Section:  .. / 0410-advisories  /

Page 6 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 125 - 150 of 254
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: MDKSA-2004:108.txt
Description:
Mandrakelinux Security Update Advisory - cvs 10.0, 92, Corporate Server 2.1. A flaw in CVS versions prior to 1.1.17 in an undocumented switch to the CVS history command allows for determining directory structure and the existance of files on a target machine.
Author:security
Homepage:http://www.mandrakesoft.com/security/advisories
File Size:3301
Last Modified:Oct 20 04:25:00 2004
MD5 Checksum:6f5d571b169f8a0e664ff4cf10c5e1ea

 ///  File Name: MDKSA-2004:109.txt
Description:
Mandrakelinux Security Update Advisory - affected versions of MDK: 10.0, 92, Corporate Server 2.1, Multi Network Firewall 8.2. Several vulnerabilities have been discovered in the libtiff package that could lead to arbitrary code execution.
Author:Mandrake Linux Security Team
Homepage:http://www.mandrakesoft.com/security/advisories
File Size:5490
Related OSVDB(s):10750
Related CVE(s):CAN-2004-0803
Last Modified:Oct 20 04:32:00 2004
MD5 Checksum:a6636c1f92368f3291c331749b2eca80

 ///  File Name: MDKSA-2004:113.txt
Description:
Mandrakelinux Security Update Advisory - Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution.
Author:Chris Evans
Homepage:http://www.mandrakesoft.com/security/advisories
File Size:3180
Related CVE(s):CAN-2004-0888, CAN-2004-0889
Last Modified:Oct 27 05:15:56 2004
MD5 Checksum:dbbeceb18f4a83c657d4ce2e53f6f3b8

 ///  File Name: megabbs.txt
Description:
MegaBBS is susceptible to HTTP Response splitting and SQL injection vulnerabilities.
Author:pigrelax
File Size:2462
Last Modified:Oct 1 16:15:31 2004
MD5 Checksum:fb3c66e4ed3e18435625a1130924f5cd

 ///  File Name: ms04-033.txt
Description:
A Microsoft update has been released. This update resolves a newly-discovered, privately reported vulnerability. A remote code execution vulnerability exists in Microsoft Excel. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
Homepage:http://www.microsoft.com/technet/security/bulletin/ms04-033.mspx
File Size:48468
Related CVE(s):CAN-2004-0846
Last Modified:Oct 13 11:31:44 2004
MD5 Checksum:8ac34f46616424a2cf3eab223a33b189

 ///  File Name: ms04-035.html
Description:
Microsoft Security Advisory MS04-035 - An attacker who successfully exploited an SMTP vulnerability in Windows could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts that have full privileges.
Homepage:http://www.microsoft.com/technet/security/bulletin/ms04-035.mspx
File Size:64701
Related CVE(s):CAN-2004-0840
Last Modified:Oct 24 23:25:34 2004
MD5 Checksum:66bdf906b089b28f0ff1b37fae6db3f8

 ///  File Name: ms04-038.html
Description:
Microsoft Security Advisory MS04-038 - Multiple Internet Explorer vulnerabilities have been patched by Microsoft. If a user is logged on with administrative privileges, an attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system, including installing programs; viewing, changing, or deleting data; or creating new accounts with full privileges. Users whose accounts are configured to have fewer privileges on the system would be at less risk than users who operate with administrative privileges.
Author:Greg Jones, Mitja Kolsek, John Heasman
Homepage:http://www.microsoft.com/technet/security/bulletin/ms04-038.mspx
File Size:294069
Related CVE(s):CAN-2004-0842, CAN-2004-0727, CAN-2004-0216, CAN-2004-0839, CAN-2004-0844, CAN-2004-0843, CAN-2004-0841, CAN-2004-0845
Last Modified:Oct 24 23:18:07 2004
MD5 Checksum:fa0e1c35065f1d72138fac2cdb0a7cdd

 ///  File Name: msieLink.txt
Description:
Microsoft Internet Explorer 6.0.2800.1106 and possibly earlier versions fail to properly handle links embedded within links, allowing for spoofing of target addresses.
Author:Benjamin Tobias Franz
File Size:979
Last Modified:Oct 29 04:39:19 2004
MD5 Checksum:078b1a079d263c5f03c2b409266baf46

 ///  File Name: MSwordExploitable.txt
Description:
Microsoft Word is susceptible to having an exception triggered due to a lack of sufficient data validation when winword.exe parses a document file. Two types of exceptions can be triggered, with the second being possibly exploitable.
Author:Hexview
Homepage:http://www.hexview.com/
File Size:3334
Last Modified:Oct 13 07:56:46 2004
MD5 Checksum:cbd11131090e3133d081b6ca58e80bcd

 ///  File Name: mywebServer103.txt
Description:
MyWebServer 1.0.3 is susceptible to a denial of service attack and allows for direct administrative access to ServerProperties.html.
Author:nekd0
Homepage:http://unl0ck.blackhatz.info/
File Size:1539
Last Modified:Oct 1 17:24:49 2004
MD5 Checksum:c77e575f154e41b87b6dd792b4ea76b2

 ///  File Name: navRant.txt
Description:
Long rant plus proof of concept regarding how easy it is to bypass Norton Antivirus.
Author:Daniel Milisic
File Size:6297
Last Modified:Oct 26 03:40:24 2004
MD5 Checksum:269cc3b2870ca1095531c26324fba906

 ///  File Name: netscapewebmail_advisory.txt
Description:
Netscape.net Webmail is susceptible to a cross site scripting attack.
Author:Steven
Homepage:http://www.lovebug.org/
File Size:2644
Last Modified:Oct 27 04:18:51 2004
MD5 Checksum:80b7f34b2c05e4eb63aae8f232b64c25

 ///  File Name: nkxtox-00003.txt
Description:
PHP Links suffers from a full path disclosure flaw.
File Size:417
Last Modified:Oct 13 05:10:58 2004
MD5 Checksum:76288bd7cad0b73e7fc2e18bcf7d24ba

 ///  File Name: oldMonolith.txt
Description:
Some old games developed by Monolith, such as Alien versus Predator 2 versions 1.0.9.6 and below, Blood 2 versions 2.1 and below, No one lives forever 1.004 and below, etc, all suffer from a classical buffer-overflow which happens when an attacker sends a secure Gamespy query followed by at least 68 chars.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:lithsec.zip"
File Size:2605
Last Modified:Oct 13 09:00:54 2004
MD5 Checksum:5b420b5726ce75a01fb81218e7d38570

 ///  File Name: openWFE14x.txt
Description:
Open WorkFlow Engine version 1.4.x allows for cross site scripting attacks and to be used as a port scanner.
Author:Jose Antonio Coret
File Size:3416
Last Modified:Oct 27 06:19:11 2004
MD5 Checksum:7ecb91474d7b40c6fd6cd2d7ac749e13

 ///  File Name: php4curl.txt
Description:
PHP4 cURL functions bypass open_basedir protection allowing users to navigate through the filesystem.
Author:FraMe
Homepage:http://www.kernelpanik.org
File Size:865
Last Modified:Oct 28 16:53:43 2004
MD5 Checksum:426f895856b6e38fa2c921ed2bfb7aaf

 ///  File Name: PMASA-2004-2.txt
Description:
When specifying specially formatted options to external MIME transformation, an attacker can execute any shell command restricted by privileges of httpd user.
Homepage:http://www.phpmyadmin.net/home_page/security.php?issue=PMASA-2004-2
File Size:2059
Last Modified:Oct 25 00:12:46 2004
MD5 Checksum:e8d18169cff29628d778c02a90d1d39b

 ///  File Name: pppdDoS.txt
Description:
Improper verification of header fields lets an attacker make the pppd server from ppp-241 access memory it isn't allowed to, resulting in a crash of the server. There is no possibility of code execution, as there is no data being copied, just a pointer dereferenced.
Author:sean
File Size:4690
Last Modified:Oct 27 07:27:38 2004
MD5 Checksum:71d4cc7fc3b54237ca3ba0d2e1ecd78b

 ///  File Name: privateer104141.txt
Description:
Privateer's Bounty: Age of Sail II versions 1.04.151 and below is affected by a buffer overflow occurring when an attacker joins on the server using a nickname at least 144 bytes in length.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:aos2bof.zip"
File Size:1513
Last Modified:Oct 27 04:34:53 2004
MD5 Checksum:25af558bcfdab021be410c93909f0826

 ///  File Name: proftpd12x.txt
Description:
ProFTPD 1.2.x suffers from a vulnerability that allow for remote user enumeration. It is possible to determine which user names are valid, which are special, and which ones do not exist on the remote system. This can be accomplished by code execution path timing analysis attack at the ProFTPD login procedure.
Homepage:http://security.lss.hr/
File Size:4917
Last Modified:Oct 26 04:29:35 2004
MD5 Checksum:1aeaa1eb452e6441593f2ccfbff5242d

 ///  File Name: pscriptForum.txt
Description:
Powie's PSCRIPT Forum is susceptible to multiple SQL injection vulnerabilities.
Author:Christoph Jeschke
File Size:2447
Last Modified:Oct 26 04:49:50 2004
MD5 Checksum:1440ba6ea0c4b79e08fb07a0f48c63d1

 ///  File Name: putty056.txt
Description:
PuTTY 0.56 fixes a serious security hole which can allow a server to execute code of its choice on a PuTTY client connecting to it.
File Size:831
Last Modified:Oct 28 16:23:00 2004
MD5 Checksum:90fc3823961fadf8492205f905db3eb3

 ///  File Name: quakeII.txt
Description:
Quake II version 3.2.x is susceptible to multiple vulnerabilities. Due to unchecked input at various stages in the server, remote users are able to cause the server to crash, reveal sensitive information or potentially execute arbitrary code.
Author:Richard Stanway
Homepage:http://www.r1ch.net/
File Size:7121
Last Modified:Oct 28 16:30:02 2004
MD5 Checksum:7bc381702143ab0259af8b0b05e89b7b

 ///  File Name: quicktime.txt
Description:
A high risk vulnerability exists in Quicktime for Windows versions 6.5.2 and earlier.
Author:John Heasman
File Size:785
Last Modified:Oct 28 16:49:04 2004
MD5 Checksum:d978934420addf9429ed881546cfc168

 ///  File Name: razor.ms_rpc_vuln_oct12_2004.txt
Description:
Bindview Advisory - Critical Flaw in rpc__mgmt_inq_stats. A remote attacker can read large amounts of memory from and/or crash any NT4 RPC server.
Homepage:http://www.bindview.com/Support/RAZOR/Current_Advisories/ADV_MSFTRPCVuln_10-13-04.cfm
File Size:1871
Related OSVDB(s):10686
Related CVE(s):CAN-2004-0569
Last Modified:Oct 24 20:29:45 2004
MD5 Checksum:9fbf23248dcac505c6edd397bda2b257