Section:  .. / 0411-advisories  /

Page 4 of 7
<< 1 2 3 4 5 6 7 >> Files 75 - 100 of 167
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: ieloop.txt
Description:
Another MSIE flaw that allows for a nest sort loop to cause an exception.
Author:Skylined
Homepage:http://www.edup.tudelft.nl/~bjwever
File Size:1017
Last Modified:Dec 11 21:01:00 2004
MD5 Checksum:ae052c32d2f1da0062351cedb471afd7

 ///  File Name: insiteprod.txt
Description:
Various insite products suffer from cross site scripting attacks.
Author:Carlos Ulver
File Size:951
Last Modified:Dec 11 20:58:26 2004
MD5 Checksum:dff8e7068041165dcb97077fba9fc73d

 ///  File Name: instantanea.pdf
Description:
Security research discussing a new vulnerability discovered in WINS that allows for remote unauthenticated system access.
Author:Nicolas Waisman
Homepage:http://www.immunitysec.com/
File Size:140768
Last Modified:Dec 11 23:18:57 2004
MD5 Checksum:7aea5e2d175d6cd56a47b0a36edd4e25

 ///  File Name: ipbBypass.txt
Description:
It seems that the IPB forums has a password reset feature that allows a disabled account to regain access.
Author:Keyboard Criminal
File Size:863
Last Modified:Dec 12 00:43:36 2004
MD5 Checksum:59fc071c393e9751ce12c9f79ee61e24

 ///  File Name: ipcop141.txt
Description:
IPCop suffers from a cross site scripting vulnerability in proxylog.dat. Version 1.4.1 is affected. Older versions have not been tested.
Author:Paul Kurczaba
File Size:1908
Last Modified:Dec 12 00:46:22 2004
MD5 Checksum:d238e5bafa11188833b7f516a3580804

 ///  File Name: janados.txt
Description:
Jana server 2 versions 2.4.4 and below are susceptible to denial of service attacks that result in 100% CPU utilization and endless loops.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:janados.zip"
File Size:1885
Last Modified:Dec 12 00:33:08 2004
MD5 Checksum:2042e310f75df545078eb5a48d4a8427

 ///  File Name: jreDoS.txt
Description:
Java Runtime Environment versions 1.4.2, 1.5.0, and possible others are susceptible to a remote denial of service attack.
Author:Kurt Huwig
File Size:4531
Last Modified:Nov 10 07:59:51 2004
MD5 Checksum:e0f21f81fc36ffd7277ab48d1aa46595

 ///  File Name: kdeSMB.txt
Description:
The KDE program Konquerer allows for browsing SMB shares comfortably through the GUI. By placing a shortcut to an SMB share on KDE's desktop, an attacker can disclose his victim's password in plaintext.
Author:Daniel Fabian
File Size:2831
Last Modified:Dec 11 23:44:55 2004
MD5 Checksum:8508f86470ecc4ddc611025de042ceb9

 ///  File Name: lithtech.txt
Description:
The Lithtech engine used in games like Alien vs Predator 2, Blood 2, Contract Jack, Global Operations, Kiss Psycho Circus, and more, is susceptible to some format string bugs that allows for a denial of service attack.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:3538
Last Modified:Nov 10 07:14:33 2004
MD5 Checksum:e318546da1c2416c3f31eeb7de11ed77

 ///  File Name: LSS-2004-11-3.txt
Description:
LSS Security Advisory #LSS-2004-11-3 - There is a buffer overflow vulnerability in getnickuserhost() function that is called when BNC 2.8.9 is processing responses from an IRC server.
Author:Leon Juranic
Homepage:http://security.lss.hr
File Size:4686
Last Modified:Nov 12 05:02:10 2004
MD5 Checksum:c0e0e1ce2606be50b9101c898d297435

 ///  File Name: MDKSA-2004:140.txt
Description:
Mandrakelinux Security Update Advisory - The GNU a2ps utility fails to properly sanitize filenames, which can be abused by a malicious user to execute arbitrary commands with the privileges of the user running the vulnerable application.
Homepage:http://www.mandrakesoft.com/security/advisories/
File Size:5061
Last Modified:Dec 11 22:55:02 2004
MD5 Checksum:d8e93f86af1b786f0bd3c3d4618007ff

 ///  File Name: MS04-039.html
Description:
Microsoft Security Advisory MS04-039 - A spoofing vulnerability exists that can enable an attacker to spoof trusted Internet content. Users could believe they are accessing trusted Internet content when in reality they are accessing malicious Internet content, for example a malicious Web site.
Author:Martijn de Vries, Thomas de Klerk
Homepage:http://www.microsoft.com/technet/security/bulletin/MS04-039.mspx
File Size:49336
Related CVE(s):CAN-2004-0892
Last Modified:Nov 10 09:02:46 2004
MD5 Checksum:dc8cf6d204d866ca58ef7281d7d85de7

 ///  File Name: msboftools.txt
Description:
Microsoft tools ipconfig.exe, forcedos.exe, and mrinfo.exe suffer from buffer overflow and format string vulnerabilities.
Author:Martin Eiszner
File Size:1919
Last Modified:Nov 20 22:40:07 2004
MD5 Checksum:919154fd2dfec8c6135a1a5529455bf7

 ///  File Name: msISAauthbypass.txt
Description:
Methods exist to allow for Microsoft ISA authentication bypass when the server is configured as a proxy.
Author:Debasis Mohanty
Homepage:http://www.hackingspirits.com
File Size:3825
Last Modified:Nov 5 04:58:31 2004
MD5 Checksum:da0d366ebc0b3b7b38a77a637ae9c66c

 ///  File Name: msScreen.txt
Description:
Anything with the capabilities of changing a screen saver under Windows XP theoretically can execute with anything with SYSTEM privileges.
Author:Matthew Walker
File Size:975
Last Modified:Dec 11 20:41:05 2004
MD5 Checksum:5190686d7e3ee70ccb15b0f7981212d0

 ///  File Name: netgearDG384.txt
Description:
Netgear DG834 is susceptible to a denial of service attack and URL filtering bypass vulnerabilities.
Author:Dr_insane
File Size:3969
Last Modified:Nov 10 08:28:12 2004
MD5 Checksum:264d5ce592ac8e8cc5b6e0ed25c722d9

 ///  File Name: newsudo.txt
Description:
Sudo version 1.6.8, patchlevel 2 is now available. It includes a fix for a security flaw in sudo's environment cleaning that could give a malicious user with sudo access to a bash script the ability to run arbitrary commands.
Homepage:http://www.sudo.ws/
File Size:4277
Last Modified:Nov 13 03:39:53 2004
MD5 Checksum:d3b4864681ffd253122607f0458c0614

 ///  File Name: nortelVPN.txt
Description:
The Nortel Networks Contivity VPN Client authentication error message provides more information than is necessary, thus allowing an attacker to discover existing users on the system.
Author:Network Intelligence (I) Pvt. Ltd.
File Size:1684
Last Modified:Nov 12 04:43:05 2004
MD5 Checksum:acb958b66167874f86ad74927acf1ebe

 ///  File Name: nwclient.txt
Description:
Buffer overflows have been discovered in ncplogin and ncpmap in ncpfs.
Author:Karol Wiesek
File Size:912
Last Modified:Dec 11 23:47:54 2004
MD5 Checksum:7afe873a3c2de6c146b55bbaaa492ed3

 ///  File Name: opendchub0714.txt
Description:
A buffer overflow exists in the Open Dc Hub program that allows for arbitrary code execution. Version 0.7.14 is affected.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
Related Exploit:OpenDcHub-poc.zip"
File Size:2088
Last Modified:Dec 11 20:24:01 2004
MD5 Checksum:f83cf3e535f608591f57480c20e2f368

 ///  File Name: opera754.txt
Description:
Opera 7.54 is vulnerable to leakage of the java sandbox, allowing malicious applets to gain privileges. This allows for information gathering as well as denial of service effects.
Author:Marc Schoenefeld
Homepage:http://www.illegalaccess.org/
File Size:8126
Last Modified:Nov 20 23:35:24 2004
MD5 Checksum:a67b11d7269a7f701fd1a3682d495e7b

 ///  File Name: orbzbof.txt
Description:
Orbz versions 2.10 and below suffer from a buffer overflow in the password field of the join packet.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:orbzbof.zip"
File Size:1506
Last Modified:Dec 12 00:16:30 2004
MD5 Checksum:2124259b9647e48383879438e07d0551

 ///  File Name: payflow.txt
Description:
An attacker can change hidden fields to any dollar amount and misrepresent purchases for businesses providing products or services using the PayFlow Link system.
Homepage:http://www.shirkdog.us
File Size:3128
Last Modified:Dec 12 00:22:19 2004
MD5 Checksum:3a582e3b889a0f3d8bee282de181ea1d

 ///  File Name: phpbb2.txt
Description:
PHPBB version 2.0.x - 2.0.10 is susceptible to a SQL injection attack.
Author:How Dark
Homepage:http://www.howdark.com/
File Size:2963
Last Modified:Nov 13 05:11:26 2004
MD5 Checksum:f013594cd91af3533eeaa247087560e9

 ///  File Name: phpbbcashmod.txt
Description:
Vulnerabilities that allow an attacker to inject malicious PHP code exist in the phpBB2 forum using the Cash_Mod module.
Author:Jerome Athias
File Size:1581
Last Modified:Nov 20 22:58:21 2004
MD5 Checksum:0d061f49d0ad856b5b649edc26072364