Section:  .. / 0402-advisories  /

Page 4 of 5
<< 1 2 3 4 5 >> Files 75 - 100 of 107
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: sandblad13.txt
Description:
Using the mozilla browser, while linking to a new page it is still possible to interact with the old page before the new page has been successfully loaded. Any javascript events fired will be invoked in the context of the new page, making cross site scripting possible if the pages belong to different domains.
Author:Andreas Sandblad
File Size:2345
Last Modified:Feb 25 19:37:00 2004
MD5 Checksum:0182fb09a637cc8e469d1eb51bc5fbd4

 ///  File Name: innomedia.txt
Description:
The InnoMedia VideoPhone version au75200xvi04010x on the Windows platform is susceptible to an authorization bypass when attempting to via a file as a folder. The underlying webserver is GoAhead-Webs.
Author:Rafel Ivgi aka The-Insider
Homepage:http://theinsider.deep-ice.com
File Size:2311
Last Modified:Feb 28 20:17:00 2004
MD5 Checksum:9bc0a3993865e43e93e00e3419d29c32

 ///  File Name: ghostrecon.txt
Description:
The Ghost Recon engine versions 1.4 and below along with some other games developed by Redstorm are vulnerable to a remote crash.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:2267
Last Modified:Feb 24 23:17:00 2004
MD5 Checksum:22c10d2cb22a420e9ad7f8ef47678b3d

 ///  File Name: webforums16.txt
Description:
Web Forums Server versions 1.6 and below suffer from CSS/XSS vulnerability.
Author:nimber
File Size:2207
Last Modified:Feb 3 01:00:00 2004
MD5 Checksum:ab1fcda7b783e1eaddae29a12d185021

 ///  File Name: chaser-adv.txt
Description:
Chaser versions 1.50 and below have a memory allocation error in both the client and server parts of the game. Related test exploit for the server is here. Related test exploit for the client is here.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org/
File Size:2197
Last Modified:Feb 4 00:50:00 2004
MD5 Checksum:51a492b0c7d335f693b14b64a5a66e70

 ///  File Name: purge.txt
Description:
Purge versions 1.4.7 and below and Purge Jihad versions 2.0.1 and below have buffer overflows affecting the clients of this game.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:2195
Last Modified:Feb 17 00:02:00 2004
MD5 Checksum:616cae731fc987a1e1f2659952800ce2

 ///  File Name: redfaction120.txt
Description:
Red Faction versions 1.20 and below for Windows and MacOS is susceptible to a buffer overflow client-side.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:2145
Last Modified:Mar 1 20:49:00 2004
MD5 Checksum:142a5eeea2b52b07f705d67926670026

 ///  File Name: phpnukeSQL.txt
Description:
PHPNuke versions greater than 6.9 are susceptible to SQL injection attacks that allow a remote attacker to get an administrator's hash to achieve to administrator access.
Author:pokleyzz
File Size:2139
Last Modified:Feb 10 18:12:00 2004
MD5 Checksum:10409d176ded0ab738e079c21cc40ce7

 ///  File Name: yabbSE2.txt
Description:
YaBB SE versions 1.54 and 1.55 are susceptible to a SQL injection vulnerability that allows a remote attacker to execute malicious SQL statements on the database remotely.
Author:Backspace
File Size:2115
Last Modified:Feb 17 05:03:00 2004
MD5 Checksum:20fb54b982621646ae144439455a9bbd

 ///  File Name: 02.23.04.txt
Description:
iDEFENSE Security Advisory 02.23.04: Exploitation of a flaw in Apple Computer Inc's Darwin Streaming Server allows unauthenticated remote attackers to prevent legitimate usage.
Homepage:http://www.idefense.com/
File Size:2039
Last Modified:Feb 24 18:30:00 2004
MD5 Checksum:eff45c2697024a5ec7a5cee6b6c6277b

 ///  File Name: typsoft110.txt
Description:
TYPSoft FTP Server 1.10 for Windows 9X and WinNT is vulnerable to a denial of service attack when a blank username is supplied.
Author:intuit
File Size:2004
Last Modified:Feb 4 21:03:00 2004
MD5 Checksum:bf3f9ebbe5fcba752498d37620560981

 ///  File Name: XBOXoverflow.txt
Description:
The XBOX EvolutionX dashboard has buffer overflows in both the ftp cd and telnet dir commands.
Author:Jokko
File Size:1988
Last Modified:Feb 10 17:00:00 2004
MD5 Checksum:9842125792702e3e853074e72ee471e2

 ///  File Name: PHPXportal.txt
Description:
PHPX versions 3.2.3 and below suffer from cross site scripting, code injection, and cookie hijacking flaws.
Author:Manuel L�pez
File Size:1929
Last Modified:Feb 4 02:33:00 2004
MD5 Checksum:72601f3690201f010e5fd30f0d1f8566

 ///  File Name: XPimage.txt
Description:
The image preview code that explorer uses in Microsoft Windows XP allows a malformed .emf file to cause an exploitable heap overflow in shimgvw.dll.
Author:Jellytop
File Size:1877
Last Modified:Feb 21 22:23:00 2004
MD5 Checksum:4b985f074f5b2f320f249c8430ee15a9

 ///  File Name: AvirtSoho43.txt
Description:
Avirt SOHO version 4.3 is susceptible to a remote buffer overflow via a large GET request passed on ports 1080 and 8080.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1715
Last Modified:Feb 23 18:56:00 2004
MD5 Checksum:57c79df112f55a7c439429392806c4fb

 ///  File Name: haegemonia.txt
Description:
Haegemonia versions 1.07 and below have a remote vulnerability where the reading of unallocated memory causes a crash.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:1649
Last Modified:Feb 24 22:23:00 2004
MD5 Checksum:0bb1907284719014c8060b11d83e4222

 ///  File Name: Avirt40.txt
Description:
Avirt Voice version 4.0 is susceptible to a remote buffer overflow via a large GET request passed on port 1080.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1600
Last Modified:Feb 23 18:08:00 2004
MD5 Checksum:77ac5e1c8c67c549d691a0def05b6633

 ///  File Name: monkey081.txt
Description:
Monkey httpd versions 0.8.1 and below suffer from a denial of service vulnerability when subjected to specially crafted HTTP requests.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:1583
Last Modified:Feb 12 00:44:00 2004
MD5 Checksum:8cb5fcea4d067186cd0fc4e8edeae700

 ///  File Name: phpBBXSS.txt
Description:
phpBB's ViewTopic.php script is vulnerable to a cross site scripting attack.
Author:Cheng Peng Su
File Size:1570
Last Modified:Feb 29 22:11:00 2004
MD5 Checksum:cf7d999c135a18776b6c789e7da3f45c

 ///  File Name: cesarFTP099.txt
Description:
CesarFTP version 0.99e has a bug that can cause the system to employ 100 percent of its resources.
Author:intuit
Homepage:http://rootshells.tk/
File Size:1560
Last Modified:Feb 18 14:48:00 2004
MD5 Checksum:c78e1f637133520d69a04107b63c2ae7

 ///  File Name: vizer191.txt
Description:
Vizer webserver version 1.9.1 is susceptible to a denial of service attack due to mismanaging input strings for HTTP requests.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1537
Last Modified:Feb 18 03:08:00 2004
MD5 Checksum:f9e8ea9de1a03f2ef23937c90bcc3f37

 ///  File Name: PSOProxy091.txt
Description:
The PSOProxy server version 0.91 has a buffer overflow vulnerability when handling large GET requests.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
Related Exploit:PSOProxy.c
File Size:1524
Last Modified:Feb 20 19:06:00 2004
MD5 Checksum:ac59f17fd7642c57beb983616882e383

 ///  File Name: freechat111a.txt
Description:
FreeChat version 1.1.1a has problems parsing certain strings resulting in a denial of service.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1432
Last Modified:Feb 25 21:01:00 2004
MD5 Checksum:c03ec67f5051430b8705f4b618675070

 ///  File Name: mailmgr.txt
Description:
mailmgr version 1.2.3 is vulnerable to symlink attacks. If the utility is run as root, any file on the system can be overwritten.
Author:Marco van Berkum
File Size:1334
Last Modified:Feb 13 02:56:00 2004
MD5 Checksum:a0f7ca82945ecb9df067978cd8d70653

 ///  File Name: servU.MDTM.txt
Description:
Serv-U MDTM versions 5.0.0.4 and below suffer from a command buffer overflow.
Author:bkbll
Homepage:http://www.cnhonker.com
File Size:1295
Last Modified:Feb 26 20:38:00 2004
MD5 Checksum:4daa465d2501788fda0d70d16a91407b