Section:  .. / 0403-advisories  /

Page 1 of 4
<< 1 2 3 4 >> Files 1 - 25 of 90
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 2004alert66.pdf
Description:
Oracle Security Alert 66 - Security vulnerabilities have been discovered in Oracle Application Server Web Cache 10g (9.0.4.0.0) and Oracle9i Application Server Web Cache.
Homepage:http://otn.oracle.com/deploy/security/pdf/2004alert66.pdf
File Size:61165
Last Modified:Mar 16 08:15:37 2004
MD5 Checksum:d607cee1f646c49b77cbe78fad9f4f5e

 ///  File Name: hp_http.sxw.pdf
Description:
Immunity Security Advisory - The Compaq Web Management system (HP HTTP) has a bug in its validation system that allows an anonymous user to upload trusted certificates.
Author:Dave Aitel
Homepage:http://www.immunitysec.com
File Size:36578
Last Modified:Mar 16 04:40:59 2004
MD5 Checksum:c1e5ac017c6b14f2d230d2a70d36394e

 ///  File Name: awservices.sxw.pdf
Description:
Immunity Security Advisory - Remotely exploitable stack overflows exist in Computer Associates Unicenter TNG Utilities awservices.exe. Successful exploitation elevates an attacker to SYSTEM privileges. All known versions of Unicenter TNG 2.4 are affected.
Author:Dave Aitel
Homepage:http://www.immunitysec.com
File Size:30633
Last Modified:Mar 16 04:38:32 2004
MD5 Checksum:913cc2ebdb627e568775d46acb3d1b92

 ///  File Name: dtlogin.sxw.pdf
Description:
Immunity Security Advisory - A double-free weakness in the XDMCP parser of dtlogin (CDE) results in remote code execution against popular server operating systems, such as Solaris. This attack is performed over UDP port 177.
Author:Dave Aitel
Homepage:http://www.immunitysec.com
File Size:24986
Last Modified:Mar 24 05:24:00 2004
MD5 Checksum:01c14a6a98f0a677463029b74cc20f5c

 ///  File Name: solaris_kernel_vfs.sxw.pdf
Description:
Immunity Security Advisory - A vulnerability lies in Solaris 2.6 through 10 that allows a local user to load kernel modules without being root due to a directory traversal problem in vfs_getvfssw().
Author:Sinan Eren.
Homepage:http://www.immunitysec.com
File Size:22557
Last Modified:Mar 24 07:12:00 2004
MD5 Checksum:e384712d8c329650378a979c1a34b004

 ///  File Name: mpsb04-03.html
Description:
Macromedia Security Bulletin MPSB04-03 - Macintosh versions of the Macromedia installers and e-licensing client install a service whose file permissions allow other users to write to the file. This may allow one local user to obtain the permissions of another local user, resulting in privilege escalation.
Author:Chris Irvine
Homepage:
File Size:21034
Last Modified:Mar 16 08:21:02 2004
MD5 Checksum:a449adbbc3dc8c5e93120adf76faa059

 ///  File Name: cisco-sa-20040317-openssl.txt
Description:
Cisco Security Advisory 20040317 - A new vulnerability in the OpenSSL implementation for SSL has been announced. An affected network device running an SSL server based on an affected OpenSSL implementation may be vulnerable to a Denial of Service (DoS) attack.
Homepage:http://www.cisco.com/go/psirt
Related File:secadv_20040317.txt
File Size:17262
Related CVE(s):CAN-2004-0079, CAN-2004-0112
Last Modified:Mar 17 16:44:08 2004
MD5 Checksum:3cb01c70770abc69086b0bdd50e675bf

 ///  File Name: novellweb.htm
Description:
Novell has identified an issue with the default configuration of GroupWise 6 and 6.5 WebAccess that could allow unauthorized access to the WebAccess server. This issue affects only systems running GroupWise 6 or 6.5 WebAccess on NetWare using the Apache 1.3x web server and where Apache is loaded using the GWAPACHE.CONF file.
Homepage:http://support.novell.com/cgi-bin/search/searchtid.cgi?/10091330.htm
File Size:17080
Last Modified:Mar 16 08:18:09 2004
MD5 Checksum:99d7e8c58a751f22499bf208ee154361

 ///  File Name: apache2049.txt
Description:
Apache 2.0.49 has been released to address three security vulnerabilities. A race condition that allows for a denial of service attack, a condition that allow arbitrary strings to get written to the error log, and a memory leak in mod_ssl have all been addressed.
Homepage:http://www.apache.org/
File Size:15352
Related CVE(s):CAN-2004-0174, CAN-2003-0020, CAN-2004-0113
Last Modified:Mar 19 20:45:00 2004
MD5 Checksum:7d171df8390cd2316cd0e7b98fc2cdab

 ///  File Name: 032004.txt
Description:
Ethereal versions 0.8.14 through 0.10.2 were found to be vulnerable to thirteen remote stack overflows during a code audit. The vulnerable dissectors in question are namely: BGP, EIGRP, IGAP, IRDA, ISUP, NetFlow, PGM, TCAP and UCP. Ten of the overflows allow for arbitrary code execution.
Author:Stefan Esser
Homepage:http://security.e-matters.de/
File Size:11315
Related CVE(s):CAN-2004-0176
Last Modified:Mar 24 05:07:00 2004
MD5 Checksum:68b1a8f4d3a89c77a5ba179a4b799202

 ///  File Name: rogerwilco2.txt
Description:
RogerWilco versions 1.4.1.6 and below and RogerWilco Base Station versions 0.30a suffer from multiple bugs. From being crashed with a malformed UDP packet to spoofing 'voice' traffic when not even being connected to a channel, quite a few amusing problems are listed.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:wilco.zip
File Size:10816
Last Modified:Mar 31 20:11:00 2004
MD5 Checksum:c415dccfdd1b912ce202b7e7b276f867

 ///  File Name: cisco-sa-20040304-css.txt
Description:
Cisco Security Advisory 20040304 - The CSS 11000 Series Content Services Switches are vulnerable to a Denial of Service (DoS) attack caused by malformed UDP packets received over the management port.
Homepage:http://www.cisco.com/go/psirt
File Size:10764
Last Modified:Mar 5 00:15:00 2004
MD5 Checksum:0619fc1931e714e7cd9119cc7849e470

 ///  File Name: camelot.txt
Description:
Dark Age of Camelot from Mythic Entertainment has flaws in the login client that allow an attacker to read customer information via a man in the middle attack. All versions below 1.68 are affected.
Author:Todd Chapman
File Size:9535
Last Modified:Mar 25 01:30:00 2004
MD5 Checksum:59a7528b4f94f1ef9e183ec72a6d6804

 ///  File Name: o-088.shtml
Description:
CIAC INFORMATION BULLETIN O-088: On both Solaris 8 and 9 (SPARC and x86 Platforms) a local unprivileged user may be able to gain unauthorized root privileges due to a security issue involving the passwd command.
Author:CIAC
Homepage:http://www.ciac.org/ciac/bulletins/o-088.shtml
File Size:8388
Last Modified:Mar 6 04:33:24 2004
MD5 Checksum:e7588f48331a2951ecdecaf22b0f1df1

 ///  File Name: yabbSESQL.txt
Description:
YaBB SE versions 1.5.4 to 1.5.5b are all susceptible to various remote SQL injection attacks.
Author:backspace
File Size:8299
Last Modified:Mar 1 18:20:00 2004
MD5 Checksum:b0be7a2e966b524d21e37516553cb6e6

 ///  File Name: phpBB207a.txt
Description:
phpBB versions 2.0.7a and below are susceptible to cross site scripting, SQL injection, and remote command execution attacks.
Author:JeiAr
Homepage:http://www.gulftech.org
File Size:7322
Last Modified:Mar 20 18:23:00 2004
MD5 Checksum:8c1c502b91197f96ecae43347d872b74

 ///  File Name: waraxe-2004-SA011.txt
Description:
MS Analysis module version 2.0 for PHP-Nuke has full path disclosure, cross site scripting, and SQL injection vulnerabilities.
Author:Janek Vind aka waraxe
File Size:6600
Last Modified:Mar 23 01:54:00 2004
MD5 Checksum:7bd49123ef6d14a8d1036985619167ff

 ///  File Name: cardinal.txt
Description:
ProFTPD versions below 1.2.9rc3 are susceptible to a couple off-by-one overflows. One was introduced after the patch was written to address the flaws listed here.
Author:Phantasmal Phantasmagoria
File Size:6440
Last Modified:Mar 2 04:02:00 2004
MD5 Checksum:828e37587955c1f271ab572b7ca5a788

 ///  File Name: R7-0018.isakmpd.txt
Description:
Rapid7 Security Advisory - OpenBSD isakmpd payload handling is subject to multiple denial of service vulnerabilities. Known vulnerable: OpenBSD 3.4 and earlier, OpenBSD-current as of March 17, 2004.
Author:Rapid7 Security Advisories
Homepage:http://www.rapid7.com/
File Size:5061
Related CVE(s):CAN-2004-0218, CAN-2004-0219, CAN-2004-0220, CAN-2004-0221, CAN-2004-0222
Last Modified:Mar 24 07:15:00 2004
MD5 Checksum:ff6add0baf9cf2fe0508ba814bc1c676

 ///  File Name: linbit.txt
Description:
SEC-CONSULT Security Advisory - Linbit Linbox is vulnerable to authentication circumvention on its administration portal, password disclosure for all existing users, and using the obtained passwords, any account can be logged into via SSH.
Author:Daniel FABIAN
Homepage:http://www.sec-consult.com
File Size:4982
Last Modified:Mar 30 18:06:00 2004
MD5 Checksum:7492df126274009cc647dd21fc84d3ed

 ///  File Name: clamVE.txt
Description:
Security comments regarding the way clamav sets up VirusEvent information and how it could be improved. Due to a lack of input sanitizing, the variable taken in on the command line could be used for malicious purposes when put to a system().
Author:l0om
Homepage:http://www.excluded.org
File Size:4908
Last Modified:Mar 30 12:34:00 2004
MD5 Checksum:34af715b4ea6dc16cfe3e385f041aeb2

 ///  File Name: dsa-469.txt
Description:
Debian Security Advisory DSA 469-1 - Primoz Bratanic discovered a bug in libpam-psgl, a PAM module to authenticate using a PostgreSQL database. The library does not escape all user-supplied data that are sent to the database. An attacker could exploit this bug to insert SQL statements.
Author:Martin Schulze
Homepage:http://www.debian.org/security/
File Size:4860
Related CVE(s):CAN-2004-0366
Last Modified:Mar 29 15:44:00 2004
MD5 Checksum:e90b8688ebc10816a8e89622a4d44c52

 ///  File Name: extcompose.txt
Description:
Extcompose, a function of the metamail package, fails to properly verify a file exists prior to writing to it, and will accept symbolic links, leaving it open to being an attack vector.
Author:Shaun Colley
Homepage:http://www.nettwerked.co.uk
File Size:4857
Last Modified:Mar 13 08:27:21 2004
MD5 Checksum:e04213c055e9d94968876691fc2b2ac0

 ///  File Name: R7-0017.txt
Description:
Rapid7 Security Advisory - tcpdump versions 3.8.1 and below contain multiple flaws in the packet display functions for the ISAKMP protocol. Upon receiving specially crafted ISAKMP packets, tcpdump will try to read beyond the end of the packet capture buffer and crash.
Author:Rapid7 Security Advisories
Homepage:http://www.rapid7.com/advisories/R7-0017.html
File Size:4839
Related CVE(s):CAN-2004-0183, CAN-2004-0184
Last Modified:Mar 30 19:48:00 2004
MD5 Checksum:67e1c0e97a7b6127733398b41d86e52e

 ///  File Name: vz012004-esignal7.txt
Description:
VizibleSoft Security Advisory #2004/01 - eSignal versions 7.6 and 7.5 have a stack based buffer overflow in the WinSig.exe binary, allowing for remote code execution.
Author:insect
Homepage:http://viziblesoft.com/insect/advisories/vz012004-esignal7.txt
Related Exploit:vz-eSignal76.pl
File Size:4717
Last Modified:Mar 26 02:48:33 2004
MD5 Checksum:baf95f8e34ade62800fd0d0ef24b06fe