Section:  .. / 0401-advisories  /

Page 3 of 3
<< 1 2 3 >> Files 50 - 63 of 63
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: postcal.txt
Description:
PostCalendar version 4.0.0 is susceptible to SQL injection attacks via its search functionality.
Author:Klavs Klavsen
File Size:1757
Last Modified:Jan 8 06:10:35 2004
MD5 Checksum:14f08c26adbdb194818d7625eca4adc9

 ///  File Name: 10533.txt
Description:
Secunia Security Advisory SA10533 - A vulnerability has been reported in the Linux 2.4.x kernel series, which potentially can be exploited by malicious, local users to gain knowledge of sensitive information. The vulnerability is caused due to an unspecified error in /dev/rtc real time clock routines, which may disclose parts of kernel memory to unprivileged users.
Homepage:http://www.secunia.com/advisories/10533/
File Size:1750
Last Modified:Jan 5 21:57:05 2004
MD5 Checksum:888861e9dd2d987f5e1e6725b5db2997

 ///  File Name: libtool152.txt
Description:
Versions below 1.5.2 of GNU's libtool have a symlink vulnerability that creates a temporary directory when a package using libtool is being compiled.
Author:Stefan Nordhausen
File Size:1716
Last Modified:Jan 30 11:14:00 2004
MD5 Checksum:d766b2d1a4e7de15f711c5c120268916

 ///  File Name: reptile.txt
Description:
Reptile, the web server written completely in Python, has a flaw that allows for completely CPU resource consumption which results in a denial of service.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1699
Last Modified:Jan 26 14:01:00 2004
MD5 Checksum:5b8e612733d379995d02da6b024a3cbd

 ///  File Name: phpdig16x.txt
Description:
PhpDig version 1.6.x allows for remote command execution in its config.php script. Anybody can inject a url in the relative_script_path variable and obtain command execution with web server privileges.
Author:FraMe
Homepage:http://www.kernelpanik.org
File Size:1641
Last Modified:Jan 15 03:14:00 2004
MD5 Checksum:4d52897a1dc5a66a5a20520eebb3e251

 ///  File Name: suse90symlinks.txt
Description:
Various init related script in SuSE 9.0 are susceptible to symlink attacks.
Author:l0om
File Size:1636
Last Modified:Jan 20 23:48:00 2004
MD5 Checksum:b0a771d87e4879f9b01efe708f43ed7e

 ///  File Name: snapstream.txt
Description:
SnapStream PVS LITE is susceptible to a cross site scripting attack.
Author:Rafel Ivgi
Homepage:http://theinsider.deep-ice.com
File Size:1630
Last Modified:Jan 8 01:35:53 2004
MD5 Checksum:181c70c842590696e303e00c6e614d1d

 ///  File Name: sa10544.txt
Description:
Secunia Security Advisory SA10544 - A vulnerability has been identified in mpg321, allowing malicious people to execute arbitrary code. The problem is that certain strings in mp3 files are not properly verified before being used in a printf() function call. This could potentially be exploited to execute arbitrary code through malicious mp3 files and HTTP streams.
Homepage:http://www.secunia.com/advisories/10544/
File Size:1540
Last Modified:Jan 8 06:19:00 2004
MD5 Checksum:a27f5ace2541f0fd5c28b4418fe688a1

 ///  File Name: tbeBanner.txt
Description:
Native Solutions TBE Banner Engine is vulnerable to allowing an attacker to embed code to be executed by the server when text for a banner is added.
Author:Ed J. Aivazian
File Size:1454
Last Modified:Jan 22 12:55:00 2004
MD5 Checksum:2c12e6d41c2a540e173e7a4ed23d105b

 ///  File Name: servu.txt
Description:
Serv-U FTP server versions 4.2 and below have an internal memory buffer that may be overrun while handling the site chmod command with a filename containing excessive data.
Author:kkqq
Homepage:http://www.0x557.org/release/servu.txt
File Size:1441
Last Modified:Jan 26 09:30:00 2004
MD5 Checksum:7c371527ce6128fefc45044ad4584576

 ///  File Name: mambo.txt
Description:
The Mambo Open Source web content management system allows for remote command execution as the webserver user id due to a lack of input validation.
Author:FraMe
Homepage:http://www.kernelpanik.org
File Size:1341
Last Modified:Jan 19 01:21:00 2004
MD5 Checksum:29380f7ad13cd94fe1f84ab35ed2bd6e

 ///  File Name: networker60.txt
Description:
A plausible symlink attack exists in networker version 6.0 in the shutdown script.
Author:l0om
File Size:1169
Last Modified:Jan 19 23:55:00 2004
MD5 Checksum:b0aa295afc5af5e52ad594417b9bdc82

 ///  File Name: webtrends.txt
Description:
WebTrends Reporting Center is administrated via a web interface that has a flaw which would allow a remote attacker to disclose the physical path to the application.
Author:Oliver Karow
Homepage:http://www.oliverkarow.de
File Size:1015
Last Modified:Jan 21 08:30:00 2004
MD5 Checksum:937ac402be71aa04081516bcd6708c22