Section:  .. / 0405-advisories  /

Page 2 of 5
<< 1 2 3 4 5 >> Files 25 - 50 of 105
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: waraxe-2004-SA029.txt
Description:
PHP-Nuke versions 6.x to 7.3 allow for possible file inclusion.
Author:Janek Vind aka waraxe
Homepage:http://www.waraxe.us/
File Size:4773
Last Modified:May 18 06:15:09 2004
MD5 Checksum:0103012506b8246cda5c7092c61fec41

 ///  File Name: 57555.html
Description:
A vulnerability in the Java Runtime Environment may allow a remote unprivileged user to cause the Java Virtual Machine to become unresponsive resulting in a Denial of Service (DoS) condition for the runtime environment and servers that run on the runtime environment. Affected versions are Sun Java JRE 1.4.x and Sun Java SDK 1.4.x. Unaffected versions are 1.4.2_04 or later.
Homepage:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57555
File Size:4725
Last Modified:May 9 21:50:22 2004
MD5 Checksum:42981e16840d5ca77ca9020d0c0ded7a

 ///  File Name: eEye.symantecDNS2.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a second vulnerability in the Symantec firewall product line that can be remotely exploited to cause a severe denial-of-service condition on systems running a default installation of an affected version of the product. By sending a single malicious DNS (UDP port 53) response packet to a vulnerable host, an attacker can cause the Symantec DNS response validation code to enter an infinite loop within the kernel, amounting to a system freeze that requires the machine to be physically rebooted in order to restore operation. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.
Author:Barnaby Jack, Karl Lynn, Derek Soeder
Homepage:http://www.eeye.com
Related File:eEye.symantecDNS1.txt
File Size:4536
Last Modified:May 13 21:31:10 2004
MD5 Checksum:c6d369f84c7a3b1f5a708237adaeb655

 ///  File Name: mplayerRTSP.html
Description:
Multiple vulnerabilities have been discovered and fixed in the Real-Time Streaming Protocol (RTSP). Versions of MPlayer below 1.0pre4 are affected.
Homepage:http://www.mplayerhq.hu/
File Size:4515
Last Modified:May 1 18:43:09 2004
MD5 Checksum:0e22669fb9c8e65d570d75ef7d965f1f

 ///  File Name: FreeBSD-SA-04:11.msync.txt
Description:
FreeBSD Security Advisory FreeBSD-SA-04:11.msync - Programming errors in the implementation of the msync(2) system call involving the MS_INVALIDATE operation lead to cache consistency problems between the virtual memory system and on-disk contents. In some situations, a user with read access to a file may be able to prevent changes to that file from being committed to disk.
Author:Stephan Uphoff, Matt Dillon
Homepage:http://www.freebsd.org/security/
File Size:4501
Related CVE(s):CAN-2004-0435
Last Modified:May 26 23:25:28 2004
MD5 Checksum:cb50bc11528130a72e93716778e80844

 ///  File Name: eEye.symantecDNS1.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a critical remote vulnerability within the Symantec firewall product line. A buffer overflow exists within a core driver component that handles the processing of DNS (Domain Name Service) requests and responses. By sending a DNS Resource Record with an overly long canonical name, a traditional stack-based buffer overflow is triggered. Successful exploitation of this flaw yields remote KERNEL access to the system. With the ability to freely execute code at the Ring 0 privilege level, there are literally no boundaries for an attacker. It should also be noted, that due to a separate design flaw in the firewalls handling of incoming packets, this attack can be successfully performed with all ports filtered, and all intrusion rules set. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.
Author:Barnaby Jack, Karl Lynn
Homepage:http://www.eeye.com
Related File:eEye.symantecDNS2.txt
File Size:4470
Last Modified:May 13 21:28:49 2004
MD5 Checksum:8295edc7eefa9f06f7e60fb8bec3d918

 ///  File Name: tttc.txt
Description:
TTT-C is susceptible to multiple cross site scripting attacks due to the fact that it does not sanitize variables.
Author:Kaloyan Olegov Georgiev
File Size:4381
Last Modified:May 18 05:55:59 2004
MD5 Checksum:1a02809db58f3bb930bb86e3d98bbccf

 ///  File Name: 052004.txt
Description:
Within phpMyFAQ an input validation problem exists which allows an attacker to include arbitrary local files. With known tricks to inject PHP code into log or session files this could lead to remote PHP code execution. Versions affected are 1.3.12 and below for the stable releases, and 1.4.0-alpha1 and below for the developer releases.
Author:Stefan Esser
Homepage:http://security.e-matters.de/advisories/052004.html
File Size:4349
Last Modified:May 19 20:35:05 2004
MD5 Checksum:21f10be7bea92bf3e9b8f03c6050e747

 ///  File Name: 05.12.04.txt
Description:
iDEFENSE Security Advisory 05.12.04: Exploitation of an input validation vulnerability within Opera Software ASA.'s Opera Web Browser could allow remote attackers to create or truncate arbitrary files. The problem specifically exists within the telnet URI handler. Opera does not check for '-' at the beginning of hostname passed through the handler, which lets options pass to the telnet program, allowing file creation or overwriting.
Author:Karol Wiesek, Greg MacManus
Homepage:http://www.idefense.com/
File Size:4238
Last Modified:May 13 21:58:51 2004
MD5 Checksum:23806cfad7c62fa62b97951faae8296c

 ///  File Name: 082004.txt
Description:
Subversion versions 1.0.2 and below suffer from a date parsing vulnerability that can be abused to allow remote code execution server-side.
Author:Stefan Esser
Homepage:http://security.e-matters.de/
File Size:4215
Last Modified:May 19 23:18:30 2004
MD5 Checksum:d795881a64a6d0778dd44d89589da77f

 ///  File Name: 062004.txt
Description:
libneon versions 0.24.5 and below have a date parsing vulnerability that can cause a heap overflow leading to remote code execution.
Author:Stefan Esser
Homepage:http://security.e-matters.de/
File Size:4002
Last Modified:May 19 23:20:34 2004
MD5 Checksum:c6bfda648f44323f5cda88b0d79b9cb7

 ///  File Name: 021829.html
Description:
Variant vulnerabilities have been disclosed regarding the flaw in Mac OS X where code can be silently delivered via the disk URI handler vulnerability.
Author:Rosalina Hamar
File Size:3991
Last Modified:May 24 08:26:23 2004
MD5 Checksum:d2862999845ac4b29764dced862fcb3c

 ///  File Name: eEye.quicktime.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in Apple's QuickTime Player. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code within the SYSTEM context. Versions affected are Apple QuickTime 6.5 and Apple iTunes 4.2.0.72.
Author:Karl Lynn
Homepage:http://www.eeye.com/
File Size:3983
Related CVE(s):CAN-2004-0431
Last Modified:May 4 04:52:16 2004
MD5 Checksum:7d5df22d85b6fdb5dcc3e2513ed9efc7

 ///  File Name: props061.txt
Description:
Props version 0.6.1 is susceptible to cross site scripting attack and allows an attacker the ability to see any file on the system due to flaws in glossary.php.
Author:Manuel Lopez
File Size:3939
Last Modified:May 4 04:43:57 2004
MD5 Checksum:dc448db60056a58bf9c72c8afd7328dc

 ///  File Name: chmexec.txt
Description:
A weakness in the way Microsoft IE fails to handle double backslashes in Showhelp() allows for yet another way to locally execute files.
Author:Roozbeh Afrasiabi
File Size:3910
Last Modified:May 14 00:34:29 2004
MD5 Checksum:037ca7cbdada3756ae1948779424bcc0

 ///  File Name: dsa-509.txt
Description:
Debian Security Advisory DSA 509-1 - Steve Kemp discovered a vulnerability in xatitv, one of the programs in the gatos package. If an administrator removes the default configuration file, a local attacker can escalate to root privileges.
Author:Matt Zimmerman
Homepage:http://www.debian.org/security/
File Size:3756
Related CVE(s):CAN-2004-0395
Last Modified:May 30 21:57:32 2004
MD5 Checksum:8e513db87dd560ae68c5ed832e87a45f

 ///  File Name: 072004.txt
Description:
Stable CVS releases up to 1.11.15 and CVS feature releases up to 1.12.7 both contain a flaw when deciding if a CVS entry line should get a modified or unchanged flag attached. This results in a heap overflow which can be exploited to execute arbitrary code on the CVS server. This could allow a repository compromise.
Author:Stefan Esser
Homepage:http://security.e-matters.de/
File Size:3678
Related CVE(s):CAN-2004-0396
Last Modified:May 19 20:21:05 2004
MD5 Checksum:09c615ca4949fdcef92d552a9c7314a9

 ///  File Name: EXPL-A-2003-027.txt
Description:
Exploitlabs.com Advisory 27 - Microsoft Windows Help and Support Center has a vulnerability due to an unspecified input validation error. This can be exploited via the HCP protocol on Microsoft Windows XP and Microsoft Windows 2003 through Internet Explorer or Outlook and allows for arbitrary code execution.
Author:Donnie Werner
Homepage:http://exploitlabs.com
File Size:3622
Last Modified:May 12 22:30:50 2004
MD5 Checksum:69d0842c5d6c23ea20c9d1091c103d08

 ///  File Name: clsid.txt
Description:
Microsoft Windows Explorer suffers from a flaw where it will execute underlying files when they are linked in html pages.
Author:Roozbeh Afrasiabi
File Size:3500
Last Modified:May 21 20:37:22 2004
MD5 Checksum:df6bf2cdb3a2dc7dc34812a92cf3252a

 ///  File Name: adv-desktopini.txt
Description:
Certain system folders on Microsoft Windows XP are created referencing the shellclassinfo in desktop.ini, allowing for executables to be masked as elsewise.
Author:Roozbeh Afrasiabi
File Size:3475
Last Modified:May 19 20:30:35 2004
MD5 Checksum:3efeebce972ebe99a83b3b1f29f838e7

 ///  File Name: kolab.html
Description:
Kolab server version 1.x suffers from an information disclosure vulnerability where it stores the OpenLDAP root password in clear text in slapd.conf.
Author:Luca Villani
File Size:3378
Last Modified:May 7 23:13:27 2004
MD5 Checksum:e947dbd6444a6d2ca3139a7ca0eee667

 ///  File Name: solaris-smc-advisory.txt
Description:
Directory traversal attacks on the Sun Solaris SMC Web Server under releases 8 and 9 allow a remote attacker to determine whether or not a file exists on the underlying filesystem due to differences in error messages.
Author:Jon Hart
Homepage:http://www.spoofed.org/
File Size:3298
Last Modified:May 14 18:04:17 2004
MD5 Checksum:7b79ff96ee995dcdd9fb617dd3c4e1f5

 ///  File Name: 05.26.04.txt
Description:
iDEFENSE Security Advisory 05.26.04: Remote exploitation of a buffer overflow in firmware release 1.1.9.4 of 3Com's OfficeConnect Remote 812 ADSL Router could allow a denial of service. By sending a specially formed long string to the telnet port of a vulnerable device containing Telnet escape sequences, it is possible to get it to either reboot or stop handling packets. If the device does not reboot spontaneously, it will require a manual reboot before continuing normal operation.
Author:Rafel Ivgi
Homepage:http://www.idefense.com/
File Size:3196
Related CVE(s):CAN-2004-0476
Last Modified:May 26 23:29:57 2004
MD5 Checksum:41f1bb435f4e51da48d20824ab7a99a3

 ///  File Name: e107.ramsa.txt
Description:
R.A.M. Security Advisory - All versions of e107 have a vulnerability in the user.php file that allows malicious attackers the ability to post cross site scripting or html tags to a website for a member.
Homepage:http://www.ramsecurity.us
File Size:3162
Last Modified:May 26 00:15:48 2004
MD5 Checksum:54e918b831480f28fe959ad7a1a46a85

 ///  File Name: verity.txt
Description:
Verity Ultraseek versions 5.2.1 and below suffer from a path disclosure vulnerability.
Author:Martin O'Neal
File Size:3049
Related CVE(s):CAN-2004-0050
Last Modified:May 7 21:21:23 2004
MD5 Checksum:4cd573175d8440191d3f24311517d039