Section:  .. / 0412-advisories  /

Page 6 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 125 - 150 of 253
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: sa12981.txt
Description:
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to the filename and the Content-Type header not being sufficiently validated before being displayed in the file download dialog. This can be exploited to spoof file types in the download dialog by passing specially crafted Content-Disposition and Content-Type headers containing dots and ASCII character code 160. Successful exploitation may result in users being tricked into executing a malicious file via the download dialog. The vulnerability has been confirmed on Opera 7.54 for Windows. Other versions may also be affected.
Homepage:http://secunia.com/advisories/12981/
File Size:2187
Last Modified:Dec 12 20:46:36 2004
MD5 Checksum:3fb4866a9f4e307fff19bed0da4dd1ee

 ///  File Name: novacoast.txt
Description:
Novacoast Security Advisory - Novacoast has discovered a vulnerability in the Novell NetWare Operating System screen saver software. The vulnerability allows a local attacker to bypass authentication and access the system console. Novell Netware 5/5.1/6.0/6.5 are affected.
Author:Adam Gray
Homepage:http://www.novacoast.com
File Size:2184
Last Modified:Dec 30 07:18:42 2004
MD5 Checksum:87c0028baf896cdeed12a666af521342

 ///  File Name: oracle23122004B.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR23122004B - The Oracle database server supports PL/SQL, a programming language. PL/SQL can execute external procedures via extproc. Extproc has been found to suffer from a directory traversal problem that allows attackers access to arbitrary libraries. Systems Affected: Oracle 10g/9i on all operating systems.
Author:David Litchfield
Homepage:http://www.ngssoftware.com/advisories/oracle23122004B.txt
File Size:2181
Last Modified:Dec 31 22:37:23 2004
MD5 Checksum:ed02212351daf65fa9d5c70b6f46cee1

 ///  File Name: abc2midi.txt
Description:
abc2midi suffers from two vulnerabilities that allow for system compromise.
Author:Limin Wang
Homepage:http://tigger.uic.edu/~jlongs2/holes/abc2midi.txt
File Size:2178
Last Modified:Dec 30 10:53:56 2004
MD5 Checksum:76e99f06e6a5ef24b8fe943881ff7086

 ///  File Name: oracle23122004C.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR23122004C - The Oracle database server supports PL/SQL, a programming language. PL/SQL can execute external procedures via extproc. Extproc is intended only to accept requests from the Oracle database server but local users can still execute commands bypassing this restriction. Systems Affected: Oracle 10g/9i on all operating systems.
Author:David Litchfield
Homepage:http://www.ngssoftware.com/advisories/oracle23122004C.txt
File Size:2153
Last Modified:Dec 31 22:39:21 2004
MD5 Checksum:dae273bf1612c10c3afe4b3514192b16

 ///  File Name: sa13402.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Netscape, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
Homepage:http://secunia.com/advisories/13402/
File Size:2149
Last Modified:Dec 12 20:01:08 2004
MD5 Checksum:0aef008c7fe64fa654b08cb70e1f9d4c

 ///  File Name: sa13356.txt
Description:
Secunia Security Advisory - Secunia Research has reported a vulnerability in Internet Explorer for Mac, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
Homepage:http://secunia.com/advisories/13356/
File Size:2145
Last Modified:Dec 12 20:39:33 2004
MD5 Checksum:adf0af6b6b8a14df5261f983f91d7705

 ///  File Name: enpa-sa-00016.txt
Description:
Ethereal Security Advisory Enpa-sa-00016 - Multiple vulnerabilities in Ethereal versions 0.9.0 to 0.10.7 have been discovered that all result in denial of service outcomes.
Homepage:http://www.ethereal.com/
File Size:2144
Related CVE(s):CAN-2004-1139, CAN-2004-1140, CAN-2004-1141, CAN-2004-1142
Last Modified:Dec 31 19:31:21 2004
MD5 Checksum:12ef5e7a5bdf9df70e1e8edcf173c48e

 ///  File Name: sa13448.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in NetMail, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified boundary error within IMAPD and can be exploited to cause a buffer overflow via the 101_mEna script.
Homepage:http://secunia.com/advisories/13448/
File Size:2141
Last Modified:Dec 30 09:11:33 2004
MD5 Checksum:74480cf25a22d38b205c38203896d6d0

 ///  File Name: sa12856.txt
Description:
Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Ansel, which can be exploited by malicious people to conduct SQL injection and script insertion attacks. The vulnerabilities have been confirmed on version 2.1. Prior versions may also be affected.
Homepage:http://secunia.com/advisories/12856/
File Size:2137
Last Modified:Dec 12 19:01:40 2004
MD5 Checksum:183894877550ebc229bbc6cbb28c51ea

 ///  File Name: procmail.cshrc.txt
Description:
Due to procmail sourcing the .cshrc of the user it is forwarding the mail to under the root uid, it may be possible allow for local root compromise.
Author:Michael Barnes
File Size:2129
Last Modified:Dec 31 20:08:41 2004
MD5 Checksum:b5129ace3978a73c308b20318e809f23

 ///  File Name: yanf.txt
Description:
A buffer overflow vulnerability exists in the Yanf news fetcher utility version 0.4.
Author:Ariel Berkman
File Size:2123
Last Modified:Dec 31 10:49:57 2004
MD5 Checksum:14bbda8f498430f2e0419965424f8c90

 ///  File Name: SSA-20041215-17.txt
Description:
STG Security Advisory: JSBoard is one of widely used web BBS applications in Korea. However, an input validation flaw can allow malicious attackers the ability to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user.
Author:Jeremy Bae
Homepage:http://stgsecurity.com/
File Size:2118
Last Modified:Dec 30 09:37:08 2004
MD5 Checksum:e81a5f10b311b20cc16f6ad1dab6843a

 ///  File Name: bsb2ppm.txt
Description:
A buffer overflow vulnerability in libbsb version 0.0.6 allows for system compromise.
Author:James Longstreet, Tom Indelli
Homepage:http://tigger.uic.edu/~jlongs2/holes/bsb2ppm.txt
File Size:2106
Last Modified:Dec 30 11:01:01 2004
MD5 Checksum:428561c54110ead22c8fd9f495687c65

 ///  File Name: convex3d.txt
Description:
Convex 3D version 0.8pre1 is susceptible to a boundary error condition in the readObjectChunk() function that can result in arbitrary code execution.
Author:Ariel Berkman
Homepage:http://tigger.uic.edu/~jlongs2/holes/convex3d.txt
File Size:2102
Last Modified:Dec 30 10:55:23 2004
MD5 Checksum:f121a61b8ab0221cb66d4b8c80eb3527

 ///  File Name: sa13418.txt
Description:
Secunia Security Advisory - Secunia Research has reported a vulnerability in OmniWeb, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
Homepage:http://secunia.com/advisories/13418/
File Size:2101
Last Modified:Dec 12 20:40:05 2004
MD5 Checksum:747f7b74d54647ff1db21130edfeec46

 ///  File Name: sa13252.txt
Description:
Secunia Security Advisory - Secunia Research has reported a vulnerability in Safari, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
Homepage:http://secunia.com/advisories/13252/
File Size:2095
Last Modified:Dec 12 19:56:42 2004
MD5 Checksum:ea33f990f046a701611a61f64d8e729e

 ///  File Name: asp2php.txt
Description:
Two vulnerabilities in asp2php version 0.76.23 allow for system compromise.
Author:Qiao Zhang
Homepage:http://tigger.uic.edu/~jlongs2/holes/asp2php.txt
File Size:2095
Last Modified:Dec 30 10:52:49 2004
MD5 Checksum:afd094baa3735c21b59625bbc6e4bfef

 ///  File Name: chbg.txt
Description:
A buffer overflow in the simplify_path() function of chbg version 1.5 allows for system compromise.
Author:Danny Lungstrom
Homepage:http://tigger.uic.edu/~jlongs2/holes/chbg.txt
File Size:2094
Last Modified:Dec 30 11:10:12 2004
MD5 Checksum:dd6ee8190c3b3aa744db24acef213db0

 ///  File Name: sa13253.txt
Description:
Secunia Security Advisory - Secunia Research has reported a vulnerability in Opera, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
Homepage:http://secunia.com/advisories/13253/
File Size:2089
Last Modified:Dec 12 19:53:33 2004
MD5 Checksum:3efea787cbbeb726fc5397278bbf2e45

 ///  File Name: dxfscope.txt
Description:
DXFscope version 0.2 is susceptible to a buffer overflow in the dxfin() function.
Author:Ariel Berkman
File Size:2088
Last Modified:Dec 30 21:02:37 2004
MD5 Checksum:82eb657d34bf358e211533dc74d15262

 ///  File Name: pcal.txt
Description:
Buffer overflow vulnerabilities in the getline() and get_holiday() functions of Pcal version 4.7.1 may allow for system compromise.
Author:Danny Lungstrom
File Size:2085
Last Modified:Dec 30 21:55:22 2004
MD5 Checksum:cb6b2d027816ca5bd3dd0f51705f9c80

 ///  File Name: sa13412.txt
Description:
Secunia Security Advisory - Secunia Research has reported a vulnerability in iCab, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
Homepage:http://secunia.com/advisories/13412/
File Size:2073
Last Modified:Dec 12 20:40:42 2004
MD5 Checksum:7531e49b89babc4fb79c7fc6e0e9a541

 ///  File Name: SSA-20041215-1.txt
Description:
STG Security Advisory: MoniWiki is susceptible to a file upload flaw due to a mishandling of multiple file extensions.
Author:Jeremy Bae
Homepage:http://stgsecurity.com/
File Size:2070
Last Modified:Dec 30 09:10:30 2004
MD5 Checksum:c75c9e0f06120887e6326a83087df2d3

 ///  File Name: junkie.txt
Description:
Multiple input validation errors exist in Junkie version 0.3.1 that allow for command execution and directory traversal attacks.
Author:Yosef Klein
File Size:2041
Last Modified:Dec 30 21:08:55 2004
MD5 Checksum:515671d678ea00a67f75ffee1d76995f