Section:  .. / 0412-advisories  /

Page 8 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 175 - 200 of 253
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: kerioCredential.txt
Description:
Kerio software is susceptible to an insecure credential storage flaw.
Author:Javier Munoz
File Size:6976
Related CVE(s):CAN-2004-1022
Last Modified:Dec 30 08:17:55 2004
MD5 Checksum:33001529b362eb3ab7b4eacfa9699be8

 ///  File Name: postp393483.txt
Description:
phpBB versions 2.3.10 and below are susceptible to a directory traversal attack via the attachment module.
Author:Paul Laudanski
Homepage:http://castlecops.com/postp393483.html
File Size:5652
Last Modified:Dec 30 08:16:00 2004
MD5 Checksum:2c2c44852d605546587978a81e331e18

 ///  File Name: roxioLocal.txt
Description:
Roxio Toast on Mac OS X is susceptible to local exploitation due to a format string bug.
Author:fintler
File Size:2699
Last Modified:Dec 30 08:13:49 2004
MD5 Checksum:670015d91740d91942ba93854dd29bcd

 ///  File Name: SSA-20041209-13.txt
Description:
STG Security Advisory: UseModWiki is susceptible to a cross site scripting flaw.
Author:Jeremy Bae
Homepage:http://stgsecurity.com/
File Size:1087
Last Modified:Dec 30 08:12:36 2004
MD5 Checksum:3e9d43bfe2d2932ad2d57d550a62131f

 ///  File Name: MDKSA-2004-148.txt
Description:
Mandrakelinux Security Update Advisory - Herbert Xu discovered that iproute can accept spoofed messages sent via the kernel netlink interface by other users on the local machine. This could lead to a local Denial of Service attack.
Homepage:http://www.mandrakesoft.com/security/advisories/
File Size:3381
Last Modified:Dec 30 07:59:44 2004
MD5 Checksum:23c59b4cdc33e5534a6dba437ed924ff

 ///  File Name: glsa-200412-08.txt
Description:
Gentoo Linux Security Advisory GLSA 200412-08 - Multiple vulnerabilities have been discovered in nfs-utils that could lead to a Denial of Service, or the execution of arbitrary code.
Homepage:http://security.gentoo.org/
File Size:2810
Last Modified:Dec 30 07:54:07 2004
MD5 Checksum:cf1cc1e57fadfb2253dc758ee6a465e1

 ///  File Name: 6502.txt
Description:
A problem exists in some browsers where, via Content-Type spoofing, forcing a user to open a page and bypass the security zone is possible, allowing for execution of javascript in a local context. Software affected: Firefox 1.0, Mozilla 1.7.x, Opera 7.51 through 7.54.
Author:Giovanni Delvecchio
File Size:4369
Last Modified:Dec 30 07:53:34 2004
MD5 Checksum:bd409665573dbceb0a0492d681acd1ca

 ///  File Name: glsa-200412-07.txt
Description:
Gentoo Linux Security Advisory GLSA 200412-07 - The code for parsing ELF headers in file contains a flaw which may allow an attacker to execute arbitrary code.
Homepage:http://security.gentoo.org/
File Size:2814
Last Modified:Dec 30 07:49:49 2004
MD5 Checksum:93e13bc7b37065c6ca354d3173195165

 ///  File Name: SRT2004-12-14-0322.txt
Description:
Secure Network Operations Advisory SRT2004-12-14-0322 - Symantec LiveUpdate versions prior to 2.5 are susceptible to a flaw that may allow for local privilege escalation to SYSTEM.
Author:JxT
Homepage:http://www.secnetops.com/
File Size:6353
Last Modified:Dec 30 07:48:43 2004
MD5 Checksum:c165c0623acf61da6251ead2128e8cd6

 ///  File Name: winamp507crash.txt
Description:
Winamp 5.07 is susceptible to denial of service attacks due to file mishandling.
Author:Alan M aka b0f
File Size:1985
Last Modified:Dec 30 07:44:04 2004
MD5 Checksum:e8be87e3716e6df0f867bc1428c620d9

 ///  File Name: lithsock.txt
Description:
The Lithtech game engine is susceptible to a denial of service attack via a logic error when handling UDP packet with zero bytes.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:lithsock.zip"
File Size:3864
Last Modified:Dec 30 07:40:59 2004
MD5 Checksum:cbdc63c6abfeb71d4c773a5282838130

 ///  File Name: 12.13.04.txt
Description:
iDEFENSE Security Advisory 12.13.2004 - Remote exploitation of an integer overflow vulnerability in various vendors' implementations of the read_prf_file method in the xzgv program could allow for arbitrary code execution.
Author:Infamous41md
Homepage:http://www.idefense.com/
File Size:3427
Related CVE(s):CAN-2004-0994
Last Modified:Dec 30 07:38:31 2004
MD5 Checksum:9094914ae014dcd01d35b12600763815

 ///  File Name: advisory-20041213-1.txt
Description:
KDE Security Advisory: The Konqueror web browser allows websites to load web pages into a window or tab currently used by another website. This vulnerability is similar to the Konqueror Frame Injection Vulnerability reported on 2004-08-11 but the solution offered as part of that advisory did not cover the window case. All versions of KDE up to KDE 3.3.2 inclusive.
Homepage:http://www.kde.org/info/security/advisory-20041213-1.txt
File Size:2564
Related CVE(s):CAN-2004-1158
Last Modified:Dec 30 07:36:11 2004
MD5 Checksum:aedf90d9742b949b828604cd0432a405

 ///  File Name: gg-adv.txt
Description:
Several vulnerabilities were discovered ranging from heap, stack, and integer overflows and directory traversals in the Gadu-Gadu instant messenger tool.
Author:Blazej Miga, Jaroslaw Sajko
Homepage:http://www.man.poznan.pl/~security/gg-adv.txt
File Size:5504
Last Modified:Dec 30 07:33:52 2004
MD5 Checksum:02da5334c8f29eb0e1fab878a56517ad

 ///  File Name: 6503.txt
Description:
Opera for Linux has a flaw that allows remote users to execute arbitrary shell commands via the kfmclient default setting for file viewing.
Author:Giovanni Delvecchio
File Size:2385
Last Modified:Dec 30 07:31:06 2004
MD5 Checksum:3ad93256e25abd9367495accc0dacae8

 ///  File Name: phpMyAdmin261rc1.txt
Description:
phpMyAdmin versions prior to 2.6.1-rc1 suffer from command execution and file disclosure vulnerabilities.
Author:Nicolas Gregoire
Homepage:http://www.exaprobe.com/
File Size:2436
Related CVE(s):CAN-2004-1147, CAN-2004-1148
Last Modified:Dec 30 07:26:36 2004
MD5 Checksum:d276543b1c17e03eb47b583955c9ef8f

 ///  File Name: sa13432.txt
Description:
Secunia Security Advisory - Michael Krax and Mark J. Cox have reported some vulnerabilities in mnoGoSearch, which can be exploited by malicious people to conduct cross-site scripting attacks.
Homepage:http://secunia.com/advisories/13432/
File Size:1751
Last Modified:Dec 30 07:24:23 2004
MD5 Checksum:962a4f5be5850367735e4e43e7ece07e

 ///  File Name: sa13431.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in SQLgrey Postfix greylisting service, which can be exploited by malicious people to conduct SQL injection attacks.
Homepage:http://secunia.com/advisories/13431/
File Size:1697
Last Modified:Dec 30 07:23:31 2004
MD5 Checksum:cb34aa907a2e617d31f4a80804aae349

 ///  File Name: sa13438.txt
Description:
Secunia Security Advisory - Ziv Kamir has reported a weakness in WinMail Server, which can be exploited by malicious people to disclose certain system information.
Homepage:http://secunia.com/advisories/13438/
File Size:1762
Last Modified:Dec 30 07:22:33 2004
MD5 Checksum:316650858ffaa3e89db33e3c8a813b8c

 ///  File Name: sa13419.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in MediaWiki, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to insufficient validation of files uploaded to the "images" directory located inside the web root. This can be exploited to upload and execute arbitrary malicious scripts. The vulnerability has been reported in version 1.3.8. Prior versions may also be affected.
Homepage:http://secunia.com/advisories/13419/
File Size:1740
Last Modified:Dec 30 07:21:19 2004
MD5 Checksum:26f47b168b90e2d069ab32adaf8616f1

 ///  File Name: novacoast.txt
Description:
Novacoast Security Advisory - Novacoast has discovered a vulnerability in the Novell NetWare Operating System screen saver software. The vulnerability allows a local attacker to bypass authentication and access the system console. Novell Netware 5/5.1/6.0/6.5 are affected.
Author:Adam Gray
Homepage:http://www.novacoast.com
File Size:2184
Last Modified:Dec 30 07:18:42 2004
MD5 Checksum:87c0028baf896cdeed12a666af521342

 ///  File Name: ieCache.txt
Description:
When IE is configured to access internet using proxy, the user's authentication details are cached locally without IE prompting the user. Even though the 'save my password' option is not checked, the user's proxy authentication details are cached locally without the user's knowledge.
Author:Debasis Mohanty
Homepage:http://www.hackingspirits.com
File Size:4132
Last Modified:Dec 30 07:16:35 2004
MD5 Checksum:5ddedaff2b7e51abc9ab0678dd8c3d05

 ///  File Name: mtroff-by-one.txt
Description:
mtr is susceptible to raw socket hijacking, allowing for the spoofing of ICMP packets.
Author:Przemyslaw Frasunek
File Size:7781
Last Modified:Dec 30 07:15:17 2004
MD5 Checksum:3cba2beb8ae7f282ff09a6215b7d27fb

 ///  File Name: goregsbof.zip
Description:
Gore proof of concept exploit that makes use of a buffer overflow in the Gamespy cd-key validation SDK toolkit.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related File:la-gamespy.txt
File Size:15708
Last Modified:Dec 12 21:02:31 2004
MD5 Checksum:29998dc5ebf4dbf3d7f3672daafe3e2e

 ///  File Name: la-gamespy.txt
Description:
Gamespy cd-key validation SDK toolkit suffers from an in-game buffer overflow vulnerability.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:goregsbof.zip"
File Size:3880
Last Modified:Dec 12 21:01:28 2004
MD5 Checksum:c59c53f29209a6bfb0b3ed5454cc022c