Section:  .. / 0408-advisories  /

Page 1 of 6
<< 1 2 3 4 5 6 >> Files 1 - 25 of 147
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: xoops2x.txt
Description:
XOOPS versions 2.x is susceptible to a cross site scripting flaw in the Dictionary module.
Homepage:http://cyruxnet.org
File Size:5942
Last Modified:Sep 2 08:45:40 2004
MD5 Checksum:f375214a1bc893f211d91e00f68cc006

 ///  File Name: sa12397.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Samba 2.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the handling of client printer change notification requests. This can be exploited to crash smbd by sending a FindNextPrintChangeNotify() request without first sending a FindFirstPrintChangeNotify() request.
Homepage:http://secunia.com/advisories/12397/
File Size:1823
Last Modified:Aug 31 05:36:26 2004
MD5 Checksum:d5666c5e84b029db9b0ccfd7634259e9

 ///  File Name: sa12401.txt
Description:
Secunia Security Advisory - A security issue has been reported in Smart Guest Book 2.x, which may allow malicious people to gain knowledge of sensitive information. The problem is that the database file SmartGuestBook.mdb by default is accessible by anyone. This may disclose various information including the administrative username and password by downloading the file from an affected web site.
Homepage:http://secunia.com/advisories/12401/
File Size:1734
Last Modified:Aug 31 05:30:15 2004
MD5 Checksum:4f23137671107931fc773cadb6479342

 ///  File Name: wsFTP-DoS.txt
Description:
A vulnerability has been found in WS_FTP Server version 5.0.2. The problem is in the module handling the file path parsing.
Author:lion
File Size:792
Last Modified:Aug 31 05:29:04 2004
MD5 Checksum:45f8ca017c4f17ceda928639cf45fc29

 ///  File Name: cutenews136.txt
Description:
Cute news versions 1.3.6 and below have a world writable news.txt file that allows for site defacement.
Author:e0r
File Size:1393
Last Modified:Aug 31 05:22:08 2004
MD5 Checksum:b4cb4a9a78153ee63a1d36488fbaafdb

 ///  File Name: glsa-200408-27.txt
Description:
Gentoo Linux Security Advisory GLSA 200408-27 - Gaim versions below 0.81-r5 contain several security issues that might allow an attacker to execute arbitrary code or commands.
Homepage:http://security.gentoo.org/
File Size:3120
Last Modified:Aug 31 05:20:19 2004
MD5 Checksum:fa74b29e37b3399e3e34150e3011dd00

 ///  File Name: sa12392.txt
Description:
Secunia Security Advisory - A vulnerability in Netscape can be exploited by malicious people to conduct phishing attacks. The problem is caused due to errors in the displaying of Java applets in a window when multiple tabs are used. This can be exploited to spoof the content of a HTML document from another HTML document being in a different tab. The vulnerability has been confirmed in Netscape 7.2 on Mac OS X 10.3.5.
Author:J. Courcoul
Homepage:http://secunia.com/advisories/12392/
File Size:1749
Last Modified:Aug 31 05:06:12 2004
MD5 Checksum:a3d5839b567a1ced126ff50a8cb12dfb

 ///  File Name: sa12393.txt
Description:
Secunia Security Advisory - A vulnerability in Network Everywhere Cable/DSL 4-Port Router NR041 allows malicious people to conduct script insertion attacks.
Author:Mathieu Lacroix
Homepage:http://secunia.com/advisories/12393/
File Size:1932
Last Modified:Aug 31 05:04:47 2004
MD5 Checksum:a16e7b695f21d5302d8f217bebf320d4

 ///  File Name: glsa-200408-26.txt
Description:
Gentoo Linux Security Advisory GLSA 200408-26 - zlib versions 1.2.1-r2 and below contain a bug in the handling of errors for the inflate() and inflateBack() functions, allowing for a denial of service attack.
Homepage:http://security.gentoo.org/
File Size:2853
Last Modified:Aug 31 04:28:36 2004
MD5 Checksum:f39ed46944fcd99ccbcfb1a8ba460203

 ///  File Name: sa12364.txt
Description:
Secunia Security Advisory - An unspecified vulnerability with an unknown impact has been reported in SugarCRM versions below 1.1f.
Homepage:http://secunia.com/advisories/12364/
File Size:1464
Last Modified:Aug 31 04:26:11 2004
MD5 Checksum:4bad8783ac506022448353648997112a

 ///  File Name: sa12366.txt
Description:
Secunia Security Advisory - Multiple vulnerabilities have been reported in iChain, which can be exploited by malicious people to bypass security restrictions and conduct cross-site scripting and DoS (Denial of Service) attacks.
Homepage:http://secunia.com/advisories/12366/
File Size:2483
Last Modified:Aug 31 04:25:07 2004
MD5 Checksum:a5351bd9bbf71b235213d1cf6f9d34a7

 ///  File Name: cisco-sa-20040827-telnet.txt
Description:
Cisco Security Advisory - A specifically crafted Transmission Control Protocol (TCP) connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System (IOS) may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases Hypertext Transport Protocol (HTTP) access to the Cisco device. Telnet, reverse telnet, RSH and SSH sessions established prior to exploitation are not affected. This vulnerability affects all Cisco devices that permit access via telnet or reverse telnet and are running an unfixed version of IOS.
Homepage:http://www.cisco.com/warp/public/707/cisco-sa-20040827-telnet.shtml
File Size:16453
Last Modified:Aug 31 02:59:58 2004
MD5 Checksum:506177d4b5000333071ea77d07b93772

 ///  File Name: groundControl1007.txt
Description:
Ground Control II: Operation Exodus versions 1.0.0.7 and below is susceptible to a denial of service attack when a packet larger than the maximum size supported is received.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:gc2boom.zip"
File Size:2246
Last Modified:Aug 31 02:54:13 2004
MD5 Checksum:279e738eb258ca3d2460e9855d873859

 ///  File Name: glsa-200408-25.txt
Description:
Gentoo Linux Security Advisory GLSA 200408-25 - MoinMoin contains a bug allowing anonymous users to bypass ACLs (Access Control Lists) and carry out operations that should be limited to authorized users. Versions 1.2.2 and below are affected.
Homepage:http://security.gentoo.org/
File Size:2869
Related OSVDB(s):8194,8195
Last Modified:Aug 31 02:47:44 2004
MD5 Checksum:42f551f6f0e22f94d33e4d2751e59828

 ///  File Name: kotikWinAmp.txt
Description:
Advisory addendum for the Winamp vulnerability where insufficient restrictions on Winamp skin zip files (.wsz) allow a malicious attacker to place and execute arbitrary programs.
Homepage:http://www.k-otik.com
Related Exploit:winampExploit.txt"
File Size:1462
Last Modified:Aug 31 02:34:55 2004
MD5 Checksum:a017f7187f410f1253d2dec3b040be47

 ///  File Name: sa12375.txt
Description:
Secunia Security Advisory - A vulnerability exists in GNU a2ps 4.x that allows local users to escalate privileges due to insufficient validation of shell escape characters in filenames.
Author:Rudolf Polzer
Homepage:http://secunia.com/advisories/12375/
File Size:2045
Last Modified:Aug 31 02:31:49 2004
MD5 Checksum:390af2b49f5c43f1c0aa7f618c5738c1

 ///  File Name: openbsdDoS.txt
Description:
OpenBSD 3.5 is susceptible to a remote denial of service attack via a single ICMP echo request when set up as a gateway. Patch from OpenBSD included.
Author:Vafa Izadinia
File Size:1840
Last Modified:Aug 31 01:58:08 2004
MD5 Checksum:daeff80712162785ed832644720c5da5

 ///  File Name: gaucho140.html
Description:
Gaucho version 1.4 Build 145 is vulnerable to a buffer overflow when receiving malformed emails from a POP3 server. This vulnerability is triggered if Gaucho receives from the POP3 server, a specially crafted email that has an abnormally long string in the Content-Type field of the email header. This string will overwrite EIP via SEH, and can be exploited to execute arbitrary code.
Author:Tan Chew Keong
Homepage:http://www.security.org.sg/vuln/gaucho140.html
Related Exploit:gaucho140poc.cpp.txt"
File Size:3679
Last Modified:Aug 27 00:21:07 2004
MD5 Checksum:3382c9b3cbaca0beaf6ed81da2bcec76

 ///  File Name: cisco-sa-20040825-acs.shtml
Description:
Cisco Security Advisory: Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) provide authentication, authorization, and accounting (AAA) services to network devices such as a network access server, Cisco PIX and a router. This advisory documents multiple Denial of Service (DoS) and authentication related vulnerabilities for the ACS Windows and the ACS Solution Engine servers.
Homepage:http://www.cisco.com/warp/public/707/cisco-sa-20040825-acs.shtml
File Size:26413
Last Modified:Aug 27 00:06:18 2004
MD5 Checksum:f2858435ac4834d0979d5e35489c7479

 ///  File Name: 08.25.04-2.txt
Description:
iDEFENSE Security Advisory 08.25.04-2 - Exploitation of a buffer overflow in the libDtHelp library included with CDE can allow local attackers to gain root privileges. The vulnerability specifically exists due to a lack of bounds checking on the LOGNAME environment variable. Local attackers can specify a long LOGNAME to trigger a buffer overflow in any application linked with libDtHelp. The overflow is activated once the help subsystem is accessed by selecting any option under the Help menu.
Homepage:http://www.idefense.com/
File Size:4214
Related CVE(s):CAN-2003-0834
Last Modified:Aug 26 23:53:32 2004
MD5 Checksum:78f592957d67bd46e19e9549026d4408

 ///  File Name: 08.25.04.txt
Description:
iDEFENSE Security Advisory 08.25.04 - Remote exploitation of a buffer overflow vulnerability in Ipswitch Inc.'s WhatsUp Gold allows attackers to execute arbitrary code under the privileges of the user that instantiated the application. The problem specifically exists in the _maincfgret.cgi script accessible through the web server installed by WhatsUp Gold. By posting a long string for the value of 'instancename', a buffer overflow occurs allowing an attacker to redirect the flow of control and eventually execute arbitrary code. Fixed in version 8.03 Hotfix 1.
Homepage:http://www.idefense.com/
File Size:3015
Related CVE(s):CAN-2004-0798
Last Modified:Aug 26 23:51:30 2004
MD5 Checksum:acc26795c70843096074444b58e4db2f

 ///  File Name: IRM-010.txt
Description:
IRM Security Advisory 010 - A bug exists in the Top Layer Attack Mitigator IPS 5500 software. In versions below 3.11.014, it can cause the IPS 5500 device to incorrectly enter an overload protection mode and negatively impact network traffic. In extreme cases, this can cause a denial of service condition. More than 2,000 concurrent HTTP requests can cause this condition to occur.
Homepage:http://www.irmplc.com/advisories
File Size:3478
Last Modified:Aug 26 23:45:05 2004
MD5 Checksum:c0ca33ff2cb9e29de9783e1085968115

 ///  File Name: sa12368.txt
Description:
Secunia Security Advisory - Sourvivor has reported a vulnerability in Plesk 7.x, which can be exploited by malicious people to conduct cross-site scripting attacks.
Homepage:http://secunia.com/advisories/12368/
File Size:2030
Last Modified:Aug 26 23:41:35 2004
MD5 Checksum:ed7544af4c14d68e5aea799d40b28585

 ///  File Name: sa12379.txt
Description:
Secunia Security Advisory - ISS X-Force has reported a vulnerability in the NSS library included with various Netscape products, which can be exploited by malicious people to compromise a vulnerable system. Affected systems: Netscape Enterprise Server, Netscape Personalization Engine, Netscape Directory Server, Netscape Certificate Management System. Editor's Note: This advisory was posted because ISS refuses to grant Packet Storm permission to add their advisories.
Homepage:http://secunia.com/advisories/12379/
File Size:1975
Last Modified:Aug 26 23:37:11 2004
MD5 Checksum:f8c0a0e86f4f097676ba8767cf8b149e

 ///  File Name: sa12378.txt
Description:
Secunia Security Advisory - ISS X-Force has reported a vulnerability in the NSS library included with Sun Java System Web Server, which can be exploited by malicious people to compromise a vulnerable system. System affected: Sun Java System Web Server (Sun ONE/iPlanet) 6.x. Editor's Note: This advisory was posted because ISS refuses to grant Packet Storm permission to add their advisories.
Homepage:http://secunia.com/advisories/12378/
File Size:1656
Last Modified:Aug 26 23:33:24 2004
MD5 Checksum:33c979db0b342f7b89e56a7a66244550