Section:  .. / 0408-advisories  /

Page 4 of 6
<< 1 2 3 4 5 6 >> Files 75 - 100 of 147
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: NGSEC-2004-6.txt
Description:
Next Generation Advisory NGSEC-2004-6 - The IPD, or Integrity Protection Driver, from Pedestal Software suffers from an unvalidated pointer referencing in some of its kernel hooks. Any local and unauthorized user can crash the system with some simple coding skills. Versions up to 1.4 are affected.
Author:Ferm�n J. Serna
Homepage:http://www.ngsec.com/
Related Exploit:ipd-dos.c"
File Size:2667
Last Modified:Aug 18 02:36:57 2004
MD5 Checksum:0c147bf2fcf8f63236393de9fcf0d409

 ///  File Name: NGSEC-2004-7.txt
Description:
Next Generation Advisory NGSEC-2004-7 - NtRegmon, the Registry monitoring utility for Windows, suffers from an unvalidated pointer referencing. While any privileged user is using NtRegmon, any local and unauthorized user can crash the system. Versions below 6.12 are susceptible.
Author:Ferm�n J. Sern/a>
Homepage:http://www.ngsec.com/
File Size:2540
Last Modified:Aug 26 22:12:53 2004
MD5 Checksum:0fe7c24bff3aa28d43b7413f8a80d29e

 ///  File Name: nihuoXSS.txt
Description:
Nihuo Web Log Analyzer version 1.6 is susceptible to a cross site scripting attack.
Author:Audun Larsen
File Size:2177
Last Modified:Aug 24 08:44:20 2004
MD5 Checksum:c32a1e68f45854e1c94352646f397e13

 ///  File Name: openbsdDoS.txt
Description:
OpenBSD 3.5 is susceptible to a remote denial of service attack via a single ICMP echo request when set up as a gateway. Patch from OpenBSD included.
Author:Vafa Izadinia
File Size:1840
Last Modified:Aug 31 01:58:08 2004
MD5 Checksum:daeff80712162785ed832644720c5da5

 ///  File Name: oracleEscalation.txt
Description:
Any oracle, ias, iasr2, or iasdb users with local access to an Oracle database can gain root privileges through the Oracle installation. Versions affected include, but are not limited to: Oracle 8i Linux Platform, Oracle 9i Linux Platform, Oracle 8i HP-UX Platform, Oracle 9i Solaris Platform, Oracle IAS 9.0.2.0.1 with patchset v9.0.2.3.
Author:Juan Manuel Pascual Escriba
File Size:3715
Last Modified:Aug 5 06:54:00 2004
MD5 Checksum:a6d3218940b0ca97752342306326a083

 ///  File Name: outlookNoBCC.html
Description:
E-mail recipients who are listed in the BCC box can be viewed by e-mail recipients who are listed in the To and CC boxes when you send a multi-part e-mail message by using Outlook Express 6.0
Homepage:http://support.microsoft.com/default.aspx?scid=kb;EN-US;843555
File Size:5891
Last Modified:Aug 26 23:17:39 2004
MD5 Checksum:0d81541e32da87256bd0786496c3f1de

 ///  File Name: pads.adv.txt
Description:
Pads version 1.1 is susceptible to a stack overflow. This tool is not setuid by default so the risk is minimal. Version 1.1.1 fixes this.
Author:ChrisR-
Homepage:http://www.cr-secure.net
Related File:pads-1.1.1.tar.gz
File Size:1752
Last Modified:Aug 19 05:10:43 2004
MD5 Checksum:ded66f6133f70e649550ddae4b1f4016

 ///  File Name: painkiller131.txt
Description:
Painkiller versions 1.3.1 and below have a memory corruption flaw with limited code execution possibilities.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:painkex.zip"
File Size:2815
Last Modified:Aug 26 21:24:20 2004
MD5 Checksum:a76cebe5fbd44a2d121210f1cf27db83

 ///  File Name: phpcodeXSS.txt
Description:
The PHP Code Snippet Library suffers from multiple cross site scripting flaws.
Author:Nikyt0x
Homepage:http://nikyt0x.webcindario.com
File Size:799
Last Modified:Aug 26 21:54:10 2004
MD5 Checksum:aff61ed38393ebfb61960afb38496665

 ///  File Name: phpMyWeb.txt
Description:
phpmywebhosting 0.3.4 has a SQL injection vulnerability where an attacker can be authenticated as an admin by just using [usr= admin"-(] and [pass="asdf].
Author:Matias Neiff
File Size:1064
Last Modified:Aug 20 09:04:57 2004
MD5 Checksum:ed3f16e9ac6ef06ba409a0b3068c9753

 ///  File Name: phpWeird.txt
Description:
Special requests using PHP on Apache go unlogged and cause a segfault. Tested systems: Windows / Apache 1.3.31 / PHP 5.0.0, Windows / Apache 1.3.27 / PHP 4.3.3, Linux / Apache 1.3.24 / PHP 4.2.
Author:Anthony Debhian
File Size:941
Last Modified:Aug 10 02:04:37 2004
MD5 Checksum:61b2fd5728f1287bef46a27d2f1ad3f1

 ///  File Name: ptl-2004-03.txt
Description:
An unauthenticated remote attacker can submit various malformed service requests via Bluetooth, triggering a buffer overflow and executing arbitrary code on vulnerable devices using WIDCOMM Bluetooth Connectivity Software. All releases prior to 3.0 are affected.
Author:Mark Rowe, Matt Moore
Homepage:http://www.pentest.co.uk/documents/ptl-2004-03.html
File Size:4337
Related CVE(s):CAN-2004-0775
Last Modified:Aug 12 09:41:46 2004
MD5 Checksum:bfed25095a7e4597170fa58ba13ae4a0

 ///  File Name: putty-advisory.txt
Description:
Putty client versions below 0.55 suffer from a flaw that allow for arbitrary code execution.
Author:Daniel De Luca, Laura Nunez, Carlos Sarraute
Homepage:http://www.coresecurity.com/common/showdoc.php?idx=417&idxseccion=10
File Size:5111
Last Modified:Aug 5 08:02:44 2004
MD5 Checksum:031610ab69b910612eebb07fdf17a6bf

 ///  File Name: QuiXplorer23.txt
Description:
QuiXplorer versions below 2.3 allow for full file disclosure and web server user read access due to a directory traversal vulnerability.
Author:Cyrille Barthelemy
File Size:2284
Last Modified:Aug 17 01:57:57 2004
MD5 Checksum:4345e035e35fde25e0739e457216a979

 ///  File Name: rediffnewreport.txt
Description:
Multiple filter bypass vulnerabilities have been discovered in rediffmail.com.
Author:Viper
File Size:9738
Last Modified:Aug 26 23:20:13 2004
MD5 Checksum:df19239f1198cb933045a509aee1fc9b

 ///  File Name: ripMIME.txt
Description:
A security flaw in ripMIME version 1.x allows attackers to bypass filtering software.
Homepage:http://www.pldaniels.com/ripmime/CHANGELOG
File Size:665
Last Modified:Aug 5 07:06:56 2004
MD5 Checksum:096acc5cdc5f1361b2c6174229e47b36

 ///  File Name: rsync.nochroot.html
Description:
rsync versions 2.6.2 and below have a flaw that allows malicious users to read or write arbitrary files on a vulnerable system. In order to exploit this vulnerability, the rsync daemon cannot be running in a chroot.
Homepage:http://samba.org/rsync/#security_aug04
File Size:1482
Last Modified:Aug 17 06:01:54 2004
MD5 Checksum:bde1df497be1b07569709c32f3c9a261

 ///  File Name: SA-20040802.txt
Description:
A denial of service vulnerability exists in GnuTLS versions prior to 1.0.17. The flaw lies in a failure to handle overly long RSA keys.
Author:Patrik Hornik
Homepage:http://www.hornik.sk/SA/SA-20040802.txt
File Size:2986
Last Modified:Aug 5 06:48:42 2004
MD5 Checksum:05475259543d443fb7f1c2f23e08279c

 ///  File Name: sa12192.txt
Description:
Secunia Security Advisory - Microsoft has issued an update for Internet Explorer. This fixes three vulnerabilities, allowing malicious websites to cause a DoS or compromise a system.
Homepage:http://secunia.com/advisories/12192/
File Size:3557
Related CVE(s):CAN-2004-0549, CAN-2004-0566, CAN-2003-1048
Last Modified:Aug 5 06:00:21 2004
MD5 Checksum:f3d8b890b958ba937adaa5d7a8752ce5

 ///  File Name: sa12254.txt
Description:
Secunia Security Advisory - Multiple vulnerabilities have been reported in Symantec Clientless VPN Gateway 4400 Series, where some have an unknown impact and others can be exploited to conduct cross-site scripting attacks or manipulate users' signon information.
Homepage:http://secunia.com/advisories/12254/
File Size:2223
Last Modified:Aug 11 02:30:13 2004
MD5 Checksum:4a9b8fb475f433345bee811648c1e855

 ///  File Name: sa12260.txt
Description:
Secunia Security Advisory - Debasis Mohanty has reported a vulnerability in CuteNews, which can be exploited by malicious people to conduct cross-site scripting attacks.
Homepage:http://secunia.com/advisories/12260/
File Size:2014
Last Modified:Aug 17 02:01:58 2004
MD5 Checksum:cf51d9daffa6dca8a72d5c26a2ff55cf

 ///  File Name: sa12261.txt
Description:
Secunia Security Advisory - Microsoft has released an update for Exchange Server 5.5 SP4. This fixes a vulnerability, allowing malicious people to conduct script insertion attacks. The vulnerability is caused due to an input validation error in a HTML redirection query. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected website when a malicious entry is viewed. This vulnerability affects Microsoft Exchange 5.5 with Service Pack 4.
Homepage:http://secunia.com/advisories/12261/
File Size:2054
Last Modified:Aug 11 02:49:46 2004
MD5 Checksum:07b9deeae3068944868026d1ae63a15b

 ///  File Name: sa12269.txt
Description:
Secunia Security Advisory - Multiple unspecified vulnerabilities have been reported in IceWarp 1.x through 5.x Web Mail, which can potentially be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, access sensitive information, and manipulate the file system.
Homepage:http://secunia.com/advisories/12269/
File Size:2794
Last Modified:Aug 12 09:22:11 2004
MD5 Checksum:7c144959b5c1ba033aa319ccb58a3f81

 ///  File Name: sa12270.txt
Description:
Secunia Security Advisory - Ziv Kamir has reported a vulnerability in Shuttle FTP Suite 3.x, which can be exploited by malicious people to read or place files in arbitrary locations on a vulnerable system.
Homepage:http://secunia.com/advisories/12270/
File Size:1797
Last Modified:Aug 12 09:50:37 2004
MD5 Checksum:c82b1b92efa906dad24b68f93ad9905d

 ///  File Name: sa12272.txt
Description:
Secunia Security Advisory - Ziv Kamir has reported some vulnerabilities in Keene Digital Media Server, which can be exploited by malicious people to retrieve sensitive information and perform administrative tasks. The vulnerabilities have been reported in version 1.0.2. Other versions may also be affected.
Homepage:http://secunia.com/advisories/12272/
File Size:2395
Last Modified:Aug 13 09:03:20 2004
MD5 Checksum:a14547b8c601f5061063e040720941a7