Section:  .. / 0405-advisories  /

Page 2 of 5
<< 1 2 3 4 5 >> Files 25 - 50 of 105
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: cpanelApache.txt
Description:
The options used by cPanel software to compile Apache 1.3.29 and PHP using the mod_phpsuexec option are flawed and allow any local user to execute arbitrary code as any other user owning a web accessible php file.
Author:Rob Brown
Homepage:http://A-Squad.Com
File Size:2680
Last Modified:May 26 00:30:29 2004
MD5 Checksum:7b88b68b4fa4d957d1bd9e593e8fb0ce

 ///  File Name: cqurecitrix.txt
Description:
MetaFrame XP Presentation Server and MetaFrame 1.8 have a flaw that allows an administrator account to mount any client drive available in any user's Citrix session.
Author:Patrik Karlsson
Homepage:http://www.cqure.net
File Size:1614
Last Modified:May 4 04:34:51 2004
MD5 Checksum:4e78bb9e52e44f87d4c6a271a57bcf50

 ///  File Name: dsa-498.txt
Description:
Debian Security Advisory DSA 492-1 - Steve Grubb discovered a problem in the Portable Network Graphics library libpng which is utilized in several applications. When processing a broken PNG image, the error handling routine will access memory that is out of bounds when creating an error message. Depending on machine architecture, bounds checking and other protective measures, this problem could cause the program to crash if a defective or intentionally prepared PNG image file is handled by libpng.
Author:Martin Schulze
Homepage:http://www.debian.org/security/
File Size:11392
Related CVE(s):CAN-2004-0421
Last Modified:May 4 01:08:28 2004
MD5 Checksum:82a946c0babb489599d8c36fe6ed9ee7

 ///  File Name: dsa-508.txt
Description:
Debian Security Advisory DSA 508-1 - Jaguar discovered a vulnerability in one component of xpcd, a PhotoCD viewer. xpcd-svga, part of xpcd which uses svgalib to display graphics on the console, would copy user-supplied data of arbitrary length into a fixed-size buffer in the pcd_open function.
Author:Matt Zimmerman
Homepage:http://www.debian.org/security/
File Size:6509
Related CVE(s):CAN-2004-0402
Last Modified:May 26 00:17:54 2004
MD5 Checksum:230dc02db9771dfbfeb854cb7f69cf59

 ///  File Name: dsa-509.txt
Description:
Debian Security Advisory DSA 509-1 - Steve Kemp discovered a vulnerability in xatitv, one of the programs in the gatos package. If an administrator removes the default configuration file, a local attacker can escalate to root privileges.
Author:Matt Zimmerman
Homepage:http://www.debian.org/security/
File Size:3756
Related CVE(s):CAN-2004-0395
Last Modified:May 30 21:57:32 2004
MD5 Checksum:8e513db87dd560ae68c5ed832e87a45f

 ///  File Name: dsa-510.txt
Description:
Debian Security Advisory DSA 510-1 - jaguar discovered a format string vulnerability in jftpgw, an FTP proxy program, whereby a remote user could potentially cause arbitrary code to be executed with the privileges of the jftpgw server process, which runs as user nobody by default.
Author:Matt Zimmerman
Homepage:http://www.debian.org/security/
File Size:4821
Related CVE(s):CAN-2004-0448
Last Modified:May 30 21:59:34 2004
MD5 Checksum:abeaaf252e7640c0ef709f46ea2e206f

 ///  File Name: e107.ramsa.txt
Description:
R.A.M. Security Advisory - All versions of e107 have a vulnerability in the user.php file that allows malicious attackers the ability to post cross site scripting or html tags to a website for a member.
Homepage:http://www.ramsecurity.us
File Size:3162
Last Modified:May 26 00:15:48 2004
MD5 Checksum:54e918b831480f28fe959ad7a1a46a85

 ///  File Name: e107flaw.txt
Description:
All versions of e107 have a vulnerability that allows html tags and content to be posted to the stats page and to be listed under Referers. This allows an attacker to put any site link or code they want on the list of Referers.
Author:Chinchilla
File Size:1302
Last Modified:May 21 20:41:55 2004
MD5 Checksum:41a2f539fb007db163ce4892b4db18a9

 ///  File Name: eEye.quicktime.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in Apple's QuickTime Player. The vulnerability allows a remote attacker to reliably overwrite heap memory with user-controlled data and execute arbitrary code within the SYSTEM context. Versions affected are Apple QuickTime 6.5 and Apple iTunes 4.2.0.72.
Author:Karl Lynn
Homepage:http://www.eeye.com/
File Size:3983
Related CVE(s):CAN-2004-0431
Last Modified:May 4 04:52:16 2004
MD5 Checksum:7d5df22d85b6fdb5dcc3e2513ed9efc7

 ///  File Name: eEye.symantecDNS1.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a critical remote vulnerability within the Symantec firewall product line. A buffer overflow exists within a core driver component that handles the processing of DNS (Domain Name Service) requests and responses. By sending a DNS Resource Record with an overly long canonical name, a traditional stack-based buffer overflow is triggered. Successful exploitation of this flaw yields remote KERNEL access to the system. With the ability to freely execute code at the Ring 0 privilege level, there are literally no boundaries for an attacker. It should also be noted, that due to a separate design flaw in the firewalls handling of incoming packets, this attack can be successfully performed with all ports filtered, and all intrusion rules set. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.
Author:Barnaby Jack, Karl Lynn
Homepage:http://www.eeye.com
Related File:eEye.symantecDNS2.txt
File Size:4470
Last Modified:May 13 21:28:49 2004
MD5 Checksum:8295edc7eefa9f06f7e60fb8bec3d918

 ///  File Name: eEye.symantecDNS2.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a second vulnerability in the Symantec firewall product line that can be remotely exploited to cause a severe denial-of-service condition on systems running a default installation of an affected version of the product. By sending a single malicious DNS (UDP port 53) response packet to a vulnerable host, an attacker can cause the Symantec DNS response validation code to enter an infinite loop within the kernel, amounting to a system freeze that requires the machine to be physically rebooted in order to restore operation. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.
Author:Barnaby Jack, Karl Lynn, Derek Soeder
Homepage:http://www.eeye.com
Related File:eEye.symantecDNS1.txt
File Size:4536
Last Modified:May 13 21:31:10 2004
MD5 Checksum:c6d369f84c7a3b1f5a708237adaeb655

 ///  File Name: eEye.symantecNBNS1.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in the Symantec firewall product line that would allow a remote, anonymous attacker to execute arbitrary code on a system running an affected version of the product. By sending a single specially-crafted NetBIOS Name Service (UDP port 137) packet to a vulnerable host, an attacker could cause an arbitrary memory location to be overwritten with data he or she controls, leading to the execution of attacker-supplied code with kernel privileges and the absolute compromise of the target. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.
Author:Derek Soeder
Homepage:http://www.eeye.com
Related File:eEye.symantecNBNS2.txt
File Size:8098
Last Modified:May 13 21:33:57 2004
MD5 Checksum:a69de10416e0a340595d1431671a5b59

 ///  File Name: eEye.symantecNBNS2.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a critical remote vulnerability within the Symantec firewall product line. There is a remote heap corruption vulnerability in SYMDNS.SYS, a driver that validates NetBIOS Name Service responses, which can lead to execution of arbitrary code for various Symantec products. Successful exploitation of this flaw yields remote kernel access to the system. Systems Affected: Symantec Norton Internet Security 2002/2003/2004, Symantec Norton Internet Security Professional 2002/2003/2004, Symantec Norton Personal Firewall 2002/2003/2004, Symantec Client Firewall 5.01/5.1.1, Symantec Client Security 1.0/1.1/2.0(SCF 7.1), and Symantec Norton AntiSpam 2004.
Author:Karl Lynn
Homepage:http://www.eeye.com
Related File:eEye.symantecNBNS1.txt
File Size:5322
Last Modified:May 13 21:35:26 2004
MD5 Checksum:5eb4ad8ec8faad0f8566c38c96c95408

 ///  File Name: efFingerD.txt
Description:
A buffer overflow has been identified in efFingerD version 0.2.12.
Author:Dr Insane
Homepage:http://members.lycos.co.uk/r34ct/
File Size:2143
Last Modified:May 9 21:18:12 2004
MD5 Checksum:ae9c4ad933b2c7d88a1ce442f5d61cae

 ///  File Name: enpa-sa-00014.html
Description:
Ethereal Security Advisory Enpa-sa-00014 - It may be possible to make Ethereal crash or run arbitrary code by injecting a purposefully malformed packet onto the wire, by convincing someone to read a malformed packet trace file, or by creating a malformed color filter file. Versions affected: 0.9.8 up to and including 0.10.3.
Homepage:http://www.ethereal.com
File Size:4784
Last Modified:May 14 17:46:12 2004
MD5 Checksum:8ab2a305da29ab6d24099badba3cc475

 ///  File Name: eudoraConceal.txt
Description:
Eudora is susceptible to a fraudulent URL vulnerability where a malicious URL can be masked behind what appears to be a legitimate link in the client. This technique is used commonly by phishers.
Author:Brett Glass
File Size:1786
Last Modified:May 9 20:43:48 2004
MD5 Checksum:b858f46e715bf5933a065b2cd00ef30a

 ///  File Name: EXPL-A-2003-027.txt
Description:
Exploitlabs.com Advisory 27 - Microsoft Windows Help and Support Center has a vulnerability due to an unspecified input validation error. This can be exploited via the HCP protocol on Microsoft Windows XP and Microsoft Windows 2003 through Internet Explorer or Outlook and allows for arbitrary code execution.
Author:Donnie Werner
Homepage:http://exploitlabs.com
File Size:3622
Last Modified:May 12 22:30:50 2004
MD5 Checksum:69d0842c5d6c23ea20c9d1091c103d08

 ///  File Name: FreeBSD-SA-04:11.msync.txt
Description:
FreeBSD Security Advisory FreeBSD-SA-04:11.msync - Programming errors in the implementation of the msync(2) system call involving the MS_INVALIDATE operation lead to cache consistency problems between the virtual memory system and on-disk contents. In some situations, a user with read access to a file may be able to prevent changes to that file from being committed to disk.
Author:Stephan Uphoff, Matt Dillon
Homepage:http://www.freebsd.org/security/
File Size:4501
Related CVE(s):CAN-2004-0435
Last Modified:May 26 23:25:28 2004
MD5 Checksum:cb50bc11528130a72e93716778e80844

 ///  File Name: fsc-2004-1.shtml
Description:
F-Secure Security Bulletin FSC-2004-1 - Certain malformed LHA archives cause a buffer overflow when scanning them for viruses. The error typically causes a restart of one of the modules in the product. This leads to performance degradation and makes denial of service attacks possible. Product lines affected: F-Secure Internet Security 2004, F-Secure Anti-Virus 2004, Solutions based on F-Secure Personal Express 4.6x and 4.7x.
Homepage:http://www.f-secure.com/security/fsc-2004-1.shtml
File Size:16901
Last Modified:May 27 01:37:27 2004
MD5 Checksum:853fa2a7a72dbfb7afae1b4645b4c8ee

 ///  File Name: fuse40.txt
Description:
Fuse Talk version 4.0 has various flaws that would enable a remote attacker to ban users and the possibility of tricking an administrator into adding accounts for them. It is also susceptible to various cross site scripting issues.
Author:Stuart Jamieson
File Size:2006
Last Modified:May 7 23:07:23 2004
MD5 Checksum:936ee940234bce6ec5bfcf6db8c93176

 ///  File Name: hatsquad.txt
Description:
Hat-Squad Advisory - A remote heap overflow has been discovered in MailEnable Professional Edition versions 1.5 to 1.7. Sending an HTTP request with more than 4045 bytes to MEHTTPS service will cause a heap buffer overflow while logging is enabled. It is possible for a remote attacker to execute code as SYSTEM.
Author:Behrang Fouladi
Homepage:http://www.hat-squad.com/en/000071.html
File Size:1450
Last Modified:May 11 06:22:54 2004
MD5 Checksum:e8cbedf18c0432171619a7f7f9c9f925

 ///  File Name: heimdal.txt
Description:
Heimdal releases prior to 0.6.2 with kadmind version4 have been found vulnerable to a remote pre-auth heap overflow.
Author:Evgeny Demidov
File Size:912
Related CVE(s):CAN-2004-0434
Last Modified:May 7 22:53:15 2004
MD5 Checksum:3714c70cdaa7bc3f8b7c84249e6bdbcf

 ///  File Name: icecast.txt
Description:
A vulnerability exists in Icecast 2.x that can cause a denial of service condition.
Author:ned
File Size:1782
Last Modified:May 14 01:23:06 2004
MD5 Checksum:315dd4a7b1126cb8be23ffe6c83a6d9e

 ///  File Name: ieImageMap.txt
Description:
A vulnerability has been found in Microsoft Internet Explorer that allows an attacker to use a specially coded ImageMap to spoof the URL displayed in the lower, left hand corner of the browser.
Author:Paul Kurczaba
Homepage:http://www.kurczaba.com/
File Size:960
Last Modified:May 18 06:10:46 2004
MD5 Checksum:90f0acee4e7ae4b72da9e91108fd49c9

 ///  File Name: iemem.txt
Description:
Internet Explorer version 6.0.2800 and MSN Messenger suffer from a memory access violation bug that can result in a denial of service.
Author:Emmanouel Kellinis
Homepage:http://www.cipher.org.uk
File Size:2398
Last Modified:May 9 20:12:31 2004
MD5 Checksum:95e7bdf3821559d44bdf1117775399ec