Section:  .. / 0408-advisories  /

Page 3 of 6
<< 1 2 3 4 5 6 >> Files 50 - 75 of 147
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: gaucho140.html
Description:
Gaucho version 1.4 Build 145 is vulnerable to a buffer overflow when receiving malformed emails from a POP3 server. This vulnerability is triggered if Gaucho receives from the POP3 server, a specially crafted email that has an abnormally long string in the Content-Type field of the email header. This string will overwrite EIP via SEH, and can be exploited to execute arbitrary code.
Author:Tan Chew Keong
Homepage:http://www.security.org.sg/vuln/gaucho140.html
Related Exploit:gaucho140poc.cpp.txt"
File Size:3679
Last Modified:Aug 27 00:21:07 2004
MD5 Checksum:3382c9b3cbaca0beaf6ed81da2bcec76

 ///  File Name: glsa-200408-16.txt
Description:
Gentoo Linux Security Advisory GLSA 200408-16 - glibc contains an information leak vulnerability allowing the debugging of SUID binaries. Versions 2.3.2 and below are affected.
Author:Silvio Cesare
Homepage:http://security.gentoo.org/
File Size:3915
Last Modified:Aug 19 08:42:07 2004
MD5 Checksum:30efee828e4fe1b73bdad7234480c68d

 ///  File Name: glsa-200408-18.txt
Description:
Gentoo Linux Security Advisory GLSA 200408-18 - xine-lib contains a bug where it is possible to overflow the vcd:// input source identifier management buffer through carefully crafted playlists. Versions 1_rc5-r2 and below are affected.
Homepage:http://security.gentoo.org/
File Size:2992
Last Modified:Aug 19 09:11:13 2004
MD5 Checksum:2784d03239f365c57e67ba8e8b3840ab

 ///  File Name: glsa-200408-25.txt
Description:
Gentoo Linux Security Advisory GLSA 200408-25 - MoinMoin contains a bug allowing anonymous users to bypass ACLs (Access Control Lists) and carry out operations that should be limited to authorized users. Versions 1.2.2 and below are affected.
Homepage:http://security.gentoo.org/
File Size:2869
Related OSVDB(s):8194,8195
Last Modified:Aug 31 02:47:44 2004
MD5 Checksum:42f551f6f0e22f94d33e4d2751e59828

 ///  File Name: glsa-200408-26.txt
Description:
Gentoo Linux Security Advisory GLSA 200408-26 - zlib versions 1.2.1-r2 and below contain a bug in the handling of errors for the inflate() and inflateBack() functions, allowing for a denial of service attack.
Homepage:http://security.gentoo.org/
File Size:2853
Last Modified:Aug 31 04:28:36 2004
MD5 Checksum:f39ed46944fcd99ccbcfb1a8ba460203

 ///  File Name: glsa-200408-27.txt
Description:
Gentoo Linux Security Advisory GLSA 200408-27 - Gaim versions below 0.81-r5 contain several security issues that might allow an attacker to execute arbitrary code or commands.
Homepage:http://security.gentoo.org/
File Size:3120
Last Modified:Aug 31 05:20:19 2004
MD5 Checksum:fa74b29e37b3399e3e34150e3011dd00

 ///  File Name: GLSA200408-07.txt
Description:
Gentoo Linux Security Advisory - Horde-IMP fails to properly sanitize email messages that contain malicious HTML or script code so that it is not safe for users of Internet Explorer when using the inline MIME viewer for HTML messages. Versions below and equal to 3.2.4 are vulnerable.
Homepage:http://security.gentoo.org/
File Size:2885
Last Modified:Aug 11 01:48:07 2004
MD5 Checksum:1d43e3497ba76a2ae33efe3d52430e9f

 ///  File Name: gm008-op.txt
Description:
GreyMagic Security Advisory GM#008-OP - Opera versions 7.53 and below on Windows, Linux and Macintosh fail to block write-access to the often-used location object, allowing an attacker to gain immediate script access to any webpage.
Homepage:http://www.greymagic.com/security/advisories/gm008-op/
File Size:4091
Last Modified:Aug 7 22:26:42 2004
MD5 Checksum:6cc54f7d3c3f95e52dbbea817fd6f10f

 ///  File Name: gm009-op.txt
Description:
GreyMagic Security Advisory GM#009-OP - Opera versions 7.53 and below on Windows, Linux and Macintosh have a flaw that allows an attacker the ability to figure out whether or not a file or directory exists.
Homepage:http://www.greymagic.com/security/advisories/gm009-op/
File Size:2761
Last Modified:Aug 19 07:42:29 2004
MD5 Checksum:5c4f31b02a2a510a1b74358ce14fd548

 ///  File Name: groundControl1007.txt
Description:
Ground Control II: Operation Exodus versions 1.0.0.7 and below is susceptible to a denial of service attack when a packet larger than the maximum size supported is received.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:gc2boom.zip"
File Size:2246
Last Modified:Aug 31 02:54:13 2004
MD5 Checksum:279e738eb258ca3d2460e9855d873859

 ///  File Name: hastysec.html
Description:
Hastymail version 1.0.1 stable and below and 1.1 development and below suffer from a cross site scripting flaw.
Homepage:http://hastymail.sourceforge.net/security.php
File Size:9183
Last Modified:Aug 26 19:02:50 2004
MD5 Checksum:79ebd296718b3fce8e89dd39a67b448c

 ///  File Name: HS04-005_e.html
Description:
Hitachi Security Advisory - The JP1/File Transmission Server/FTP is susceptible to a denial of service attack. It would be seriously impressive if their advisories could be more vague.
Homepage:http://www.hitachi-support.com/security_e/vuls_e/HS04-005_e/index-e.html
File Size:3837
Last Modified:Aug 26 19:15:15 2004
MD5 Checksum:7cebbc56d7076439d5e39304f75270c3

 ///  File Name: IEdetect.txt
Description:
Much like in the recent advisory about detection of directories in Opera, a similar method of detection has been discovered in Internet Explorer versions 6 and 5.
Author:Martin Aberastegue
Homepage:http://www.rzw.com.ar
Related File:gm009-op.txt
File Size:2095
Last Modified:Aug 26 20:39:56 2004
MD5 Checksum:fac2f3f45bed49b99f76b4e49dc789e4

 ///  File Name: infoOverflow.txt
Description:
The info utility version 4.7-2.1 has an overflow that is exploitable if for some odd reason the binary was set setuid, which it is not by default.
Author:Josh Martin
File Size:1990
Last Modified:Aug 7 22:27:52 2004
MD5 Checksum:c50817171e81d9c336d6465a02a1699e

 ///  File Name: IRM-010.txt
Description:
IRM Security Advisory 010 - A bug exists in the Top Layer Attack Mitigator IPS 5500 software. In versions below 3.11.014, it can cause the IPS 5500 device to incorrectly enter an overload protection mode and negatively impact network traffic. In extreme cases, this can cause a denial of service condition. More than 2,000 concurrent HTTP requests can cause this condition to occur.
Homepage:http://www.irmplc.com/advisories
File Size:3478
Last Modified:Aug 26 23:45:05 2004
MD5 Checksum:c0ca33ff2cb9e29de9783e1085968115

 ///  File Name: jaw04.txt
Description:
A vulnerability exists in jaws 0.4 that allows anyone to get in the control panel with administrator rights without a password due to a SQL injection flaw.
Author:Fernando Quintero
File Size:4372
Last Modified:Aug 5 06:19:52 2004
MD5 Checksum:23a75393fe4c2cebd56b9b784d269fdc

 ///  File Name: jshopXSS.txt
Description:
JShop has a flaw in page.php that allows for cross site scripting attacks.
Author:Dr Ponidi
File Size:2014
Last Modified:Aug 24 09:33:39 2004
MD5 Checksum:1d1963acc617292e0cf2a9e10b1271df

 ///  File Name: kotikWinAmp.txt
Description:
Advisory addendum for the Winamp vulnerability where insufficient restrictions on Winamp skin zip files (.wsz) allow a malicious attacker to place and execute arbitrary programs.
Homepage:http://www.k-otik.com
Related Exploit:winampExploit.txt"
File Size:1462
Last Modified:Aug 31 02:34:55 2004
MD5 Checksum:a017f7187f410f1253d2dec3b040be47

 ///  File Name: linpha094.txt
Description:
LinPHA versions 0.9.4 suffers from SQL injection attacks due to an input validation error in the session.php script.
Author:Fernando Quintero
File Size:3498
Last Modified:Aug 5 05:33:56 2004
MD5 Checksum:bc923b52c211af7d22d58e85dafdf899

 ///  File Name: lostBook11.txt
Description:
A vulnerability in lostBook versions 1.1 and below allows script insertion attacks.
Author:r3d5pik3
File Size:1560
Last Modified:Aug 5 05:29:21 2004
MD5 Checksum:93bd8127b8e7e100d64c9c254a39fc7c

 ///  File Name: mantis.txt
Description:
Mantis is susceptible to multiple cross site scripting vulnerabilities.
Author:Joxean Koret
File Size:5070
Last Modified:Aug 24 08:51:40 2004
MD5 Checksum:6896f72f2835a6235ef933293bc19c87

 ///  File Name: mantisPHP.txt
Description:
Mantis suffers from a remote PHP code execution vulnerability when the REGISTER_GLOBAL variable is set.
Author:Joxean Koret
File Size:2151
Last Modified:Aug 24 08:58:44 2004
MD5 Checksum:42cc3d041e12b5bd891a088fe3d2331b

 ///  File Name: moodle13.2.txt
Description:
Moodle versions 1.3 and below suffer from multiple cross site scripting flaws.
Author:Javier Ubilla Brenni
File Size:2321
Last Modified:Aug 10 02:01:25 2004
MD5 Checksum:3c4960d6144091dcdfcab8a80aa9dd76

 ///  File Name: msowa55.txt
Description:
Microsoft Outlook Web Access (OWA) for Exchange 5.5 is vulnerable to an HTTP Response Splitting attack.
Author:Amit Klein
Homepage:http://www.sanctuminc.com/
File Size:1993
Last Modified:Aug 12 09:38:36 2004
MD5 Checksum:8bf66d3a4df3ada9dac211e1232790e8

 ///  File Name: NetBSD-SA2004-009.txt
Description:
NetBSD Security Advisory 2004-009 - A set of flaws in the ftpd source code can be used together to achieve root access within an ftp session. With root file manipulation ability, mechanisms to gain a shell are numerous, so this issue should be considered a remote root situation.
Author:Przemyslaw Frasunek
Homepage:http://www.netbsd.org/
File Size:6835
Last Modified:Aug 19 09:43:54 2004
MD5 Checksum:60a69638e2b72d77727e6df6111bd434