Section:  .. / 0405-advisories  /

Page 4 of 5
<< 1 2 3 4 5 >> Files 75 - 100 of 105
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: rsync.html
Description:
A security problem exists in all versions of rsync prior to 2.6.1 that affects anyone running a read/write daemon without using a chrooted environment.
Homepage:http://samba.anu.edu.au/rsync/#security_apr04
File Size:607
Last Modified:May 4 04:32:40 2004
MD5 Checksum:5c922ad89a5afd206074db1ca1e54ae5

 ///  File Name: sa11525.txt
Description:
Alexander Antipov has reported some vulnerabilities in Web Wiz Forum, allowing malicious people to conduct SQL injection attacks and perform certain administrative functions.
Author:Alexander Antipov
Homepage:http://secunia.com/advisories/11525/
File Size:2050
Last Modified:May 4 06:15:05 2004
MD5 Checksum:f7a1fdd1a23ef0ca570ca46ec64a3de5

 ///  File Name: sa11532.txt
Description:
Secunia Advisory SA11532 - Secunia has discovered a vulnerability in the Opera browser, which can be exploited by malicious people to fake (spoof) information displayed in the address bar. The vulnerability has been confirmed in version 7.23 for Windows and Linux. Prior versions may also be affected.
Author:Jakob Balle
Homepage:http://secunia.com/secunia_research/2004-2/advisory/
File Size:2008
Last Modified:May 13 21:52:29 2004
MD5 Checksum:e1d02241499399bc0dffa07448f5451a

 ///  File Name: sa11534.txt
Description:
Georgi Guninski has discovered a vulnerability in mod_ssl versions below 2.8.17, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Successful exploitation requires that the FakeBasicAuth option is enabled and that the malicious client certificate is issued from a trusted CA (Certificate Authority).
Author:Georgi Guninski
Homepage:http://www.guninski.com
File Size:2176
Last Modified:May 29 19:59:36 2004
MD5 Checksum:09b467d0d9a367dc251aaae6316a88c5

 ///  File Name: sa11567.txt
Description:
SmOk3 has reported a vulnerability in e107 version 0.x, which can be exploited to conduct script insertion attacks.
Homepage:http://secunia.com/advisories/11567/
File Size:1880
Last Modified:May 9 21:52:05 2004
MD5 Checksum:eeed8627e5844582baaf7f9690bb9d15

 ///  File Name: sa11590.txt
Description:
Unavailable.
File Size:2785
Last Modified:May 12 07:43:07 2004
MD5 Checksum:6efe94c50541f6f691e1db88c8908a4d

 ///  File Name: sa11604.txt
Description:
Mark Cox has reported a vulnerability in ZoneMinder, potentially allowing malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the handling of query strings. This can be exploited to cause a buffer overflow via a specially crafted query. Successful exploitation may potentially allow execution of arbitrary code. All versions prior to 1.19.2 are affected.
Homepage:http://www.zoneminder.com/fileadmin/downloads/README-1.19.3.html
File Size:1786
Related CVE(s):CAN-2004-0227
Last Modified:May 13 23:31:30 2004
MD5 Checksum:5eb0cfeebc83f62ed40375deed5457f5

 ///  File Name: sa11632.txt
Description:
Secure Computing has reported multiple denial of service vulnerabilities in their Sidewinder G2 firewall.
Related File:SW61002Rel_Notes_0512.pdf
File Size:2023
Last Modified:May 19 01:48:35 2004
MD5 Checksum:d2cf35493bd23c4bd77ecbdb4a11dc84

 ///  File Name: sa11678.txt
Description:
A vulnerability, caused due to an unspecified error within Xconfig, has been discovered in Exceed versions 9.x. When exploited, local users can bypass certain restrictions.
File Size:1603
Last Modified:May 21 21:31:15 2004
MD5 Checksum:ada06fe31a9d22224b90f762e8905320

 ///  File Name: sa11723.txt
Description:
OpenBSD has issued an update for xdm. This fixes a security issue, which potentially may allow malicious users to gain unintended access to a system. A CVS version of XFree86 xdm, which is included in some versions of OpenBSD, has an error that causes it to listen for queries on a random TCP socket, even though requestPort is set to 0 in the configuration file.
Author:Steve Rumble
File Size:1858
Last Modified:May 30 22:04:52 2004
MD5 Checksum:14b9c747284af8f4286f2b266ebb0c4a

 ///  File Name: sa11724.txt
Description:
Apple has issued an updated version of Mac OS X, which fixes many unspecified vulnerabilities. An unspecified error reportedly exists within the NFS logging functionality when tracing system calls. Another unspecified error reportedly exists within LoginWindow when handling directory services lookups and console log files. Yet still another unspecified error exists within Packaging during package installation. Not to mention another unspecified error exists within the TCP/IP stack implementation when handling out-of-sequence TCP packets. Two more unspecified errors exist within AppleFileServer when using SSH and reporting errors and within Terminal when handling URLs.
Author:David Brown, Aaron, Ren Puls
File Size:2436
Last Modified:May 30 22:07:45 2004
MD5 Checksum:7a043a061f9b9080e31cb3e101ae7ebe

 ///  File Name: safari12.txt
Description:
Safari versions 1.2 and below suffer from a vulnerability that can lead to remote arbitrary code execution via the runscript aspect of the HTML rendering functionality.
Author:kang
File Size:1486
Last Modified:May 18 06:08:46 2004
MD5 Checksum:fb01452d5c8420ed352357b019941075

 ///  File Name: smfsize.txt
Description:
SMF version 1.0 Beta 5 public is susceptible to a script injection vulnerability. This company used to produce YaBB SE.
Author:Cheng Peng Su
File Size:2204
Last Modified:May 7 23:08:54 2004
MD5 Checksum:5c7ea5f73c2bb240c36c5545e9223a66

 ///  File Name: snmpdadv.txt
Description:
ucd-snmp versions 4.2.6 and below suffer from a buffer overflow on the command line when the daemon is spawned.
Author:priestmaster
Homepage:http://www.priestmaster.org
File Size:2096
Last Modified:May 21 20:44:25 2004
MD5 Checksum:be122a288bab3da10ef20d0d72f77d32

 ///  File Name: snsadv72.txt
Description:
An ActiveX Control provided by Symantec Norton Antivirus 2004 contains a remotely exploitable DoS condition. In order to trigger this vulnerability, malicious website administrators must induce Internet Explorer users to view a specially crafted web site, which will consequently consume a lot of system resources.
Author:Yuu Arai
File Size:1861
Last Modified:May 21 20:50:54 2004
MD5 Checksum:0c470107c4caf6f7546c5adf7298267e

 ///  File Name: solaris-smc-advisory.txt
Description:
Directory traversal attacks on the Sun Solaris SMC Web Server under releases 8 and 9 allow a remote attacker to determine whether or not a file exists on the underlying filesystem due to differences in error messages.
Author:Jon Hart
Homepage:http://www.spoofed.org/
File Size:3298
Last Modified:May 14 18:04:17 2004
MD5 Checksum:7b79ff96ee995dcdd9fb617dd3c4e1f5

 ///  File Name: SSRT4719.txt
Description:
A potential vulnerability has been identified with HP OpenView Select Access which could be exploited to allow a remote user unauthorized access. Versions affected: HP OpenView Select Access 5.0 Patch 4, 5.1 Patch 1, 5.2, and 6.0.
Homepage:http://support.openview.hp.com/
File Size:5561
Last Modified:May 26 23:21:59 2004
MD5 Checksum:55c73c31c850f50aa4aceac74b1a4350

 ///  File Name: SSRT4724.txt
Description:
Use Of TCP/IP Reserved Port Zero Causes Integrated Lights-Out (iLO) To Stop Responding. LAN management products that use port zero when accessing an Integrated Lights-Out (iLO) in a ProLiant server will cause iLO to become unresponsive. Port zero is specified as a reserved port by the Internet Engineering Task Force (IETF) and should not be used.
Homepage:http://support.openview.hp.com/
File Size:5723
Last Modified:May 28 03:24:29 2004
MD5 Checksum:b5714e865abdbd6b17af261216dbb94c

 ///  File Name: sunjavaapp.txt
Description:
Sun-Java-App-Server PE version 8.0 suffers from a path disclosure vulnerability when returning server error 500 pages.
Author:Marc Schoenefeld
File Size:2386
Last Modified:May 28 03:31:49 2004
MD5 Checksum:a1340be73e5fa96fb10be66e55cb2789

 ///  File Name: sweexwap.txt
Description:
Sweex Wireless Broadband Routers have tftp enabled by default with no way to restrict the service, allowing malicious attackers to download configuration files.
Author:Mark Janssen
File Size:1837
Last Modified:May 14 01:19:00 2004
MD5 Checksum:9102e515c85e722dbadd00db7d74635f

 ///  File Name: TA04-147A.txt
Description:
Technical Cyber Security Alert TA04-147A - A heap overflow vulnerability in the Concurrent Versions System (CVS) could allow a remote attacker to execute arbitrary code on a vulnerable system. Systems affected: Concurrent Versions System (CVS) versions prior to 1.11.16. CVS Features versions prior to 1.12.8.
Homepage:http://www.us-cert.gov/
File Size:4973
Related CVE(s):CAN-2004-0396
Last Modified:May 28 03:30:26 2004
MD5 Checksum:2e0d84d03979a45b15c596936a0fa348

 ///  File Name: trendofficeVirus.txt
Description:
The default installation of Trend OfficeScan allows a non administrative user to disable the service due to weak permissions, stopping the Antivirus software from working. Versions 3.0 to 6.0 are affected.
Author:Matt
File Size:1856
Last Modified:May 9 20:17:50 2004
MD5 Checksum:02be56229b81301f0bb9c27534f66f01

 ///  File Name: tttc.txt
Description:
TTT-C is susceptible to multiple cross site scripting attacks due to the fact that it does not sanitize variables.
Author:Kaloyan Olegov Georgiev
File Size:4381
Last Modified:May 18 05:55:59 2004
MD5 Checksum:1a02809db58f3bb930bb86e3d98bbccf

 ///  File Name: verity.txt
Description:
Verity Ultraseek versions 5.2.1 and below suffer from a path disclosure vulnerability.
Author:Martin O'Neal
File Size:3049
Related CVE(s):CAN-2004-0050
Last Modified:May 7 21:21:23 2004
MD5 Checksum:4cd573175d8440191d3f24311517d039

 ///  File Name: waraxe-2004-SA026.txt
Description:
Multiple vulnerabilities in Coppermine Photo Gallery version 1.2.2b for PhpNuke. These range from small flaws like path disclosure, cross site scripting, and arbitrary directory browsing, to remote command execution on the underlying server.
Author:Janek Vind aka waraxe
Homepage:http://www.waraxe.us/
File Size:7454
Last Modified:May 4 05:00:51 2004
MD5 Checksum:cd1d70aec83d6377a9d7c484457221d2