Section:  .. / 0411-advisories  /

Page 6 of 7
<< 1 2 3 4 5 6 7 >> Files 125 - 150 of 167
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: glsa-200411-14.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-14 - Kaffeine and gxine both contain a buffer overflow that can be exploited when accessing content from a malicious HTTP server with specially crafted headers.
Homepage:http://security.gentoo.org/
File Size:3361
Last Modified:Nov 10 07:40:02 2004
MD5 Checksum:3b65f01191410c35c84ef4b8170fe9d8

 ///  File Name: glsa-200411-13.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-13 - dispatch-conf (included in Portage) and qpkg (included in Gentoolkit) are vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the script.
Homepage:http://security.gentoo.org/
File Size:3389
Last Modified:Nov 10 07:39:25 2004
MD5 Checksum:ed2f6f408c521c087022963071591858

 ///  File Name: up-imapproxy.txt
Description:
There are various bugs in up-imapproxy which can crash it. Since up-imapproxy runs in a single process with each connection handled in a separate thread, any crash kills all the connections and stops listening for new ones.
Author:Timo Sirainen
File Size:11516
Last Modified:Nov 10 07:38:32 2004
MD5 Checksum:d0aec8a29faba34d46268234037bbfef

 ///  File Name: 602Lansuite.txt
Description:
602 Lan Suite versions 2004.0.04.0909 and below are susceptible to resource consumption and socket consumption attacks.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:602res.zip"
File Size:2582
Last Modified:Nov 10 07:24:24 2004
MD5 Checksum:4c3490c7aa4d9d23be1995c9dba449c1

 ///  File Name: lithtech.txt
Description:
The Lithtech engine used in games like Alien vs Predator 2, Blood 2, Contract Jack, Global Operations, Kiss Psycho Circus, and more, is susceptible to some format string bugs that allows for a denial of service attack.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:3538
Last Modified:Nov 10 07:14:33 2004
MD5 Checksum:e318546da1c2416c3f31eeb7de11ed77

 ///  File Name: tsa-053.txt
Description:
Secure Science Corporation Advisory TSA-053 - Ureach.com's Uscreen Desktop software is vulnerable to misuse and enables specific caller-id spoofing via the forward feature, enabling compromise of other communication services operating on PSTN or wireless networks.
Homepage:http://www.securescience.net
File Size:3650
Last Modified:Nov 10 07:12:14 2004
MD5 Checksum:70300e1344a32b342d544bffe2cf4ca0

 ///  File Name: sa13103.txt
Description:
Secunia Security Advisory - A vulnerability with an unknown impact has been reported in Sophos MailMonitor.
Homepage:http://secunia.com/advisories/13103/
File Size:2135
Last Modified:Nov 10 07:05:18 2004
MD5 Checksum:8e6abcac0e089a2f23c1fddef23f06d1

 ///  File Name: dsa-585.txt
Description:
Debian Security Advisory 585-1 - A vulnerability has been discovered in the shadow suite which provides programs like chfn and chsh. It is possible for a user, who is logged in but has an expired password to alter his account information with chfn or chsh without having to change the password. The problem was originally thought to be more severe.
Homepage:http://www.debian.org/security/
File Size:6619
Related CVE(s):CAN-2004-1001
Last Modified:Nov 10 07:04:12 2004
MD5 Checksum:e464c4aa53bde0f239a0f286dca0dc7b

 ///  File Name: sa13091.txt
Description:
Secunia Security Advisory - Some vulnerabilities have been reported in Moodle, which can be exploited by malicious people to conduct SQL injection attacks.
Homepage:http://secunia.com/advisories/13091/
File Size:2293
Last Modified:Nov 10 07:00:38 2004
MD5 Checksum:209acd160462d3e10dcbe14fb1c0ad2e

 ///  File Name: 20041104-1.txt
Description:
Symantec LiveUpdate is susceptible to compressed archive attacks known as zip bombing.
Homepage:http://www.hexview.com/
File Size:4488
Last Modified:Nov 5 05:37:44 2004
MD5 Checksum:bbe97d4e3a80efbbd9bcbac09a1d69d6

 ///  File Name: glsa-200411-09.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-09 - A flaw in the chfn and chsh utilities might allow modification of account properties by unauthorized users.
Homepage:http://security.gentoo.org/
File Size:2501
Last Modified:Nov 5 05:36:33 2004
MD5 Checksum:6cff1f3b4a247ab2fc6cb3ba1052c390

 ///  File Name: sa13093.txt
Description:
Secunia Security Advisory - Gemma Hughes has reported some vulnerabilities in MailPost, which can be exploited by malicious people to disclose some system information and conduct cross-site scripting attacks.
Homepage:http://secunia.com/advisories/13093/
File Size:3189
Last Modified:Nov 5 05:35:46 2004
MD5 Checksum:9d6230877ee15d2a760f8424ce98ab8b

 ///  File Name: 20041103-1.txt
Description:
Zip console application by Info-Zip is susceptible to a buffer overflow condition that can be triggered and exploited during a recursive compression operation.
Homepage:http://www.hexview.com/
File Size:4208
Last Modified:Nov 5 05:33:20 2004
MD5 Checksum:a935cf0a01b3ad7007cda55353b3743f

 ///  File Name: Callwave.txt
Description:
Callwave.com's customer service automated termination service is vulnerable to caller-ID authentication spoofing, enabling arbitrary termination of customer accounts.
Author:Lance James
Homepage:http://www.securescience.net
File Size:2790
Last Modified:Nov 5 05:32:09 2004
MD5 Checksum:fcf784ebeae36f9b99c50eef39751bce

 ///  File Name: sa13086.txt
Description:
Secunia Security Advisory - plonk has discovered a weakness in Mozilla and Thunderbird, which can be exploited by malicious people to enumerate valid email addresses.
Homepage:http://secunia.com/advisories/13086/
File Size:2259
Last Modified:Nov 5 05:14:16 2004
MD5 Checksum:2df221e5e4772fe05b8868596a49a010

 ///  File Name: fsavmse63x-02_readme.txt
Description:
A vulnerability has been discovered in F-Secure Anti-Virus for MS Exchange, which may prevent detection of malware in certain archives.
Homepage:http://www.f-secure.com
File Size:2598
Last Modified:Nov 5 05:13:19 2004
MD5 Checksum:b75d7dc783e6d595bb0c9ebd12cec726

 ///  File Name: sa13071.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Gallery, which can be exploited by malicious people to conduct script insertion attacks. Some unspecified input is not properly sanitised before being used. This can be exploited to inject arbitrary HTML and script code, which is executed in a user's browser session in context of an affected site when the malicious user data is viewed.
Homepage:http://secunia.com/advisories/13071/
File Size:2258
Last Modified:Nov 5 05:12:13 2004
MD5 Checksum:defbf0eb432caa1a5702da3935d28957

 ///  File Name: sa13074.txt
Description:
Secunia Security Advisory - Two vulnerabilities have been reported in FsPHPGallery, which can be exploited by malicious people to cause a DoS (Denial of Service) and disclose system information.
Homepage:http://secunia.com/advisories/13074/
File Size:2355
Last Modified:Nov 5 05:10:37 2004
MD5 Checksum:8b25aa6c00e2789c264dd0f1de0575ae

 ///  File Name: sa13073.txt
Description:
Secunia Security Advisory - Some vulnerabilities have been reported in Gbook MX, which can be exploited by malicious people to conduct SQL injection attacks. Gbook MX fails to verify input passed to various scripts properly before it is used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
Homepage:http://secunia.com/advisories/13073/
File Size:2080
Last Modified:Nov 5 05:09:59 2004
MD5 Checksum:7b5d24ef6e01f64d2d33ba9acb8cc978

 ///  File Name: glsa-200411-07.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-07 - Proxytunnel is vulnerable to a format string vulnerability, potentially allowing a remote server to execute arbitrary code with the rights of the Proxytunnel process.
Homepage:http://security.gentoo.org/
File Size:2906
Last Modified:Nov 5 05:07:47 2004
MD5 Checksum:8376ae5d5d412ff99b3496dc50ab6516

 ///  File Name: 57669.html
Description:
Sun Security Advisory - Using malformed client certificates, a remote unprivileged user may be able to crash a Sun Java System Web Server or a Sun Java System Application Server.
Homepage:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57669-1
File Size:6912
Last Modified:Nov 5 05:06:55 2004
MD5 Checksum:23f2769288782ec5810717b475bc778f

 ///  File Name: urlSpoofMSIE.txt
Description:
There is a security bug in Microsoft Internet Explorer, which allows to show any faked target-address in the status bar of the window. Tested in Microsoft Internet Explorer 6 SP1 (6.0.2800.1106) with all patches installed on Windows 98.
Author:Benjamin Tobias Franz
File Size:1942
Last Modified:Nov 5 05:03:50 2004
MD5 Checksum:b82e2cc260d1b64d199dc6847af1468a

 ///  File Name: glsa-200411-06.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-06 - MIME-tools does not handle empty MIME boundaries correctly. This may prevent some virus-scanning programs which use MIME-tools from detecting certain viruses.
Homepage:http://security.gentoo.org/
File Size:2549
Last Modified:Nov 5 05:01:24 2004
MD5 Checksum:ad64d8654439419b71edbd1c9ce3dc17

 ///  File Name: msISAauthbypass.txt
Description:
Methods exist to allow for Microsoft ISA authentication bypass when the server is configured as a proxy.
Author:Debasis Mohanty
Homepage:http://www.hackingspirits.com
File Size:3825
Last Modified:Nov 5 04:58:31 2004
MD5 Checksum:da0d366ebc0b3b7b38a77a637ae9c66c

 ///  File Name: cisco-sa-20041102-acs-eap-tls.txt
Description:
Cisco Security Advisory - A Cisco Secure Access Control Server (ACS) that is configured to use Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) to authenticate users to the network will allow access to any user that uses a cryptographically correct certificate as long as the user name is valid. Cryptographically correct means that the certificate is in the appropriate format and contains valid fields. The certificate can be expired, or come from an untrusted Certificate Authority (CA) and still be cryptographically correct. Only version 3.3.1 of the Cisco Secure ACS for Windows and Cisco Secure ACS Solution Engine is affected by this vulnerability.
Homepage:http://www.cisco.com/warp/public/707/cisco-sa-20041102-acs-eap-tls.shtml
File Size:12254
Last Modified:Nov 5 04:52:27 2004
MD5 Checksum:3b707460e6855b85957c688550c55215