Section:  .. / 0409-advisories  /

Page 3 of 6
<< 1 2 3 4 5 6 >> Files 50 - 75 of 142
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: mozbugs.txt
Description:
New Firefox, Thunderbird, and Mozilla releases between September 13 and 14 address 7 critical security issues. If you have not already, upgrade today.
Author:Gael Delalleau
File Size:2412
Last Modified:Sep 17 07:42:26 2004
MD5 Checksum:d23698cd2c7e6824d796a8cd5276d119

 ///  File Name: SMCspoof.txt
Description:
The SMC7004VWBR and SMC7008ABR wireless routers allow a spoofed visitor to have administrative access to the devices and to retrieve the real administrator password.
Author:Jimmy Scott
File Size:3097
Last Modified:Sep 17 07:40:04 2004
MD5 Checksum:39a2f0c90dd9cc7d20e8a06e28e65cce

 ///  File Name: sa12546.txt
Description:
Secunia Security Advisory - Red Hat has issued an update for openoffice.org. This fixes a vulnerability, which can be exploited by malicious, local users to gain knowledge of sensitive information.
Author:Carsten Eiram
Homepage:http://secunia.com/advisories/12546/
File Size:1805
Related CVE(s):CAN-2004-0752
Last Modified:Sep 15 23:54:56 2004
MD5 Checksum:182644ea109993cae9dbb3de57a46d6c

 ///  File Name: sa12531.txt
Description:
Secunia Security Advisory - A vulnerability in vBulletin 3.x can be exploited by malicious people to conduct SQL injection attacks.
Author:al3ndaleeb
Homepage:http://secunia.com/advisories/12531/
File Size:1701
Last Modified:Sep 15 23:40:29 2004
MD5 Checksum:ec677ffa92562755de639bcc2203b9d4

 ///  File Name: NISCC-403518.html
Description:
NISCC Vulnerability Advisory 403518/NISCC/APACHE - Two new vulnerabilities have been discovered in Apache. Through the testing of Apache by using the Codenomicon HTTP Test Tool, the ASF Security Team has discovered a bug in the apr-util library, which can lead to arbitrary code execution. SITIC have discovered that Apache suffers from a buffer overflow when expanding environment variables in configuration files such as .htaccess and httpd.conf, leading to possible privilege escalation. These vulnerabilities affect versions 2.0.35 through 2.0.50.
Homepage:http://www.uniras.gov.uk/vuls/2004/403518/index.htm
File Size:35370
Related CVE(s):CAN-2004-0786, CAN-2004-0747
Last Modified:Sep 15 23:35:40 2004
MD5 Checksum:469d4203ab95cc6eda2b4b63908d4380

 ///  File Name: sa12527.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Apache, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the mod_dav module. A malicious client can exploit this to crash an httpd child process by sending a particular sequence of LOCK requests. Successful exploitation requires that the malicious client is allowed to use the LOCK method and the threaded process model is used. The vulnerability has been fixed in version 2.0.51-dev.
Homepage:http://secunia.com/advisories/12527/
File Size:1734
Last Modified:Sep 15 06:56:26 2004
MD5 Checksum:32f96a4ec30106e04108eaa8aa410a1f

 ///  File Name: 09.14.04.txt
Description:
iDEFENSE Security Advisory 09.14.04 - Local exploitation of a design error vulnerability in Networks Associates Technology Inc.'s McAfee VirusScan could allow attackers to obtain increased privileges. McAfee VirusScan version 4.5.1 running on Windows 2000 Professional and Windows XP Professional operating systems is vulnerable. It is suspected that McAfee VirusScan 4.5 is also vulnerable.
Author:Ian Vitek
Homepage:http://www.idefense.com/
File Size:3057
Related CVE(s):CAN-2004-0831
Last Modified:Sep 15 06:53:24 2004
MD5 Checksum:981a4f50216e617a2afad8c1ba0ff4dc

 ///  File Name: sa12526.txt
Description:
Secunia Security Advisory - Details have been released about several vulnerabilities in Mozilla, Mozilla Firefox, and Thunderbird. These can potentially be exploited by malicious people to conduct cross-site scripting attacks, access and modify sensitive information, and compromise a user's system. These vulnerabilities reportedly affect versions prior to the following: Mozilla 1.7.3, Firefox 1.0PR, Thunderbird 0.8.
Author:Georgi Guninski, Wladimir Palant, Gael Delalleau, Mats Palmgren, Jesse Ruderman
Homepage:http://secunia.com/advisories/12526/
File Size:4611
Last Modified:Sep 15 06:48:07 2004
MD5 Checksum:b4ee8abb87dae2aeeabe4dd13264557a

 ///  File Name: c030804-009.txt
Description:
Corsaire Security Advisory - By using malformed MIME encapsulation techniques centered on the presence of fields containing an RFC822 comment, embedded file attachment blocking functionality can be evaded.
Author:Martin O'Neal
Homepage:http://www.corsaire.com
File Size:5841
Related CVE(s):CAN-2004-0162
Last Modified:Sep 15 06:29:19 2004
MD5 Checksum:1cda355e718e60630be49d4b01bd3d6d

 ///  File Name: c030804-006.txt
Description:
Corsaire Security Advisory - By using malformed MIME encapsulation techniques centered on the presence of non-standard separators, embedded file attachment blocking functionality can be evaded.
Author:Martin O'Neal
Homepage:http://www.corsaire.com
File Size:5700
Related CVE(s):CAN-2004-0052
Last Modified:Sep 15 06:27:43 2004
MD5 Checksum:7963c2226364ac8384a72c09e74c27ba

 ///  File Name: c030804-005.txt
Description:
Corsaire Security Advisory - By using MIME encapsulation techniques centered on both standard and non-standard Content-Transfer-Encoding mechanisms, embedded file attachment blocking functionality can be evaded.
Author:Martin O'Neal
Homepage:http://www.corsaire.com
File Size:6014
Related CVE(s):CAN-2004-0051
Last Modified:Sep 15 06:24:25 2004
MD5 Checksum:477bfce7dfe039f95e1166ac691e2225

 ///  File Name: c030804-002.txt
Description:
Corsaire Security Advisory - There are a number of content security gateway and anti-virus products available that provide policy based security functionality. Part of this functionality allows the products to block embedded file attachments based on their specific content type, such as executables or those containing viruses. However, by using malformed MIME encapsulation techniques centered on the presence of multiple occurrences of fields, this functionality can be evaded.
Author:Martin O'Neal
Homepage:http://www.corsaire.com
File Size:5794
Related CVE(s):CAN-2003-1014
Last Modified:Sep 15 06:22:33 2004
MD5 Checksum:301e3c7a1127dbb9871b70352a342eef

 ///  File Name: ms04-028.html
Description:
Microsoft Security Advisory MS04-028 - A buffer overrun vulnerability exists in the processing of JPEG image formats that could allow remote code execution on an affected system. Any program that processes JPEG images on the affected systems could be vulnerable to this attack, and any system that uses the affected programs or components could be vulnerable to this attack. An attacker who successfully exploited this vulnerability could take complete control of an affected system.
Author:Nick DeBaggis
Homepage:http://www.microsoft.com/technet/security/bulletin/ms04-028.mspx
File Size:326970
Related CVE(s):CAN-2004-0200
Last Modified:Sep 15 06:10:46 2004
MD5 Checksum:59ad7ae61e6c37eb9c10b64767d254cf

 ///  File Name: ms04-027.html
Description:
Microsoft Security Advisory MS04-027 - A remote code execution vulnerability exists in the Microsoft WordPerfect 5.x Converter. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of the affected system. However, user interaction is required to exploit this vulnerability.
Author:Peter Winter-Smith
Homepage:http://www.microsoft.com/technet/security/bulletin/ms04-027.mspx
File Size:119037
Related CVE(s):CAN-2004-0573
Last Modified:Sep 15 06:08:26 2004
MD5 Checksum:94f577f5c4461e2fd07ed3dec3763a05

 ///  File Name: dsa-544.txt
Description:
Debian Security Advisory DSA 544-1 - Ludwig Nussel discovered a problem in webmin, a web-based administration toolkit. A temporary directory was used but without checking for the previous owner. This could allow an attacker to create the directory and place dangerous symbolic links inside.
Author:Martin Schulze
Homepage:http://www.debian.org/security/
File Size:8411
Related CVE(s):CAN-2004-0559
Last Modified:Sep 15 02:38:31 2004
MD5 Checksum:65a0904025443293365a0de9be40a8b2

 ///  File Name: sus202.txt
Description:
SUS versions 2.0.2 has a format string vulnerability in the log() function that allows any local user to gain root privileges.
Author:Leon Juranic
File Size:1774
Last Modified:Sep 15 02:32:03 2004
MD5 Checksum:f9705ac372ec96a759f2ba28b7a961d9

 ///  File Name: sa12524.txt
Description:
Secunia Security Advisory - This particular advisory sums up about a dozen BEA WebLogic advisories. Everything from security bypass, manipulation of data, exposure of system information, and denial of service vulnerabilities exist for BEA WebLogic Server 6.x, 7.x, 8.x and BEA WebLogic Express 6.x, 7.x, 8.x.
Homepage:http://secunia.com/advisories/12524/
File Size:7306
Last Modified:Sep 15 02:30:31 2004
MD5 Checksum:6d5e93dc94a26b573abaa00b97916c17

 ///  File Name: zyxelP681.txt
Description:
Zyxel P681 SDSL routers disclose random portions of memory in ARP requests.
Author:Przemyslaw Frasunek
File Size:1981
Last Modified:Sep 15 02:26:34 2004
MD5 Checksum:6048d02b855c73c8f0589db01f868203

 ///  File Name: sa12529.txt
Description:
Secunia Security Advisory - A vulnerability exists in various Microsoft Office products, which can be exploited by malicious people to compromise a user's system. A boundary error within the WordPerfect Converter can be exploited to cause a buffer overflow if a user opens a malicious document. Successful exploitation may allow execution of arbitrary code with the user's privileges.
Author:Peter Winter-Smith
Homepage:http://secunia.com/advisories/12529/
File Size:3774
Last Modified:Sep 15 02:22:36 2004
MD5 Checksum:670e9a6719615b16494f3f23cce9d8be

 ///  File Name: a091304-2.txt
Description:
Atstake Security Advisory A091304-2 - A vulnerability in the HTTP management interface of the Pingtel Xpressa phone enables a remote authenticated attack to cause the underlying VxWorks operating system to stop.
Author:James Vaughan
Homepage:http://www.atstake.com/research/advisories/2004/a091304-2.txt
File Size:3428
Last Modified:Sep 15 02:16:43 2004
MD5 Checksum:2ea283111df43583fca089a9abd1b03a

 ///  File Name: 09.13.04a.txt
Description:
iDEFENSE Security Advisory 09.13.04a - Remote exploitation of an input validation error in Samba allows an attacker to crash the Samba nmbd server. The vendor has confirmed that Samba 3.0.x prior to and including v3.0.6 are vulnerable.
Homepage:http://www.idefense.com/
File Size:5147
Related CVE(s):CAN-2004-0808
Last Modified:Sep 15 02:13:48 2004
MD5 Checksum:eebbdaee10cd755f2ee88abb7e9bfe15

 ///  File Name: a091304-1.txt
Description:
Atstake Security Advisory A091304-1 - JumpDrive Secure(tm) Version 1.0 and Lexar Safe Guard(tm) software fail to securely store the device's password. The password is located on the JumpDrive device. It can be read directly from the device without any authentication. It is stored in an XOR encrypted form and can be read directly from the device without any authentication.
Author:Katie Moussouris, Luis Miras
Homepage:http://www.atstake.com/research/advisories/2004/a091304-1.txt
File Size:3600
Last Modified:Sep 15 02:10:29 2004
MD5 Checksum:f47fec62d0df3b5e7c5576597ea6ffd1

 ///  File Name: dosIPphone.txt
Description:
Some security issues exist in the Avaya Cajun IP phone products.
Author:Loic
File Size:1423
Last Modified:Sep 15 02:05:51 2004
MD5 Checksum:66181bed9057bcddc499b8f4f5f5781a

 ///  File Name: qnx-crttrap-race-condition.txt
Description:
A possible race condition exists in QNX RTP 6.1 due to a program being called without a complete path.
Author:Julio Cesar Fort
Homepage:http://www.rfdslabs.com.br
File Size:1574
Last Modified:Sep 14 01:49:25 2004
MD5 Checksum:ff76e02598bc5e1e36ce8cb6c389da72

 ///  File Name: qnx-rtp610_ftp.txt
Description:
The QNX FTP client is susceptible to a format string attack.
Author:Julio Cesar Fort
Homepage:http://www.rfdslabs.com.br
File Size:2078
Last Modified:Sep 14 01:47:52 2004
MD5 Checksum:d2d3f71eaa7e204a6dac608d8ac48677