Section:  .. / 0409-advisories  /

Page 4 of 6
<< 1 2 3 4 5 6 >> Files 75 - 100 of 142
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: qnx-photon_multiple_overflows.txt
Description:
Various buffer overflow conditions exist in four binaries of QNX Photon.
Author:Julio Cesar Fort
Homepage:http://www.rfdslabs.com.br
File Size:2570
Last Modified:Sep 14 01:46:47 2004
MD5 Checksum:2b811969d1209337472170074200f623

 ///  File Name: samba30x.txt
Description:
Samba 3.0.x is susceptible to multiple denial of services bugs that can remotely crash the daemons nmbd and smbd.
Homepage:http://www.idefense.com/
File Size:2215
Related CVE(s):CAN-2004-0807, CAN-2004-0808
Last Modified:Sep 14 00:39:42 2004
MD5 Checksum:3a2867406071785f82ebec0f354d676a

 ///  File Name: sa12302.txt
Description:
Secunia Security Advisory - Secunia has discovered a vulnerability in OpenOffice and StarOffice, which can be exploited by malicious, local users to gain knowledge of sensitive information.
Author:Carsten Eiram
Homepage:http://secunia.com/secunia_research/2004-5/
File Size:2591
Last Modified:Sep 14 00:34:42 2004
MD5 Checksum:db50ff214f3c0485e49d12faae42067b

 ///  File Name: twinftp103r2.txt
Description:
A directory traversal vulnerability exists in several FTP commands of TwinFTP that may be exploited by a malicious user to access files outside the FTP directory. The problem lies with the incorrect filtering of directory name supplied to CWD, STOR and RETR commands. Versions tested: TwinFTP Server Standard 1.0.3 R2 (Win32) on English WinXP SP1, TwinFTP Server Enterprise 1.0.3 R2 (Win32) on English Win2K SP2.
Author:Tan Chew Keong
Homepage:http://www.security.org.sg/vuln/twinftp103r2.html
File Size:2516
Last Modified:Sep 13 23:57:32 2004
MD5 Checksum:81b16a5deb0bb4330411702cd36646ce

 ///  File Name: gadu-gadu.txt
Description:
Sec-Labs Advisory - Gadu-Gadu is susceptible to a heap overflow that allows for arbitrary code execution. Tested against version 6.0 build 149.
Author:Lord YuP
Homepage:http://sec-labs.hack.pl
File Size:3628
Last Modified:Sep 13 23:03:48 2004
MD5 Checksum:e8203ca09b4cd7f59955c4a2bc48d461

 ///  File Name: servUftpd.txt
Description:
Multiple methods exist that allow for a crash of the Serv-U FTP server versions 4.x through 5.x.
Author:Patrick
File Size:596
Last Modified:Sep 13 23:00:11 2004
MD5 Checksum:e7c6040d577eededa06d3db446cfbe39

 ///  File Name: modSSLreverse.txt
Description:
mod_ssl segmentation faults in the char_buffer_read function when reverse proxying SSL originating from an IIS server. Verified in build 2.0.50.
Author:M. Alex Hankins
File Size:4809
Related CVE(s):CAN-2004-0751
Last Modified:Sep 13 22:58:37 2004
MD5 Checksum:da7a1edda8742e196e0a37bf78daac29

 ///  File Name: halo14.txt
Description:
Halo: Combat Evolved versions 1.4 and below suffer from an off-by-one vulnerability that can result in a denial of service.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:haloboom.zip"
File Size:1804
Last Modified:Sep 10 21:07:36 2004
MD5 Checksum:e9b809f4bc45956b5f8c99c07360e105

 ///  File Name: glsa-200409-14.txt
Description:
Gentoo Linux Security Advisory GLSA 200409-14 - Samba is vulnerable to a remote denial of service attack due to out of sequence print change notification requests. Versions below 3.0.6 are affected.
Homepage:http://security.gentoo.org/
File Size:3106
Last Modified:Sep 10 21:03:35 2004
MD5 Checksum:c2233cb03c5e1864756ce096ff62d52b

 ///  File Name: sa12492.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in F-Secure Internet Gatekeeper 6.x and F-Secure Anti-Virus for Microsoft Exchange 6.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the exception handling in the F-Secure Content Scanner Server component. This can be exploited to crash a process in the component via specially crafted packets.
Homepage:http://secunia.com/advisories/12492/
File Size:2292
Last Modified:Sep 10 07:35:13 2004
MD5 Checksum:768c5dae11a645111e0ff60cc1dee12f

 ///  File Name: sa12493.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in MailEnable Professional and Standard 1.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing DNS responses. This can be exploited to crash the SMTP service by returning a DNS response containing over 100 MX records.
Homepage:http://secunia.com/advisories/12493/
File Size:1790
Last Modified:Sep 10 07:33:33 2004
MD5 Checksum:dbbb09e5a784e60ee121b0893e1ec42e

 ///  File Name: glsa-200409-13.txt
Description:
Gentoo Linux Security Advisory GLSA 200409-13 - Several buffer overflows and a shell metacharacter command execution vulnerability have been found in LHa. These vulnerabilities can be used to execute arbitrary code. Versions 114i-r3 and below are affected.
Homepage:http://security.gentoo.org/
File Size:3368
Last Modified:Sep 10 07:28:48 2004
MD5 Checksum:11d30d44cbba336db87ddf42fa00e3b9

 ///  File Name: sa12486.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Emdros, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to a memory leak in the CFeatureDeclaration::TypeTypeCompatibility() function. This can be exploited to consume available system resources by issuing a large amount of malformed CREATE OBJECT TYPE or UPDATE OBJECT TYPE statements. Versions below 1.1.20 are affected.
Homepage:http://secunia.com/advisories/12486/
File Size:1831
Last Modified:Sep 10 07:20:02 2004
MD5 Checksum:6f04cd1583e007b086f330a5d3aa6398

 ///  File Name: MDKSA-2004:091.txt
Description:
Mandrakelinux Security Update Advisory - The cdrecord program, which is suid root, fails to drop euid=0 when it exec()s a program specified by the user through the RSH environment variable. This can be abused by a local attacker to obtain root privileges.
Author:Max Vozeler
Homepage:http://www.mandrakesoft.com/security/advisories
Related Exploit:cdr_exp.sh"
File Size:3867
Related CVE(s):CAN-2004-0806
Last Modified:Sep 10 07:00:15 2004
MD5 Checksum:a0c2b7599e8ed69de4ad012b8376523a

 ///  File Name: glsa-200409-11.txt
Description:
Gentoo Linux Security Advisory GLSA 200409-11 - star contains a suid root vulnerability which could potentially grant unauthorized root access to an attacker. Versions below star-1.5_alpha46 are affected.
Homepage:http://security.gentoo.org/
File Size:2514
Last Modified:Sep 10 06:35:13 2004
MD5 Checksum:6002efa151ecaa94c38a14c932acd0bb

 ///  File Name: glsa-200409-12.txt
Description:
Gentoo Linux Security Advisory GLSA 200409-12 - ImageMagick, imlib and imlib2 contain exploitable buffer overflow vulnerabilities in the BMP image processing code.
Homepage:http://security.gentoo.org/
File Size:4198
Last Modified:Sep 10 06:33:10 2004
MD5 Checksum:dafc74e5dfcec6ea5818cf4bbf948dec

 ///  File Name: sa12476.txt
Description:
Secunia Security Advisory - A vulnerability in net-acct can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. The write_list() and dump_curr_list() functions create temporary files insecurely. This can be exploited via symlink attacks to overwrite or create arbitrary files with the privileges of a user executing net-acct. The vulnerability affects version 0.71 and prior.
Author:Stefan Nordhausen
Homepage:http://secunia.com/advisories/12476/
File Size:1853
Last Modified:Sep 10 06:22:31 2004
MD5 Checksum:886a83d82b6914e96b17e662ee2d78ab

 ///  File Name: sa12463.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Cosminexus Portal Framework, which potentially can be exploited by malicious users to gain knowledge of sensitive information.
Homepage:http://secunia.com/advisories/12463/
File Size:2027
Last Modified:Sep 10 06:19:19 2004
MD5 Checksum:6c94cd6bbc5c823a838b6301c72e4470

 ///  File Name: sns77.txt
Description:
SNS Advisory 77 - A vulnerability in Usermin's Web mail function could result in arbitrary command execution upon viewing a specially crafted HTML mail. Affected Versions: Usermin 1.070, 1.080.
Author:Keigo Yamazaki, Jamie Cameron
Homepage:http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/77_e.html
File Size:2014
Last Modified:Sep 10 06:08:56 2004
MD5 Checksum:f6116c85cd6e402e3971b57dd2788d87

 ///  File Name: mpg123overflow.txt
Description:
A malicious formatted mp3/2 causes mpg123 to fail header checks, this may allow arbitrary code to be executed with the privilege of the user trying to play the mp3. Versions affected: mpg123-0.59r and maybe mpg123-0.59s.
Author:Davide Del Vecchio
Homepage:http://www.alighieri.org
File Size:3157
Related CVE(s):CAN-2004-0805
Last Modified:Sep 10 06:02:29 2004
MD5 Checksum:560094214505a31720e04af348d89011

 ///  File Name: glsa-200409-10.txt
Description:
Gentoo Linux Security Advisory GLSA 200409-10 - Active keystroke logging in multi-gnome-terminal has been discovered in potentially world-readable files. This could allow any authorized user on the system to read sensitive data, including passwords.
Homepage:http://security.gentoo.org/
File Size:3109
Last Modified:Sep 10 05:59:09 2004
MD5 Checksum:a8692395cd9fee89668d8ccee22e57cf

 ///  File Name: 57614.html
Description:
Sun Security Advisory - A remote privileged user may be able to create a denial of the Domain Name System (DNS) service by killing the in.named(1M) daemon. As a result, applications, systems and devices relying on DNS may fail.
Homepage:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-57614-1
File Size:6307
Last Modified:Sep 10 05:47:30 2004
MD5 Checksum:86e41e3fcb6be55e6e087e7a80f937fa

 ///  File Name: serverviewInsecure.txt
Description:
The Serverview server management product is susceptible to multiple denial of service and data corruption attacks due to insecure file permissions.
Author:l0om
Homepage:http://www.excluded.org/
File Size:2202
Last Modified:Sep 10 05:44:44 2004
MD5 Checksum:94374dfccc6e4738003184a6f18e8bc3

 ///  File Name: sa12467.txt
Description:
Secunia Security Advisory - Various unspecified vulnerabilities with an unknown impact have been reported in Tutti Nova. Successful exploitation reportedly requires that register_globals is enabled.
Homepage:http://secunia.com/advisories/12467/
File Size:1604
Last Modified:Sep 10 05:40:50 2004
MD5 Checksum:34b02b4bd4804c4b5253cb9c2b287a5b

 ///  File Name: sa12466.txt
Description:
Secunia Security Advisory - An unspecified vulnerability has been reported in phpGroupWare, which can be exploited by malicious people to conduct cross-site scripting attacks.
Homepage:http://secunia.com/advisories/12466/
File Size:1577
Last Modified:Sep 10 05:39:14 2004
MD5 Checksum:1846f561d8437187af7da73f3a47e837