Section:  .. / 0412-advisories  /

Page 10 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 225 - 250 of 253
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: secres21122004-2.txt
Description:
Secunia Research has discovered a vulnerability in Spy Sweeper Enterprise, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the Spy Sweeper Enterprise Client SpySweeperTray.exe process invoking the help functionality with SYSTEM privileges. This can be exploited to execute arbitrary commands on a system with escalated privileges.
Author:Carsten Eiram
Homepage:http://secunia.com/
File Size:4193
Last Modified:Dec 31 19:42:54 2004
MD5 Checksum:e05df323874f9a3537c06ea103c76c79

 ///  File Name: secres21122004.txt
Description:
Secunia Research has discovered a vulnerability in My Firewall Plus, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the Smc.exe process invoking the help functionality with SYSTEM privileges. This can be exploited to execute arbitrary programs on a system with escalated privileges.
Author:Carsten Eiram
Homepage:http://secunia.com/
File Size:3796
Last Modified:Dec 31 19:37:38 2004
MD5 Checksum:3dbe302ef53a7e08ca67adf7a69f91c5

 ///  File Name: singapore0910.txt
Description:
Multiple vulnerabilies have been found in the Singapore Image Gallery Web Application version 0.9.10 including arbitrary file download, directory deletion, and cross site scripting flaws.
Author:Tan Chew Keong
Homepage:http://www.security.org.sg/vuln/singapore0910.html
File Size:2483
Last Modified:Dec 30 10:08:35 2004
MD5 Checksum:9575c63773bd9433a1cc1532ca27c69c

 ///  File Name: SRT2004-12-14-0322.txt
Description:
Secure Network Operations Advisory SRT2004-12-14-0322 - Symantec LiveUpdate versions prior to 2.5 are susceptible to a flaw that may allow for local privilege escalation to SYSTEM.
Author:JxT
Homepage:http://www.secnetops.com/
File Size:6353
Last Modified:Dec 30 07:48:43 2004
MD5 Checksum:c165c0623acf61da6251ead2128e8cd6

 ///  File Name: SSA-20041209-13.txt
Description:
STG Security Advisory: UseModWiki is susceptible to a cross site scripting flaw.
Author:Jeremy Bae
Homepage:http://stgsecurity.com/
File Size:1087
Last Modified:Dec 30 08:12:36 2004
MD5 Checksum:3e9d43bfe2d2932ad2d57d550a62131f

 ///  File Name: SSA-20041215-1.txt
Description:
STG Security Advisory: MoniWiki is susceptible to a file upload flaw due to a mishandling of multiple file extensions.
Author:Jeremy Bae
Homepage:http://stgsecurity.com/
File Size:2070
Last Modified:Dec 30 09:10:30 2004
MD5 Checksum:c75c9e0f06120887e6326a83087df2d3

 ///  File Name: SSA-20041215-17.txt
Description:
STG Security Advisory: JSBoard is one of widely used web BBS applications in Korea. However, an input validation flaw can allow malicious attackers the ability to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user.
Author:Jeremy Bae
Homepage:http://stgsecurity.com/
File Size:2118
Last Modified:Dec 30 09:37:08 2004
MD5 Checksum:e81a5f10b311b20cc16f6ad1dab6843a

 ///  File Name: SSA-20041215-18.txt
Description:
STG Security Advisory: phpBB Attachment Mod is file upload module for phpBB. However, an input validation flaw can cause malicious attackers to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user. Attachment module 2.3.10 and below is susceptible.
Author:Jeremy Bae
Homepage:http://stgsecurity.com/
File Size:1955
Last Modified:Dec 30 09:38:31 2004
MD5 Checksum:3abc59c49deb724310ded2e6b6779685

 ///  File Name: SSA-20041215-19.txt
Description:
STG Security Advisory: MediaWiki versions 1.3.8 and below have an input validation flaw that can allow malicious attackers the ability to run arbitrary commands with the privilege of the HTTPD process, which is typically run as the nobody user.
Author:Jeremy Bae
Homepage:http://stgsecurity.com/
File Size:1560
Last Modified:Dec 30 09:40:03 2004
MD5 Checksum:ce30c0ea30a77f1397fa37a3336c979f

 ///  File Name: SSRT4687.txt
Description:
HP Security Bulletin - A potential vulnerability has been identified with the HP-UX newgrp(1) command that may allow authorized users to elevate privileges. Affected versions are HP-UX B.11.00, B.11.04, B.11.11.
Homepage:http://www.hp.com/
File Size:6252
Last Modified:Dec 30 22:22:20 2004
MD5 Checksum:034da78b0a883d952e92b38d095fce9e

 ///  File Name: SSRT4699.txt
Description:
HP Security Bulletin - A potential security vulnerability has been identified with System Administration Manager (SAM) running on HP-UX that may allow local unauthorized privileges. Affected Versions: HP-UX B.11.00, B.11.11, B.11.22, and B.11.23.
Homepage:http://www.hp.com/
File Size:7174
Last Modified:Dec 31 22:59:23 2004
MD5 Checksum:c14db62e19bc70eeec74f51a043a334c

 ///  File Name: SUSE-SA-2004-046.txt
Description:
SUSE Security Announcement - Due to missing argument checking in the 32 bit compatibility system call handler in the 2.4 Linux Kernel on the AMD64 platform a local attacker can gain root access using a simple program. This is a 2.4 Kernel and AMD64 specific problem, other architectures and the 2.6 Kernel are not affected.
Homepage:http://www.suse.com/
File Size:18169
Related CVE(s):CAN-2004-1144
Last Modified:Dec 31 20:43:26 2004
MD5 Checksum:dcd3e7be16864e0aa02410167a3b2cca

 ///  File Name: TA04-356A.txt
Description:
Technical Cyber Security Alert TA04-356A - The software phpBB contains an input validation problem in how it processes a parameter contained in URLs. An intruder can deface a phpBB website, execute arbitrary commands, or gain administrative privileges on a compromised bulletin board. Systems Affected: phpBB versions 2.0.10 and prior.
Homepage:http://www.us-cert.gov/cas/techalerts/TA04-356A.html
File Size:3607
Last Modified:Dec 31 20:18:28 2004
MD5 Checksum:fac18e58404274a340e48e35f2d2d867

 ///  File Name: tlen.txt
Description:
Tlen.pl versions 5.23.4.1 and below suffer from a remote script execution vulnerability.
Author:Blazej Miga, Jaroslaw Sajko
File Size:1011
Last Modified:Dec 30 22:55:23 2004
MD5 Checksum:d57733ca64397c04bd3e402f18efe4ca

 ///  File Name: tnftp.txt
Description:
A flaw in tnftp exists where it fails to properly validate file names provided by the server. Successful exploitation allows overwriting local files, but requires that a user connects to a malicious ftp server and downloads files.
Author:Yosef Klein
Homepage:http://tigger.uic.edu/~jlongs2/holes/tnftp.txt
File Size:1349
Last Modified:Dec 30 10:33:16 2004
MD5 Checksum:d58a198fffb693611506577277aafb20

 ///  File Name: uml-utilites.txt
Description:
uml-utilities version 20030903 is susceptible to a denial of service vulnerability via the uml-net utility running setuid root and being able to take down the system's ethernet connection.
Author:Danny Lungstrom
File Size:996
Last Modified:Dec 30 21:58:34 2004
MD5 Checksum:db4d432b0f456497f398b6080fdc7125

 ///  File Name: unrtf.txt
Description:
A buffer overflow in UnRTF version 0.19.3 may allow for system compromise.
Author:Yosef Klein, Limin Wang
File Size:1917
Last Modified:Dec 30 22:09:25 2004
MD5 Checksum:295256bfc6f864de8855ac59a2384636

 ///  File Name: USN-38-1.txt
Description:
Ubuntu Security Notice USN-38-1 - This advisory covers all the recent vulnerabilities discovered in the Linux 2.6 kernel series.
Homepage:http://security.ubuntu.com/
File Size:31635
Related CVE(s):CAN-2004-0814, CAN-2004-1016, CAN-2004-1056, CAN-2004-1058, CAN-2004-1068, CAN-2004-1069, CAN-2004-1137, CAN-2004-1151
Last Modified:Dec 30 08:38:30 2004
MD5 Checksum:88679576589056438defd292bb5f5024

 ///  File Name: USN-44-1.txt
Description:
Ubuntu Security Notice USN-44-1 - A race condition and possible information leak has been discovered in Perl's File::Path::rmtree(). This function changes the permission of files and directories before removing them to avoid problems with wrong permissions. However, they were made readable and writable not only for the owner, but for the entire world, which opened a race condition and a possible information leak (if the actual removal of a file/directory failed for some reason).
Homepage:http://security.ubuntu.com/
File Size:5251
Related CVE(s):CAN-2004-0452
Last Modified:Dec 31 19:40:13 2004
MD5 Checksum:f36049507fc74af08c2d0ec7d64b3813

 ///  File Name: vb2c.txt
Description:
A buffer overflow in the vb2c 0.02 parse() function allows for system compromise.
Author:Qiao Zhang
File Size:1571
Last Modified:Dec 30 21:59:48 2004
MD5 Checksum:e86c43e351f45c3ad96d9181336c899a

 ///  File Name: vilistextum.txt
Description:
Vilistextum version 2.6.6 is susceptible to a buffer overflow in the get_attr() function.
Author:Ariel Berkman
File Size:1792
Last Modified:Dec 30 22:04:55 2004
MD5 Checksum:bf08708a98b0a42384791a1dce9df5fd

 ///  File Name: winamp507crash.txt
Description:
Winamp 5.07 is susceptible to denial of service attacks due to file mishandling.
Author:Alan M aka b0f
File Size:1985
Last Modified:Dec 30 07:44:04 2004
MD5 Checksum:e8be87e3716e6df0f867bc1428c620d9

 ///  File Name: workboard.txt
Description:
A cross site scripting flaw exists in the Workboard 1.x module for PHP-Nuke.
Author:Lostmon
File Size:1434
Last Modified:Dec 31 10:21:31 2004
MD5 Checksum:342565c74d5aa6fff43d4d22935e03bf

 ///  File Name: xine-lib.txt
Description:
A boundary error condition in xine-lib versions 1-rc5 and 1-rc7 allows for arbitrary code execution.
Author:Ariel Berkman
Homepage:http://tigger.uic.edu/~jlongs2/holes/xine-lib.txt
File Size:1793
Last Modified:Dec 30 10:28:38 2004
MD5 Checksum:ff26c74368757ae959f8e15478702404

 ///  File Name: xlreader.txt
Description:
xlreader version 0.9.0 is susceptible to a buffer overflow condition in the book_format_sql() function.
Author:Tom Palarz, Kris Kubicki
File Size:1973
Last Modified:Dec 30 22:03:33 2004
MD5 Checksum:3d12a416c48f0834d6c769963b04f3f0