Section:  .. / 0406-advisories  /

Page 1 of 6
<< 1 2 3 4 5 6 >> Files 1 - 25 of 129
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: ms04-016.txt
Description:
Microsoft Security Bulletin - A denial of service vulnerability exists in the implementation of the IDirectPlay4 application programming interface (API) of Microsoft DirectPlay because of a lack of robust packet validation.
Homepage:http://www.microsoft.com/technet/security/bulletin/ms04-016.mspx
File Size:41680
Related CVE(s):CAN-2004-0202
Last Modified:Jun 9 07:44:21 2004
MD5 Checksum:b4c4369f63975613cb4055a518e5301f

 ///  File Name: cisco-sa-20040616-bgp.txt
Description:
Cisco Security Advisory: A Cisco device running IOS and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DOS) attack from a malformed BGP packet.
Homepage:http://www.cisco.com/warp/public/707/cisco-sa-20040616-bgp.shtml
File Size:38795
Last Modified:Jun 18 02:39:09 2004
MD5 Checksum:0752dbcf53a837e2b7d7954fb5b85278

 ///  File Name: RS-Labs-Advisory-2004-1.txt
Description:
A vulnerability has been discovered in SquirrelMail. Due to unsanitized user input, a specially crafted e-mail being read by the victim using SquirrelMail will make injection of arbitrary tags possible. When correctly exploited, it will permit the execution of scripts (JavaScript, VBScript, etc) running in the context of victim's browser.
Author:RoMaNSoFt
Homepage:http://www.rs-labs.com/adv/RS-Labs-Advisory-2004-1.txt
File Size:32167
Last Modified:Jun 2 09:48:08 2004
MD5 Checksum:f686d77939f6fe1e7452e864351610dd

 ///  File Name: galleryVuln.txt
Description:
A vulnerability due to an unspecified authentication error in Gallery allows for a remote attacker to gain full administrative access. Affected versions are 1.2 up to 1.4.3-p12.
Homepage:http://gallery.menalto.com/
File Size:26591
Last Modified:Jun 2 10:16:42 2004
MD5 Checksum:5a6e70d6f6f69134b834400a2d5a37b5

 ///  File Name: ibmSSL.html
Description:
Multiple IBM products have been diagnosed with a denial of service vulnerability caused by malformed SSL records. This is unrelated to the OpenSSL handshake vulnerability found last year. Affected products: Access Manager for e-business 3.9, Access Manager for e-business 4.1, Access Manager for e-business 5.1, Access Manager for Business Integration 5.1, IBM Tivoli Directory Server 4.1, IBM Tivoli Directory Server 5.1, IBM HTTP Server 1.3.12.x, IBM HTTP Server 1.3.19.x, IBM HTTP Server 1.3.26.x, IBM HTTP Server 1.3.28.x, IBM HTTP Server 2.0.42.x, IBM HTTP Server 2.0.47.x, Websphere MQ V5.3.
Homepage:http://www-1.ibm.com/support/docview.wss?uid=swg21170854&rs=260
File Size:26072
Last Modified:Jun 8 01:07:59 2004
MD5 Checksum:82291a100e0989065a679b31a206dad7

 ///  File Name: 20040601-01-P.txt
Description:
SGI Security Advisory 20040601-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions non privileged users can use the syssgi system call SGI_IOPROBE to read and write kernel memory which can be used to obtain root user privileges. Patches have been released for this and other issues. At this time, IRIX versions 6.5.20 to 6.5.24 are considered susceptible.
Author:SGI Security Coordinator
Homepage:http://support.sgi.com/
File Size:24322
Related CVE(s):CAN-2004-0135, CAN-2004-0136, CAN-2004-0137
Last Modified:Jun 18 02:25:00 2004
MD5 Checksum:d05cb4115b395162428966046c7e70a4

 ///  File Name: dsa-516.txt
Description:
Debian Security Advisory DSA 516-1 - A buffer overflow has been discovered in the ODBC driver of PostgreSQL, an object-relational SQL database, descended from POSTGRES. It possible to exploit this problem and crash the surrounding application. Hence, a PHP script using php4-odbc can be utilized to crash the surrounding Apache webserver. Other parts of PostgreSQL are not affected.
Author:Martin Schulze
Homepage:http://www.debian.org/security/
File Size:23376
Last Modified:Jun 9 06:55:57 2004
MD5 Checksum:746c64d5f352ebf9dfa08865e836973c

 ///  File Name: 2004-OSC2Nuke-001.txt
Description:
OSC2Nuke 7x version 1 and OSCNukeLite versions 3.1 and below are susceptible to full path disclosure vulnerabilities along with the possibility of remote command execution.
Author:Squid
File Size:20595
Last Modified:Jun 2 10:23:13 2004
MD5 Checksum:e180d1f878dcd446fbcc405f8650d841

 ///  File Name: cisco-sa-20040609-catos.txt
Description:
Cisco CatOS is susceptible to a TCP-ACK Denial of Service (DoS) attack on the Telnet, HTTP and SSH service. If exploited, the vulnerability causes the Cisco CatOS running device to stop functioning and reload. Releases affected: 8.xGLX earlier than 8.3(2)GLX, 8.x earlier than 8.2(2), 7.x earlier than 7.6(6), 6.x earlier than 6.4(9). and 5.x earlier than 5.5(20).
Homepage:http://www.cisco.com/warp/public/707/cisco-sa-20040609-catos.shtml
File Size:14113
Last Modified:Jun 10 09:39:19 2004
MD5 Checksum:f670fb26d4079fcf300acbdaa289c627

 ///  File Name: 2004-betaNC-001.txt
Description:
Nuke Cops betaNC PHP-Nuke Bundle with PHPNuke 6.5 and later are susceptible to multiple path disclosure vulnerabilities that can lead to SQL injection and code execution attacks.
Author:Squid
File Size:13086
Last Modified:Jun 2 10:21:09 2004
MD5 Checksum:bac81045a0f73554644ab895a446129d

 ///  File Name: dhcpdDOS.txt
Description:
Original research data regarding ISC DHCPD 3.0.1 rc12 and rc13 denial of service attacks.
Author:Gregory Duchemin
File Size:13029
Last Modified:Jun 28 02:42:00 2004
MD5 Checksum:71c767cbd65b9b93218deebabc584425

 ///  File Name: 2004-Nuke-001.txt
Description:
PHPNuke versions 7.3 and below are susceptible to full path disclosure vulnerabilities.
File Size:11966
Last Modified:Jun 2 10:05:15 2004
MD5 Checksum:f9a53a8b320814d6aa9cfa48f0fbd0ae

 ///  File Name: httpd1.html
Description:
There is denial of service in Apache httpd 2.0.49. It is possible to consume arbitrary amount of memory. On 64 bit systems with more than 4GB virtual memory this may lead to heap based buffer overflow whose exploitation is unclear at the moment.
Author:Georgi Guninski
Homepage:http://www.guninski.com/httpd1.html
File Size:11596
Last Modified:Jun 29 13:34:00 2004
MD5 Checksum:b801e23971a881cdb1d8b49c6f20eaf1

 ///  File Name: MITKRB5-SA-2004-001.txt
Description:
MIT krb5 Security Advisory 2004-001 - The krb5_aname_to_localname() library function contains multiple buffer overflows which could be exploited to gain unauthorized root access. Exploitation of these flaws requires an unusual combination of factors, including successful authentication to a vulnerable service and a non-default configuration on the target service.
Author:Christopher Nebergall, Nico Williams
File Size:10492
Last Modified:Jun 2 10:09:24 2004
MD5 Checksum:29862095f1c62eec088c6380cb4572ed

 ///  File Name: 57587.html
Description:
A flaw in Kerberos password handling under Sun Solaris 9 allows for passwords to be logged in clear text on clients with services using pam_krb5 as an auth module.
Homepage:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57587
File Size:10283
Last Modified:Jun 25 14:52:00 2004
MD5 Checksum:9cbfc28498aa0afd113d15af3bf8dcd4

 ///  File Name: cisco-sa-20040630-CCS.txt
Description:
Cisco Security Advisory: Cisco Collaboration Server (CCS) versions earlier than 5.0 ship with ServletExec versions that are vulnerable to attack where unauthorized users can upload any file and gain administrative privileges.
Homepage:http://www.cisco.com/warp/public/707/cisco-sa-20040630-CCS.shtml
File Size:9570
Last Modified:Jun 30 12:23:00 2004
MD5 Checksum:ea60a4ea663b27afbfee31c283ecf86f

 ///  File Name: nCipher-10.txt
Description:
nCipher Security Advisory No. 10 - Pass phrases entered by means of the nCipher netHSM front panel, either using the built in thumbwheel or using a directly attached keyboard, are exposed in the netHSM system log. Under certain circumstances this information is also available to the remote filesystem machine.
Homepage:http://www.ncipher.com/support/advisories/
File Size:9112
Last Modified:Jun 23 02:00:46 2004
MD5 Checksum:993957a98dd6b1d0f2b779e9a29802b5

 ///  File Name: 57497.html
Description:
An error within the Basic Security Module (BSM) under Sun Solaris versions 7, 8, and 9 allows a malicious local attacker to cause a denial of service against the system.
Homepage:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57497
File Size:9058
Last Modified:Jun 25 12:18:00 2004
MD5 Checksum:fd0d63ac0874ed48781baafa86521355

 ///  File Name: 57581.html
Description:
An unspecified vulnerability has been discovered in Sun StorEdge Enterprise Storage Manager, which can be exploited by malicious, local users to gain root privileges.
Homepage:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57581
File Size:8878
Last Modified:Jun 25 14:38:00 2004
MD5 Checksum:0ff9d68c60768a5ca72ab9a624ab50ea

 ///  File Name: modproxy1.html
Description:
The version of mod_proxy shipped with Apache 1.3.31 and possibly earlier versions are susceptible to a buffer overflow via the Content-Length: header. This can lead to a denial of service and possible compromise of a vulnerable system.
Author:Georgi Guninski
Homepage:http://www.guninski.com/modproxy1.html
File Size:8508
Last Modified:Jun 14 10:10:52 2004
MD5 Checksum:e7d78d7a935f0a2ce17af90ae82bf0ba

 ///  File Name: BEA04_62.00.html
Description:
A vulnerability exists in various versions of Weblogic Server and Weblogic Express when a client logs in multiple times as different users using RMI (Remote Method Invocation) over IIOP (Internet Inter-ORB Protocol). This may reportedly result in an RMI method being executed under the wrong identity. Affected versions: WebLogic Server and WebLogic Express 8.1, on all platforms, WebLogic Server and WebLogic Express 7.0, on all platforms, and WebLogic Server and WebLogic Express 6.1, on all platforms.
Homepage:http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_62.00.jsp
File Size:8470
Last Modified:Jun 18 09:05:33 2004
MD5 Checksum:62beae5b11dcf369c3eb3efa87b1b81b

 ///  File Name: chkptFW1-IKE.txt
Description:
Checkpoint Firewall-1 version 4.1 and later with IPsec VPN enabled will return an IKE Vendor ID payload when it receives an IKE packet with a specific Vendor ID payload. The Vendor ID payload that is returned identifies the system as Checkpoint Firewall-1 and also determines the Firewall-1 version and service-pack or feature-pack revision number. This is an information leakage issue which can be used to fingerprint the Firewall-1 system.
Author:Roy Hills
Homepage:http://www.nta-monitor.com/news/checkpoint2004/index.htm
File Size:8319
Last Modified:Jun 18 02:34:30 2004
MD5 Checksum:291502ded47afbba3cc5408a4a3b50f2

 ///  File Name: cpanelPHP.txt
Description:
Flaws in how Apache's suexec binary has been patched by cPanel when configured for mod_php, in conjunction with cPanel's creation of some perl scripts that are not taint clean, allow for any user to execute arbitrary code as any other user with a uid above UID_MIN.
Author:Rob Brown
Homepage:http://www.A-Squad.Com
File Size:8155
Related CVE(s):CVE-2004-0529
Last Modified:Jun 8 02:18:45 2004
MD5 Checksum:d3f0471b6d0134f5d7824d0a00b81ce0

 ///  File Name: BEA04_64.00.html
Description:
A security issue has been discovered in BEA WebLogic, potentially allowing unauthorised users to access affected web applications. Due to improper filtering of data, an asterisk may be used in a spot to allow for a random user to get loaded into a role. The issue affects WebLogic Server and WebLogic Express version 8.1 and 7.0.
Homepage:http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA04_64.00.jsp
File Size:8148
Last Modified:Jun 29 13:45:00 2004
MD5 Checksum:fb3f7f6a2b9d9f0dc6bf0fd32c665828

 ///  File Name: 0xbadc0ded-04.txt
Description:
A remotely exploitable format string vulnerability exists in smtp.proxy up to and including version 1.1.3. The bug is present and exploitable regardless of any compile time and runtime configuration options and can be exploited by sending a message with an embedded format string in either the client hostname or the message-id.
Author:Joel Eriksson
File Size:7763
Last Modified:Jun 14 08:52:54 2004
MD5 Checksum:8ff006e1ae1e98fc101e810e7fd5cffd