Section:  .. / 0411-advisories  /

Page 7 of 7
<< 1 2 3 4 5 6 7 >> Files 150 - 167 of 167
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: squirrelXSS.txt
Description:
SquirrelMail versions 1.4.3a and below suffer from a cross site scripting issue in the decoding of encoded text in certain headers. It correctly decodes the specially crafted header, but does not sanitize the decoded strings.
Author:Joost Pol
Homepage:http://www.squirrelmail.org
File Size:1939
Last Modified:Nov 12 04:41:47 2004
MD5 Checksum:e2157d9b8a998aad296e8c1f503db370

 ///  File Name: SSA-20041122-09.txt
Description:
STG Security Advisory: cscope is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the right of the user running them, which could be root.
Author:Jeremy Bae
Homepage:http://stgsecurity.com/
File Size:2233
Last Modified:Dec 11 20:04:04 2004
MD5 Checksum:bf49f8764a822bfd3c05ed3e40c2795e

 ///  File Name: ssfakep.txt
Description:
The Serious engine for games like Alpha Black Zero and Nitro family fails to limit the amount of new players joining a game, allowing for a denial of service. Only one UDP packet is needed to create a fake player.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:ssfakep.zip"
File Size:1898
Last Modified:Dec 11 23:37:53 2004
MD5 Checksum:955520e43052f03cc7cba58f2fd9dc4f

 ///  File Name: sunjava.txt
Description:
A vulnerability in Java Plugin allows an attacker to create an Applet which can disable Java's security restrictions and break out of the Java sandbox. The attack can be launched when a victim views a web page created by the attacker. Further user interaction is not required as Java Applets are normally loaded and started automatically. Versions affected are below 1.4.2_06.
Author:Jouko Pynnonen
Homepage:http://iki.fi/jouko/
File Size:3055
Last Modified:Dec 11 19:41:10 2004
MD5 Checksum:cfc32dc03acc5ffbde59bf5570ae0aca

 ///  File Name: swbfp.txt
Description:
Star Wars Battlefront versions 1.11 and below suffer from buffer overflow and arbitrary memory access flaws.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:swbfp.zip"
File Size:3647
Last Modified:Dec 11 20:50:46 2004
MD5 Checksum:c3912ae0b050b34f155ae1147426f5ae

 ///  File Name: TA04-315A.txt
Description:
Technical Cyber Security Alert TA04-315A - Microsoft Internet Explorer (IE) contains a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code with the privileges of the user running IE. A buffer overflow vulnerability exists in the way IE handles the SRC and NAME attributes of various elements, including FRAME, IFRAME, and EMBED. Because IE fails to properly check the size of the NAME and SRC attributes, a specially crafted HTML document can cause a buffer overflow in heap memory. Due to the dynamic nature of the heap, it is usually difficult for attackers to execute arbitrary code using this type of vulnerability.
Homepage:http://www.cert.org/
File Size:5822
Last Modified:Nov 12 05:20:52 2004
MD5 Checksum:20c99413b69e1613b32257cf78c2f275

 ///  File Name: TA04-316A.txt
Description:
Technical Cyber Security Alert TA04-316A - There is a vulnerability in the way Cisco IOS processes DHCP packets. Exploitation of this vulnerability may lead to a denial of service. The processing of DHCP packets is enabled by default.
Homepage:http://www.cert.org/
File Size:5292
Last Modified:Nov 13 00:58:09 2004
MD5 Checksum:30f6202ff0bbbd77c9257fe3ea159596

 ///  File Name: TheFaceBook.txt
Description:
TheFaceBook is susceptible to multiple cross site scripting flaws.
Author:Alex Lanstein, Ivo Parashkevov
File Size:1106
Last Modified:Nov 20 19:54:18 2004
MD5 Checksum:5cccb14645eec3850b73126b6b04d9dc

 ///  File Name: trusteXSS.txt
Description:
truste.org is susceptible to cross site scripting flaws.
Author:Andrew Smith
File Size:1312
Last Modified:Nov 10 08:09:34 2004
MD5 Checksum:7495ce240837fdb604e646db32ffab7c

 ///  File Name: tsa-053.txt
Description:
Secure Science Corporation Advisory TSA-053 - Ureach.com's Uscreen Desktop software is vulnerable to misuse and enables specific caller-id spoofing via the forward feature, enabling compromise of other communication services operating on PSTN or wireless networks.
Homepage:http://www.securescience.net
File Size:3650
Last Modified:Nov 10 07:12:14 2004
MD5 Checksum:70300e1344a32b342d544bffe2cf4ca0

 ///  File Name: twiki.txt
Description:
Remote attackers are able to execute arbitrary commands in the context of the TWiki process for TWiki versions 20030201 and possibly in other versions as well. This flaw is due to a lack of proper sanitization of user input.
Author:Markus Goetz, Joerg Hoh, Michael Holzt, Florian Laws, Hans Ulrich Niedermann, Andreas Thienemann, Peter Thoeny, Florian Weimer
File Size:3009
Last Modified:Nov 13 03:51:46 2004
MD5 Checksum:85810c3d649c0c62625bec8940fa259f

 ///  File Name: up-imapproxy.txt
Description:
There are various bugs in up-imapproxy which can crash it. Since up-imapproxy runs in a single process with each connection handled in a separate thread, any crash kills all the connections and stops listening for new ones.
Author:Timo Sirainen
File Size:11516
Last Modified:Nov 10 07:38:32 2004
MD5 Checksum:d0aec8a29faba34d46268234037bbfef

 ///  File Name: urlSpoofMSIE.txt
Description:
There is a security bug in Microsoft Internet Explorer, which allows to show any faked target-address in the status bar of the window. Tested in Microsoft Internet Explorer 6 SP1 (6.0.2800.1106) with all patches installed on Windows 98.
Author:Benjamin Tobias Franz
File Size:1942
Last Modified:Nov 5 05:03:50 2004
MD5 Checksum:b82e2cc260d1b64d199dc6847af1468a

 ///  File Name: winamp505.txt
Description:
Detailed analysis and overview of the Winamp 5.05 vulnerability recently patched.
Author:Brett Moore
Homepage:http://security-assessment.com/
File Size:3892
Last Modified:Dec 11 19:39:30 2004
MD5 Checksum:24b1db34abd1449688876f4b51823628

 ///  File Name: Winamp_IN_CDDA_Buffer_Overflow.pdf
Description:
A remotely exploitable stack overflow has been found in Winamp version 5.05 and below which allows malformed m3u playlists to execute arbitrary code. Fix available here.
Author:Brett Moore
Homepage:http://www.security-assessment.com
File Size:434867
Last Modified:Nov 24 07:31:35 2004
MD5 Checksum:7b3cfd0296132b1fdbd30266a79b6e9c

 ///  File Name: wsftp503.txt
Description:
Multiple buffer overflows exist in WS_FTP Server Version 5.03, 2004.10.14. There are four vulnerable commands that can be used to cause these buffer overflows. Three of the vulnerable commands can be used to stop the WS_FTP Server service resulting in a denial of service. The vulnerable commands are SITE, XMKD, MKD, and RNFR.
Author:Reed Arvin
Related Exploit:IPSWSFTP-exploit.c"
File Size:2019
Last Modified:Dec 12 00:12:07 2004
MD5 Checksum:8965bc3c144815e73d70ee13c356263a

 ///  File Name: zoneAdBlock.txt
Description:
ZoneAlarm Security Suite and ZoneAlarm Pro have been updated to address a vulnerability in their ad-blocking functions.
Homepage:http://www.zonelabs.com/security
File Size:4161
Last Modified:Nov 20 23:26:37 2004
MD5 Checksum:491b70c200644db74a75979fec666aef