Section:  .. / 0411-advisories  /

Page 3 of 7
<< 1 2 3 4 5 6 7 >> Files 50 - 75 of 167
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: eEye.kerio.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a severe denial of service vulnerability in the Kerio Personal Firewall product for Windows. The vulnerability allows a remote attacker to reliably render a system inoperative with one single packet. Physical access is required in order to bring an affected system out of this "frozen" state. This specific flaw exists within the component that performs low level processing of TCP, UDP, and ICMP packets. Kerio Personal Firewall 4.1.1 and prior.
Author:Karl Lynn
Homepage:http://www.eeye.com
File Size:3775
Last Modified:Nov 10 08:44:05 2004
MD5 Checksum:a3c41e8aa0c8c8f7f668532ea2cd2038

 ///  File Name: alcateladsl.txt
Description:
The Alcatel/Thomson Speed Touch Pro ADSL modem suffers two security flaws allowing an insider to poison the intranet zone configured in the modem's embedded DNS server.
Author:Gregory Duchemin
File Size:3771
Last Modified:Nov 13 03:41:26 2004
MD5 Checksum:191ee87840d6ff0e79859f12877abc0a

 ///  File Name: tsa-053.txt
Description:
Secure Science Corporation Advisory TSA-053 - Ureach.com's Uscreen Desktop software is vulnerable to misuse and enables specific caller-id spoofing via the forward feature, enabling compromise of other communication services operating on PSTN or wireless networks.
Homepage:http://www.securescience.net
File Size:3650
Last Modified:Nov 10 07:12:14 2004
MD5 Checksum:70300e1344a32b342d544bffe2cf4ca0

 ///  File Name: swbfp.txt
Description:
Star Wars Battlefront versions 1.11 and below suffer from buffer overflow and arbitrary memory access flaws.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:swbfp.zip"
File Size:3647
Last Modified:Dec 11 20:50:46 2004
MD5 Checksum:c3912ae0b050b34f155ae1147426f5ae

 ///  File Name: lithtech.txt
Description:
The Lithtech engine used in games like Alien vs Predator 2, Blood 2, Contract Jack, Global Operations, Kiss Psycho Circus, and more, is susceptible to some format string bugs that allows for a denial of service attack.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:3538
Last Modified:Nov 10 07:14:33 2004
MD5 Checksum:e318546da1c2416c3f31eeb7de11ed77

 ///  File Name: 11.08.04.txt
Description:
iDEFENSE Security Advisory 11.08.04 - Remote exploitation of an input validation error in Samba could allow an attacker to consume system resources and potentially cause the target system to crash.
Author:Karol Wiesek
Homepage:http://www.idefense.com
File Size:3531
Related CVE(s):CAN-2004-0930
Last Modified:Nov 10 08:11:56 2004
MD5 Checksum:eeb9deef0bf252b50f560d80d13a7dda

 ///  File Name: glsa-200411-22.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-22 - Davfs2 and the lvmcreate_initrd script (included in the lvm-user package) are both vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running them.
Homepage:http://security.gentoo.org/
File Size:3529
Last Modified:Nov 13 00:56:26 2004
MD5 Checksum:fdc440dbdb97a474b1efdded01f908c9

 ///  File Name: glsa-200411-32.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-32 - phpBB contains a vulnerability which allows a remote attacker to execute arbitrary commands with the rights of the web server user.
Homepage:http://security.gentoo.org/
File Size:3497
Last Modified:Dec 11 20:13:08 2004
MD5 Checksum:9fc2a7d7d045d34c68e8b3c25e14c2ef

 ///  File Name: glsa-200411-13.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-13 - dispatch-conf (included in Portage) and qpkg (included in Gentoolkit) are vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the script.
Homepage:http://security.gentoo.org/
File Size:3389
Last Modified:Nov 10 07:39:25 2004
MD5 Checksum:ed2f6f408c521c087022963071591858

 ///  File Name: glsa-200411-14.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-14 - Kaffeine and gxine both contain a buffer overflow that can be exploited when accessing content from a malicious HTTP server with specially crafted headers.
Homepage:http://security.gentoo.org/
File Size:3361
Last Modified:Nov 10 07:40:02 2004
MD5 Checksum:3b65f01191410c35c84ef4b8170fe9d8

 ///  File Name: glsa-200411-26.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-26 - Improper file ownership allows user-owned files to be run with root privileges by init scripts. These vulnerabilities exist within GIMPS, SETI@home, and ChessBrain.
Homepage:http://security.gentoo.org/
File Size:3192
Last Modified:Nov 20 22:52:00 2004
MD5 Checksum:0212702ca6587e05a1c0a3aaa53fd0e2

 ///  File Name: sa13093.txt
Description:
Secunia Security Advisory - Gemma Hughes has reported some vulnerabilities in MailPost, which can be exploited by malicious people to disclose some system information and conduct cross-site scripting attacks.
Homepage:http://secunia.com/advisories/13093/
File Size:3189
Last Modified:Nov 5 05:35:46 2004
MD5 Checksum:9d6230877ee15d2a760f8424ce98ab8b

 ///  File Name: payflow.txt
Description:
An attacker can change hidden fields to any dollar amount and misrepresent purchases for businesses providing products or services using the PayFlow Link system.
Homepage:http://www.shirkdog.us
File Size:3128
Last Modified:Dec 12 00:22:19 2004
MD5 Checksum:3a582e3b889a0f3d8bee282de181ea1d

 ///  File Name: sunjava.txt
Description:
A vulnerability in Java Plugin allows an attacker to create an Applet which can disable Java's security restrictions and break out of the Java sandbox. The attack can be launched when a victim views a web page created by the attacker. Further user interaction is not required as Java Applets are normally loaded and started automatically. Versions affected are below 1.4.2_06.
Author:Jouko Pynnonen
Homepage:http://iki.fi/jouko/
File Size:3055
Last Modified:Dec 11 19:41:10 2004
MD5 Checksum:cfc32dc03acc5ffbde59bf5570ae0aca

 ///  File Name: twiki.txt
Description:
Remote attackers are able to execute arbitrary commands in the context of the TWiki process for TWiki versions 20030201 and possibly in other versions as well. This flaw is due to a lack of proper sanitization of user input.
Author:Markus Goetz, Joerg Hoh, Michael Holzt, Florian Laws, Hans Ulrich Niedermann, Andreas Thienemann, Peter Thoeny, Florian Weimer
File Size:3009
Last Modified:Nov 13 03:51:46 2004
MD5 Checksum:85810c3d649c0c62625bec8940fa259f

 ///  File Name: sns79.txt
Description:
SNS Advisory 79 - Microsoft Internet Explorer contains a vulnerability that could cause a Cookie to be overwritten under certain conditions. Tested against Microsoft Internet Explorer 6.0 Service Pack 1.
Author:Keigo Yamazaki
Homepage:http://www.lac.co.jp/business/sns/intelligence/SNSadvisory_e/79_e.html
File Size:2999
Last Modified:Nov 20 22:16:38 2004
MD5 Checksum:45b72782c7c2894e84ce1cc1f110be0e

 ///  File Name: glsa-200411-31.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-31 - ProZilla contains several buffer overflow vulnerabilities that can be exploited by a malicious server to execute arbitrary code with the rights of the user running ProZilla.
Homepage:http://security.gentoo.org/
File Size:2996
Last Modified:Dec 11 19:50:28 2004
MD5 Checksum:85f24611e07ca211e1fd687a36047e1d

 ///  File Name: phpbb2.txt
Description:
PHPBB version 2.0.x - 2.0.10 is susceptible to a SQL injection attack.
Author:How Dark
Homepage:http://www.howdark.com/
File Size:2963
Last Modified:Nov 13 05:11:26 2004
MD5 Checksum:f013594cd91af3533eeaa247087560e9

 ///  File Name: sa13321.txt
Description:
Secunia Security Advisory - Two vulnerabilities have been reported in Groupmax World Wide Web and Groupmax World Wide Web Desktop, which can be exploited to conduct cross-site scripting attacks or access arbitrary HTML files.
Homepage:http://secunia.com/advisories/13321/
File Size:2936
Last Modified:Dec 11 23:52:13 2004
MD5 Checksum:d518ebc53d84625b6ad79a0fe0f7f83d

 ///  File Name: glsa-200411-07.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-07 - Proxytunnel is vulnerable to a format string vulnerability, potentially allowing a remote server to execute arbitrary code with the rights of the Proxytunnel process.
Homepage:http://security.gentoo.org/
File Size:2906
Last Modified:Nov 5 05:07:47 2004
MD5 Checksum:8376ae5d5d412ff99b3496dc50ab6516

 ///  File Name: appservVulns.txt
Description:
AppServ versions 2.5.x and below use a blank root password allowing for compromise.
Author:saudi linux
File Size:2866
Last Modified:Nov 20 23:20:46 2004
MD5 Checksum:9132dd67cf51cae3f712c0a9c9fe1495

 ///  File Name: glsa-200411-36.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-36 - phpMyAdmin is vulnerable to cross-site scripting attacks. Versions below 2.6.0_p3 are susceptible.
Homepage:http://security.gentoo.org/
File Size:2851
Last Modified:Dec 11 23:28:15 2004
MD5 Checksum:0cba9bec4ac429bd0b575fcffd79e403

 ///  File Name: kdeSMB.txt
Description:
The KDE program Konquerer allows for browsing SMB shares comfortably through the GUI. By placing a shortcut to an SMB share on KDE's desktop, an attacker can disclose his victim's password in plaintext.
Author:Daniel Fabian
File Size:2831
Last Modified:Dec 11 23:44:55 2004
MD5 Checksum:8508f86470ecc4ddc611025de042ceb9

 ///  File Name: glsa-200411-29.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-29 - unarj contains a buffer overflow and a directory traversal vulnerability. This could lead to overwriting of arbitrary files or the execution of arbitrary code.
Homepage:http://security.gentoo.org/
File Size:2817
Last Modified:Nov 20 23:52:00 2004
MD5 Checksum:d64e8594bc3721d95c03e41c483c0370

 ///  File Name: Callwave.txt
Description:
Callwave.com's customer service automated termination service is vulnerable to caller-ID authentication spoofing, enabling arbitrary termination of customer accounts.
Author:Lance James
Homepage:http://www.securescience.net
File Size:2790
Last Modified:Nov 5 05:32:09 2004
MD5 Checksum:fcf784ebeae36f9b99c50eef39751bce