like it) could be subject of a denial of service attack when invalid OBEX messages are sent to the phones' protocol handler. This attack results in the phone resetting, terminating any current operations. No device pairing is required therefore anyone in range of the phone could initiate an attack.
Author:Tim Hurman
Homepage:http://www.pentest.co.uk/
File Size:3348
Last Modified:Feb 9 22:45:00 2004
MD5 Checksum:20ce91e11f3277f4c1f201784b2b30ac

 ///  File Name: eggdropShare.txt
Description:
Eggdrop IRC robots versions 1.6.x to 1.6.15 have a programming flaw that allow remote attackers to turn on share status, allowing for complete compromise.
Author:Luca De Roberto, Dania Stolfi, Guiseppe Caulo
File Size:3843
Last Modified:Feb 9 21:40:00 2004
MD5 Checksum:93a00a1a498c904b2b0b37c58ee81349

 ///  File Name: waraxe-2004-SA003.txt
Description:
PHP-Nuke versions 6.x through 7.1.0 are susceptible to SQL injection attacks.
Author:Janek Vind aka waraxe
File Size:3774
Last Modified:Feb 9 02:33:00 2004
MD5 Checksum:ad9f77125c5096f3d0585a34e45b6ac4

 ///  File Name: waraxe-2004-SA002.txt
Description:
A cross site scripting vulnerability exists in PHP-Nuke 7.1.0.
Author:Janek Vind aka waraxe
File Size:3050
Last Modified:Feb 9 02:03:00 2004
MD5 Checksum:46a324bf1a709174db6f8b7e6e96c47e

 ///  File Name: thepalace.txt
Description:
Palace chat software versions 3.5 and below are susceptible to a stack overflow client-side when accessing hyperlinks.
Author:Peter Winter-Smith
Homepage:http://www.elitehaven.net/
File Size:5595
Last Modified:Feb 8 05:01:00 2004
MD5 Checksum:0479f730c38734b20aa54062f0fa4ac0

 ///  File Name: dotnetnuke.txt
Description:
DotNetNuke versions 1.0.6 to 1.0.10d are susceptible to file disclosure and cross site scripting attacks.
Author:Ferruh Mavituna
Homepage:http://ferruh.mavituna.com
File Size:3354
Last Modified:Feb 7 00:07:00 2004
MD5 Checksum:3daf4c87034ae0c9c1e42d6a8af229d0

 ///  File Name: ApacheSSLvuln.txt
Description:
If configured with SSLVerifyClient set to 1 or 3 and SSLFakeBasicAuth, Apache-SSL 1.3.28+1.52 and all earlier versions would permit a client to use real basic authentication to forge a client certificate.
Author:Adam Laurie
File Size:1037
Last Modified:Feb 7 00:05:00 2004
MD5 Checksum:f48d12492c4f43b76543173a50146a20

 ///  File Name: Adv-20040206.txt
Description:
S-Quadra Advisory #2004-02-06 - A backdoor exists in CactuSoft CactuShop 5.0 Lite shopping cart software that allows a remote attacker to delete any file on the target system.
Author:Nick Gudov
Homepage:http://www.s-quadra.com/
File Size:3117
Last Modified:Feb 7 00:03:00 2004
MD5 Checksum:02afacde179582289b15b48fbef52ed0

 ///  File Name: formmailphp.txt
Description:
A cross site scripting flaw exists in formmail.php.
Author:Nourredine Himeur
Homepage:http://www.security-challenge.com
File Size:2681
Last Modified:Feb 6 23:50:00 2004
MD5 Checksum:9248c882c366f3dec15135fdd84774cc

 ///  File Name: TA04-036A.txt
Description:
CERT Advisory TA04-036A - Several versions of Check Point Firewall-1 contain a vulnerability that allows remote attackers to execute arbitrary code with administrative privileges. This allows the attacker to take control of the firewall, and in some cases, to also control the server it runs on.
Author:Jeffrey P. Lanza
Homepage:http://www.cert.org
File Size:4286
Last Modified:Feb 6 01:08:00 2004
MD5 Checksum:9217a8c5b84c6617374e45f52787de87

 ///  File Name: FreeBSD-SA-04:02.shmat
Description:
FreeBSD Security Advisory FreeBSD-SA-04:02.shmat - A programming error in the shmat(2) system call can result in a shared memory segment's reference count being erroneously incremented. It may be possible to cause a shared memory segment to reference unallocated kernel memory, but remain valid. This could allow a local attacker to gain read or write access to a portion of kernel memory, resulting in sensitive information disclosure, bypass of access control mechanisms, or privilege escalation.
Homepage:http://www.freebsd.org/security/
File Size:6360
Last Modified:Feb 5 21:03:00 2004
MD5 Checksum:eb0b33cf5fc0260b225915ceb6a3f377

 ///  File Name: xlight152.txt
Description:
Xlight FTP server version 1.52 is susceptible to a denial of service attack.
Author:intuit
File Size:3430
Last Modified:Feb 5 03:12:00 2004
MD5 Checksum:87e707beefaca8fc694699fdced3f417

 ///  File Name: 02.04.04.txt
Description:
iDEFENSE Security Advisory 02.04.04: Remote exploitation of a denial of service condition within GNU Radius can allow an attacker to crash the service. The problem specifically exists within the rad_print_request() routine defined in lib/logger.c.
Homepage:http://www.idefense.com/
File Size:3732
Last Modified:Feb 5 03:01:00 2004
MD5 Checksum:2f656a140a64694d43365fb25f13eb5a

 ///  File Name: IBM.cloudscape.txt
Description:
IBM cloudscape SQL Database (DB2J) version 5.1 on Windows with jdk 1.4.2 is vulnerable to remote command injection, denial of service attacks, and information leakage via specially crafted SQL statements.
Author:Marc Schoenefeld
Homepage:http://www.illegalaccess.org
File Size:4037
Last Modified:Feb 5 02:58:00 2004
MD5 Checksum:34808051fb93ae87a4b41af19b89a69d

 ///  File Name: NGSrealone.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR04022004a -
Author:crafting malformed .RP, .RT, .RAM, .RPM or .SMIL file, it is possible to cause heap and stack based overruns in RealPlayer / RealOne Player. Homepage: http://www.ngssoftware.com/.
File Size:2587
Last Modified:Feb 5 02:56:00 2004
MD5 Checksum:0d5f21938ce0d94310e6cd768dad55e2

 ///  File Name: rxgoogle.txt
Description:
A cross site scripting vulnerability exists in the rxgoogle.cgi utility. Patch included.
Author:Shaun Colley
File Size:4843
Last Modified:Feb 4 23:20:00 2004
MD5 Checksum:308c941b75c70e20fdcd387e6e6c3641

 ///  File Name: pine-cert-20040201.txt
Description:
Pine Digital Security Advisory PINE-CERT-20040201 - The shmat(2) function has a flaw that allows local users to achieve escalated privileges. Vulnerable systems: FreeBSD versions 2.2.0 and greater, NetBSD versions 1.3 and greater, and OpenBSD versions 2.6 and greater.
Author:Joost Pol
Homepage:http://www.pine.nl/
File Size:3683
Last Modified:Feb 4 23:03:00 2004
MD5 Checksum:25db0c46af816ef1da53abd971ffd9e5

 ///  File Name: typsoft110.txt
Description:
TYPSoft FTP Server 1.10 for Windows 9X and WinNT is vulnerable to a denial of service attack when a blank username is supplied.
Author:intuit
File Size:2004
Last Modified:Feb 4 21:03:00 2004
MD5 Checksum:bf3f9ebbe5fcba752498d37620560981