Section:  .. / 0405-advisories  /

Page 4 of 5
<< 1 2 3 4 5 >> Files 75 - 100 of 105
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: PaX26DoS.txt
Description:
A denial of service condition exists in the PaX kernel patch for the 2.6 series that will put the kernel in an infinite loop when ASLR is enabled.
Author:chris
Homepage:http://www.cr-secure.net
File Size:1913
Last Modified:May 4 04:48:44 2004
MD5 Checksum:eb21d32408eb877a5db16ba7dc01cedc

 ///  File Name: webctxss.txt
Description:
WebCT is susceptible to cross site scripting vulnerabilities.
Author:spiffomatic64
File Size:1881
Last Modified:May 18 06:05:57 2004
MD5 Checksum:793da5337c66e4626ad0ae969206ede5

 ///  File Name: sa11567.txt
Description:
SmOk3 has reported a vulnerability in e107 version 0.x, which can be exploited to conduct script insertion attacks.
Homepage:http://secunia.com/advisories/11567/
File Size:1880
Last Modified:May 9 21:52:05 2004
MD5 Checksum:eeed8627e5844582baaf7f9690bb9d15

 ///  File Name: snsadv72.txt
Description:
An ActiveX Control provided by Symantec Norton Antivirus 2004 contains a remotely exploitable DoS condition. In order to trigger this vulnerability, malicious website administrators must induce Internet Explorer users to view a specially crafted web site, which will consequently consume a lot of system resources.
Author:Yuu Arai
File Size:1861
Last Modified:May 21 20:50:54 2004
MD5 Checksum:0c470107c4caf6f7546c5adf7298267e

 ///  File Name: sa11723.txt
Description:
OpenBSD has issued an update for xdm. This fixes a security issue, which potentially may allow malicious users to gain unintended access to a system. A CVS version of XFree86 xdm, which is included in some versions of OpenBSD, has an error that causes it to listen for queries on a random TCP socket, even though requestPort is set to 0 in the configuration file.
Author:Steve Rumble
File Size:1858
Last Modified:May 30 22:04:52 2004
MD5 Checksum:14b9c747284af8f4286f2b266ebb0c4a

 ///  File Name: trendofficeVirus.txt
Description:
The default installation of Trend OfficeScan allows a non administrative user to disable the service due to weak permissions, stopping the Antivirus software from working. Versions 3.0 to 6.0 are affected.
Author:Matt
File Size:1856
Last Modified:May 9 20:17:50 2004
MD5 Checksum:02be56229b81301f0bb9c27534f66f01

 ///  File Name: sweexwap.txt
Description:
Sweex Wireless Broadband Routers have tftp enabled by default with no way to restrict the service, allowing malicious attackers to download configuration files.
Author:Mark Janssen
File Size:1837
Last Modified:May 14 01:19:00 2004
MD5 Checksum:9102e515c85e722dbadd00db7d74635f

 ///  File Name: moodle13.txt
Description:
Moodle versions 1.3 and below suffer from a cross site scripting flaw.
Author:Bartek Nowotarski
Homepage:http://silence.0.pl
File Size:1815
Last Modified:May 4 04:41:13 2004
MD5 Checksum:43b17860cae91cf14465bd4e99d36a37

 ///  File Name: sa11604.txt
Description:
Mark Cox has reported a vulnerability in ZoneMinder, potentially allowing malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the handling of query strings. This can be exploited to cause a buffer overflow via a specially crafted query. Successful exploitation may potentially allow execution of arbitrary code. All versions prior to 1.19.2 are affected.
Homepage:http://www.zoneminder.com/fileadmin/downloads/README-1.19.3.html
File Size:1786
Related CVE(s):CAN-2004-0227
Last Modified:May 13 23:31:30 2004
MD5 Checksum:5eb0cfeebc83f62ed40375deed5457f5

 ///  File Name: eudoraConceal.txt
Description:
Eudora is susceptible to a fraudulent URL vulnerability where a malicious URL can be masked behind what appears to be a legitimate link in the client. This technique is used commonly by phishers.
Author:Brett Glass
File Size:1786
Last Modified:May 9 20:43:48 2004
MD5 Checksum:b858f46e715bf5933a065b2cd00ef30a

 ///  File Name: icecast.txt
Description:
A vulnerability exists in Icecast 2.x that can cause a denial of service condition.
Author:ned
File Size:1782
Last Modified:May 14 01:23:06 2004
MD5 Checksum:315dd4a7b1126cb8be23ffe6c83a6d9e

 ///  File Name: p4db.txt
Description:
P4DB versions 2.01 and below suffer from a lack of proper user input validation that allows for remote arbitrary command execution. Some cross site scripting flaws also exist.
Author:Jon McClintock
File Size:1722
Last Modified:May 7 23:02:11 2004
MD5 Checksum:ae4d1f584dcca17dc47571d4cceb2348

 ///  File Name: outpost.txt
Description:
Outpost Pro Firewall has a flaw that allows malicious people to cause a Denial of Service. The issue has been reported in Agnitum Outpost Pro Firewall version 2.1. Prior versions may also be affected.
Author:Armin Pelkmann
File Size:1693
Last Modified:May 14 01:21:44 2004
MD5 Checksum:7dd17a71642694ba7857cd6cabec5c07

 ///  File Name: outlook2k3.txt
Description:
Outlook 2003 has a flaw that will allow malicious spammers to verify whether or not a recipient has read an email.
Author:http-equiv
Homepage:http://www.malware.com/
File Size:1677
Last Modified:May 12 22:10:14 2004
MD5 Checksum:ec1578a8e7a78f2568956d0d1825a58f

 ///  File Name: cqurecitrix.txt
Description:
MetaFrame XP Presentation Server and MetaFrame 1.8 have a flaw that allows an administrator account to mount any client drive available in any user's Citrix session.
Author:Patrik Karlsson
Homepage:http://www.cqure.net
File Size:1614
Last Modified:May 4 04:34:51 2004
MD5 Checksum:4e78bb9e52e44f87d4c6a271a57bcf50

 ///  File Name: sa11678.txt
Description:
A vulnerability, caused due to an unspecified error within Xconfig, has been discovered in Exceed versions 9.x. When exploited, local users can bypass certain restrictions.
File Size:1603
Last Modified:May 21 21:31:15 2004
MD5 Checksum:ada06fe31a9d22224b90f762e8905320

 ///  File Name: safari12.txt
Description:
Safari versions 1.2 and below suffer from a vulnerability that can lead to remote arbitrary code execution via the runscript aspect of the HTML rendering functionality.
Author:kang
File Size:1486
Last Modified:May 18 06:08:46 2004
MD5 Checksum:fb01452d5c8420ed352357b019941075

 ///  File Name: hatsquad.txt
Description:
Hat-Squad Advisory - A remote heap overflow has been discovered in MailEnable Professional Edition versions 1.5 to 1.7. Sending an HTTP request with more than 4045 bytes to MEHTTPS service will cause a heap buffer overflow while logging is enabled. It is possible for a remote attacker to execute code as SYSTEM.
Author:Behrang Fouladi
Homepage:http://www.hat-squad.com/en/000071.html
File Size:1450
Last Modified:May 11 06:22:54 2004
MD5 Checksum:e8cbedf18c0432171619a7f7f9c9f925

 ///  File Name: e107flaw.txt
Description:
All versions of e107 have a vulnerability that allows html tags and content to be posted to the stats page and to be listed under Referers. This allows an attacker to put any site link or code they want on the list of Referers.
Author:Chinchilla
File Size:1302
Last Modified:May 21 20:41:55 2004
MD5 Checksum:41a2f539fb007db163ce4892b4db18a9

 ///  File Name: imperva.crystal.txt
Description:
Imperva's Application Defense Center has announced that several vulnerabilities exist in BusinessObject's Crystal Reports' Web Interface. These vulnerabilities allow a potential hacker to retrieve and delete any file from the file system of the server on which it runs, as well as causing a complete denial of service to the server.
Author:Ofer Maor
Homepage:http://www.imperva.com/adc/
File Size:1155
Last Modified:May 4 04:45:54 2004
MD5 Checksum:97e058b7658f8cab3f13b8fc0082baab

 ///  File Name: liferayxss.txt
Description:
Liferay Enterprise Portal is said to be subject to multiple cross site scripting flaws.
Author:Sandeep Giri
File Size:1130
Last Modified:May 24 08:17:49 2004
MD5 Checksum:b5be4c30a75c28ec3b6d61d0b67301ae

 ///  File Name: lduXSS.txt
Description:
A cross site scripting vulnerability exist in the BBcodes of the LDU forum.
Author:crypt0
Homepage:http://www.cyber-war.org
File Size:1083
Last Modified:May 30 21:51:49 2004
MD5 Checksum:924907310ffd3709f6b835eadee11418

 ///  File Name: ieImageMap.txt
Description:
A vulnerability has been found in Microsoft Internet Explorer that allows an attacker to use a specially coded ImageMap to spoof the URL displayed in the lower, left hand corner of the browser.
Author:Paul Kurczaba
Homepage:http://www.kurczaba.com/
File Size:960
Last Modified:May 18 06:10:46 2004
MD5 Checksum:90f0acee4e7ae4b72da9e91108fd49c9

 ///  File Name: heimdal.txt
Description:
Heimdal releases prior to 0.6.2 with kadmind version4 have been found vulnerable to a remote pre-auth heap overflow.
Author:Evgeny Demidov
File Size:912
Related CVE(s):CAN-2004-0434
Last Modified:May 7 22:53:15 2004
MD5 Checksum:3714c70cdaa7bc3f8b7c84249e6bdbcf

 ///  File Name: zencart112d.txt
Description:
Zen Cart version 1.1.2d fails to properly validate user-supplied input and in turn allows remote attackers the ability to perform SQL injection attacks.
Author:Oliver Minack
File Size:722
Last Modified:May 19 20:40:03 2004
MD5 Checksum:b4770c2d3d0c9e3874c75e2ea480dd9b