Section:  .. / 0410-advisories  /

Page 2 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 25 - 50 of 254
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: glsa-200410-22.txt
Description:
Gentoo Linux Security Advisory GLSA 200410-22 - Several vulnerabilities including privilege abuse, Denial of Service, and potentially remote arbitrary code execution have been discovered in MySQL.
Homepage:http://security.gentoo.org/
File Size:3656
Last Modified:Oct 28 03:29:27 2004
MD5 Checksum:77aec02fb7bf0b22eab13b6ffa872ddb

 ///  File Name: ieee1394.txt
Description:
IEEE1394 Specification allows client devices to directly access host memory, bypassing operating system limitations. A malicious client device can read and modify sensitive memory, causing privilege escalation, information leakage and system compromise.
Homepage:http://pacsec.jp/advisories.html
File Size:3230
Last Modified:Oct 27 07:46:02 2004
MD5 Checksum:4bba568b0006c290097ea5f555c29e0f

 ///  File Name: sa12853.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in phpCodeGenie, which can be exploited by malicious people to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/12853/
File Size:1958
Last Modified:Oct 27 07:42:19 2004
MD5 Checksum:31af6fa5b4bffbb91cb605d12fbd17a4

 ///  File Name: 2004-0050.txt
Description:
Trustix Secure Linux Bugfix Advisory #2004-0050 - This bug fix discusses vulnerabilities in the packages gettext, ghostscript, glibc, groff, gzip, kerberos5, lvm, mysql, netatalk, openssl, perl, and postgresql. Previously unreleased information for groff exists here.
Homepage:http://www.trustix.org/errata/2004/0050/
File Size:15050
Last Modified:Oct 27 07:41:36 2004
MD5 Checksum:0dc620df1b9006e869e1c8a83508552d

 ///  File Name: 841713.html
Description:
NISCC Vulnerability Advisory 841713/Hummingbird - The first issue with Hummingbird Inetd32 allows a user to run an application in the context of the Local System user. The second issue is a buffer overflow in XCWD that causes a denial of service condition and requires valid user credentials to invoke.
Homepage:http://www.uniras.gov.uk/vuls/2004/841713/index.htm
File Size:13995
Last Modified:Oct 27 07:38:18 2004
MD5 Checksum:758be0c78f2e3a84328ca516b5afa8e2

 ///  File Name: sa12969.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Novell ZENworks for Desktops, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the Remote Management Agent invoking the ZENworks Remote Control Help functionality with SYSTEM privileges. This can be exploited to execute arbitrary programs with escalated privileges.
Homepage:http://secunia.com/advisories/12969/
File Size:2007
Last Modified:Oct 27 07:34:44 2004
MD5 Checksum:a222fa04d6b6f7eb2cc756b8281629a7

 ///  File Name: sa12980.txt
Description:
Secunia Security Advisory - Positive Technologies has reported some vulnerabilities in Phorum, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Homepage:http://secunia.com/advisories/12980/
File Size:2013
Last Modified:Oct 27 07:33:31 2004
MD5 Checksum:3ae5e11887096bec6e6f4ad1d2287b7d

 ///  File Name: sa12973.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in OpenSSL, which can be exploited by malicious, local users to perform certain actions on a vulnerable system with escalated privileges. The vulnerability is caused due to the der_chop script creating temporary files insecurely. This can be exploited via symlink attacks to create or overwrite arbitrary files with the privileges of the user executing the vulnerable. The vulnerability has been reported in versions 0.9.6m, 0.9.7d, and 0.9.7e. Other versions may also be affected.
Homepage:http://secunia.com/advisories/12973/
File Size:1906
Last Modified:Oct 27 07:31:54 2004
MD5 Checksum:9a5eb82b7b4b465cc57f27fe71b2c279

 ///  File Name: gnutftp.txt
Description:
The GNU tftp client in the inetutils-1.4.2 is susceptible to buffer overflow attacks. Due to untrusted data from DNS resolved hostname being copied into finite static buffers without any bounds checking, several buffers can be overflowed in the .bss. Arbitrary code execution is possible.
Author:sean
File Size:1578
Last Modified:Oct 27 07:29:47 2004
MD5 Checksum:d2064ef8191770931d94dcb6c07d7330

 ///  File Name: pppdDoS.txt
Description:
Improper verification of header fields lets an attacker make the pppd server from ppp-241 access memory it isn't allowed to, resulting in a crash of the server. There is no possibility of code execution, as there is no data being copied, just a pointer dereferenced.
Author:sean
File Size:4690
Last Modified:Oct 27 07:27:38 2004
MD5 Checksum:71d4cc7fc3b54237ca3ba0d2e1ecd78b

 ///  File Name: csis2004-5.txt
Description:
CSIS Security Advisory [CSIS2004-5) - Mozilla Firefox, Web-browser built for 2004, advanced e-mail and newsgroup client, IRC chat client, and HTML editing made simple. The Mozilla Firefox ships with several bugs, making it possible to crash the browser, eat up virtual memory, simply by hosting a binary renamed as html, on a remote website.
Author:Peter Kruse
Homepage:http://www.csis.dk
File Size:2915
Last Modified:Oct 27 07:17:30 2004
MD5 Checksum:78ca9ea062edb15ad3e9dae58785404b

 ///  File Name: glsa-200410-25.txt
Description:
Gentoo Linux Security Advisory GLSA 200410-25 - The etc2ps.sh script, included in the Netatalk package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.
Homepage:http://security.gentoo.org/
File Size:2893
Last Modified:Oct 27 07:15:43 2004
MD5 Checksum:eeedf131e6bfe9a1386e95b4ff411b69

 ///  File Name: sa12955.txt
Description:
Secunia Security Advisory - Elac has discovered a vulnerability in dadaIMC, which can be exploited by malicious people to conduct script insertion attacks.
Homepage:http://secunia.com/advisories/12955/
File Size:2002
Last Modified:Oct 27 07:15:06 2004
MD5 Checksum:77df106892de12c6587988e06fc14b6f

 ///  File Name: landeskDoS.txt
Description:
A vulnerability in LANDesk Management Suite 6.x through 8.x allows for a denial of service attack.
Author:Ryan Rounkles
File Size:511
Last Modified:Oct 27 07:13:34 2004
MD5 Checksum:39b7d6ed8cba46b6d239259e78cc44c8

 ///  File Name: sa12961.txt
Description:
Secunia Security Advisory - A vulnerability with an unknown impact has been reported in WindowMaker.
Homepage:http://secunia.com/advisories/12961/
File Size:1491
Last Modified:Oct 27 06:42:35 2004
MD5 Checksum:f7826b13f09f9482ad8322642affccc2

 ///  File Name: FakeRedhatPatchAnalysis.txt
Description:
A full analysis of the fake Fedora-Redhat security alert with trojan source code.
Homepage:http://www.k-otik.com/
File Size:16604
Last Modified:Oct 27 06:40:24 2004
MD5 Checksum:afe97363f72f5d2da14e92ba4526ef65

 ///  File Name: sa12960.txt
Description:
Secunia Security Advisory - Some vulnerabilities have been reported in IPplan 3.x, which can be exploited by malicious people to conduct SQL injection attacks. Some unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
Homepage:http://secunia.com/advisories/12960/
File Size:1626
Last Modified:Oct 27 06:37:42 2004
MD5 Checksum:1248fd5125a46b004a17187f34ca9179

 ///  File Name: glsa-200410-24.txt
Description:
Gentoo Linux Security Advisory GLSA 200410-24 - The send-pr.sh script, included in the mit-krb5 package, is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.
Homepage:http://security.gentoo.org/
File Size:2893
Last Modified:Oct 27 06:36:36 2004
MD5 Checksum:9713d9eda78d83d4bcea4bdd5d7530af

 ///  File Name: bugzilla-10242004.txt
Description:
This advisory covers three security bugs that have recently been discovered and fixed in the Bugzilla code: In the stable 2.16 releases, it is possible to make a specific change to a bug without permissions; and in the 2.18 release candidate, there are information leaks with private attachments and comments.
Author:Michael Whitfield, Joel Peshkin, Casey Klein, Myk Melez
Homepage:http://www.bugzilla.org/
File Size:4690
Last Modified:Oct 27 06:35:27 2004
MD5 Checksum:2e5a731eb9eaa9fa2ac202c2003bf01c

 ///  File Name: sa12963.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in LinuxStat, which can be exploited by malicious people to disclose sensitive information.
Homepage:http://secunia.com/advisories/12963/
File Size:1682
Last Modified:Oct 27 06:33:44 2004
MD5 Checksum:c6ceb25a8e5f06d686ae35457140640b

 ///  File Name: SSA-20041022-08.txt
Description:
Due to an input validation flaw, MoniWiki versions 1.0.8 and below are vulnerable to cross site scripting attacks.
Author:SSR Team
File Size:1439
Last Modified:Oct 27 06:24:31 2004
MD5 Checksum:8a3e1ca305014981494e506f15e8a31b

 ///  File Name: communXSS.txt
Description:
Various online German communities suffer from various cross site scripting flaws.
Author:Habonator
File Size:1233
Last Modified:Oct 27 06:22:45 2004
MD5 Checksum:161330d148f56f5a2f74fa7f3d8b29c6

 ///  File Name: 008-firefox.thunderbird.txt
Description:
Mozilla Thunderbird 0.8 and Firefox 0.9.3 allows a temporary file to become world readable when using secondary applications to view the data.
Author:Martin
File Size:1986
Last Modified:Oct 27 06:20:58 2004
MD5 Checksum:5c9385d5e5c42d7316c6e63b3954a1d9

 ///  File Name: openWFE14x.txt
Description:
Open WorkFlow Engine version 1.4.x allows for cross site scripting attacks and to be used as a port scanner.
Author:Jose Antonio Coret
File Size:3416
Last Modified:Oct 27 06:19:11 2004
MD5 Checksum:7ecb91474d7b40c6fd6cd2d7ac749e13

 ///  File Name: dwcSQL.txt
Description:
dwc_articles versions 1.6 and below suffer from various SQL injection attacks.
Author:l0om
Homepage:http://www.excluded.org
File Size:853
Last Modified:Oct 27 05:56:52 2004
MD5 Checksum:c484862626521a28fa336229ddffa0a0