Section:  .. / 0406-advisories  /

Page 3 of 6
<< 1 2 3 4 5 6 >> Files 50 - 75 of 129
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: unrealCodeExec.txt
Description:
The Unreal game engine has a flaw where a simple UDP packet with a long value can overwrite important memory zones and possibly allow for remote code execution. Vulnerable games include: DeusEx versions below and equal to 1.112fm, Devastation versions below and equal to 390, Mobile Forces versions below and equal to 20000, Nerf Arena Blast versions below and equal to 1.2, Postal 2 versions below and equal to 1337, Rune versions below and equal to 107, Tactical Ops versions below and equal to 3.4.0, TNN Pro Hunter, Unreal 1 versions below and equal to 226f, Unreal II XMP versions below and equal to 7710, Unreal Tournament versions below and equal to 451b, Unreal Tournament 2003 versions below and equal to 2225, Unreal Tournament 2004 versions below 3236, Wheel of Time versions below and equal to 333b, X-com Enforcer.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:unsecure.zip"
File Size:3709
Last Modified:Jun 23 01:31:53 2004
MD5 Checksum:51dd71f79c8e10c31480c4545396b33b

 ///  File Name: TSSA-2004-012.txt
Description:
A remote exploit has been discovered in the Apache 2.0.49 HTTP server which allows an attacker to cause the server to allocate increasing amounts of memory until system memory is exhausted or until process limits are reached.
Homepage:http://http.tinysofa.org/
File Size:3551
Last Modified:Jun 29 12:14:00 2004
MD5 Checksum:8b9a4bac6716b2602875a36b7005774a

 ///  File Name: Openswan.txt
Description:
Two authentication errors within a verify_x509cert() function allows for malicious people to bypass security restrictions. Affected products include: superfreeswan 1.x, openswan 1.x to 2.x, strongSwan below 2.1.3, and any version of FreeS/WAN 1.x or 2.x with the X.509 patch.
Homepage:http://www.openswan.org/
File Size:3493
Related CVE(s):CAN-2004-0590
Last Modified:Jun 29 12:39:00 2004
MD5 Checksum:11ffb49d499310404cb98c08715e7f54

 ///  File Name: linux.SbusPROM.txt
Description:
There exists multiple integer overflows in routines that handle copying in user supplied data for the Linux Sbus PROM driver. They allow for a local denial of service attack and possible code execution.
Author:sean
File Size:3485
Last Modified:Jun 29 14:19:00 2004
MD5 Checksum:1af0442de4e8dfb62ee1aea95250a9b6

 ///  File Name: firebirdDB.txt
Description:
A vulnerability in the Firebird Database's way of handling database names allows an unauthenticated user to cause the server to crash and overwrite a critical section of the stack used by the database. Version 1.0 is affected.
Author:Noam Rathaus
Homepage:http://www.SecuriTeam.com
File Size:3435
Last Modified:Jun 2 09:57:05 2004
MD5 Checksum:bfba51ae44823072d2e07f4d2c382ee2

 ///  File Name: VSA-2004-1.txt
Description:
VICE Security Advisory VSA-2004-1 - VICE versions 1.6 through 1.14 on all platforms are vulnerable to a format string vulnerability in the handling of the monitor memory dump command.
Author:Spiro Trikaliotis
Homepage:http://www.viceteam.org/
File Size:3415
Related CVE(s):CAN-2004-0453
Last Modified:Jun 18 02:15:11 2004
MD5 Checksum:fd8e8cba31cf3059f09585e8512232b9

 ///  File Name: 06.08.04.txt
Description:
iDEFENSE Security Advisory 06.08.04: A remote attacker can compromise a target system if Squid Proxy is configured to use the NTLM authentication helper. The attacker can send an overly long password to overflow the buffer and execute arbitrary code.
Homepage:http://www.idefense.com/
File Size:3277
Related CVE(s):CAN-2004-0541
Last Modified:Jun 10 09:56:40 2004
MD5 Checksum:060874905d54e3bb9b334b152ab56049

 ///  File Name: trippedUp.txt
Description:
Tripwire commercial versions equal to and below 2.4 and Tripwire open source versions equal to and below 2.3.1 are susceptible to a format string vulnerability an email report is generated. This vulnerability allows an attacker to execute arbitrary code with the rights of the user running the file check, which is typically root.
Author:Paul Herman
File Size:3159
Last Modified:Jun 3 19:08:03 2004
MD5 Checksum:29c0b4d25bca6aa6b518267348ca8c84

 ///  File Name: eEye.realHeap.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in RealPlayer. The vulnerability allows a remote attacker to reliably overwrite heap memory with arbitrary data and execute arbitrary code in the context of the user who executed the player or application hosting the RealMedia plug-in. This specific flaw exists within the embd3260.dll file used by RealPlayer. By specially crafting a malformed movie file along with an HTML file, a direct heap overwrite is triggered, and reliable code execution is then possible. Systems Affected: RealOne Player, RealOne Player v2, RealPlayer 10, RealPlayer 8, RealPlayer Enterprise.
Author:Karl Lynn
Homepage:http://www.eeye.com
File Size:3090
Last Modified:Jun 14 09:40:50 2004
MD5 Checksum:1ab3251d59de9827bc933f9e0042e061

 ///  File Name: dnsone.txt
Description:
It has been reported that a vulnerability exists in DNS One, potentially allowing malicious people to conduct script insertion attacks. The problem is that input supplied to the HOSTNAME and CLIENTID parameters in a valid DHCP request are logged unfiltered, allowing arbitrary HTML and script code to be embedded. Successful exploitation allows code execution in an administrative user's browser in context of the affected site when the report / log is viewed. Reportedly, firmware version 2.4.0-8 and 2.4.0-8A and prior are affected.
Author:Gregory Duchemin
File Size:3036
Last Modified:Jun 22 09:35:01 2004
MD5 Checksum:477ec865fc16265f928692f1b4053bd4

 ///  File Name: linux1394.txt
Description:
The Linux kernel IEEE 1394 aka Firewire driver suffers from integer overflows that can result in a local denial of service and possible code execution. Both the 2.4 and 2.6 series are affected.
Author:sean
File Size:3026
Last Modified:Jun 23 01:53:24 2004
MD5 Checksum:515e51b617c25cd5a08e6eacfe98b7f4

 ///  File Name: EXPL-A-2004-002-surgmail.txt
Description:
SurgeMail 1.x is susceptible to a cross site scripting attack.
Author:Donnie Werner
Homepage:http://exploitlabs.com/files/advisories/EXPL-A-2004-002-surgmail.txt
File Size:2987
Last Modified:Jun 8 00:20:42 2004
MD5 Checksum:7d2e70cab8c22723c1d0d45e6265eb38

 ///  File Name: 20040630-2.6-tcpoption.txt
Description:
Sending crafted packets to a 2.6 series kernel with netfilter rules matching TCP options (using the --tcp-option match) may result in a Denial of Service.
Homepage:http://www.netfilter.org
File Size:2982
Related CVE(s):CAN-2004-0626
Last Modified:Jun 30 13:50:00 2004
MD5 Checksum:d833a45007f5ec8ad7ba3214e112fa2b

 ///  File Name: rsshFlaw.txt
Description:
rssh, the small shell whose purpose is to restrict users to using scp or sftp, has a bug that allows a user to gather information outside of a chrooted jail unintentionally. Affected versions are 2.0 through 2.1.x.
Author:Derek Martin
Homepage:http://www.pizzashack.org/
File Size:2971
Last Modified:Jun 23 01:18:55 2004
MD5 Checksum:897d2cb5dbfd8548e2d3419a56df3d1c

 ///  File Name: advisory-05.txt
Description:
PHP-Nuke versions 6.x, 7.2, and 7.3 all suffer from path disclosure and cross site scripting vulnerabilities.
Author:DarkBicho
Homepage:http://www.darkbicho.tk
File Size:2859
Last Modified:Jun 9 07:55:00 2004
MD5 Checksum:91650882c557240bcb75a8d7923029a7

 ///  File Name: popclient30b6.txt
Description:
An off-by-one condition exists in the POP3 handler code present in popclient 3.0b6. By crafting a malicious email a remote attacker may cause a denial of service against users of this software.
Author:Dean White, John Cartwright
File Size:2834
Last Modified:Jun 29 12:31:00 2004
MD5 Checksum:d9c05396bc794653e724547dc8bc06fa

 ///  File Name: sns76.txt
Description:
Internet Explorer allows local users to cause a denial of service against the system when attempting to print a certain HTML page.
Author:Nobuo Miwa
Homepage:http://www.lac.co.jp/security/csl/intelligence/SNSadvisory_e/76_e.html
File Size:2820
Last Modified:Jun 25 11:53:00 2004
MD5 Checksum:6ea6a8000f952d6e811871803c2e170a

 ///  File Name: 06.21.04.txt
Description:
iDEFENSE Security Advisory 06.21.04: Remote exploitation of a denial of service condition within GNU Radius allows attackers to crash the service. The problem specifically exists in the code for handling SNMP messages. By supplying a malformed packet containing an invalid OID, such as -1, it is possible to cause the server to shutdown, preventing further requests from being handled. The Radius server must have been compiled with the '-enable-snmp' option in order to be vulnerable.
Homepage:http://www.idefense.com/
File Size:2811
Last Modified:Jun 22 11:00:49 2004
MD5 Checksum:d87f6eab13a6ec51a6eac5b6c3dba560

 ///  File Name: linux26.txt
Description:
There is a remotely exploitable bug in all Linux kernel 2.6 series due to using an incorrect variable type. The vulnerability is connected to the netfilter subsystem and may cause denial of service.
Author:Adam Osuchowski
File Size:2810
Last Modified:Jun 30 12:20:00 2004
MD5 Checksum:36f6ea37f7e6031222443c3080477496

 ///  File Name: webwizXSS.txt
Description:
Web Wiz Forums version 7.8 is susceptible to a cross site scripting attack.
Author:Ferruh Mavituna
Homepage:http://ferruh.mavituna.com
File Size:2762
Last Modified:Jun 18 02:29:36 2004
MD5 Checksum:7920363538c3c406b4be79bdf951b58a

 ///  File Name: sa11799.txt
Description:
Microsoft has issued Service Pack 2 for ISA Server 2000. This includes patches for all previously reported vulnerabilities as well as older hot fixes, where some address potential security issues.
File Size:2735
Last Modified:Jun 14 11:11:43 2004
MD5 Checksum:5762fda1c8060fb7502ee4ba0b7903b2

 ///  File Name: advisory-06.txt
Description:
CuteNews version 1.3.1 is susceptible to a cross site scripting flaw.
Author:DarkBicho
Homepage:http://www.darkbicho.tk
File Size:2618
Last Modified:Jun 28 02:00:00 2004
MD5 Checksum:28e1aa84a563d7c72d823db701b20576

 ///  File Name: arhontWireless.txt
Description:
A clear text account password is obtainable using SNMP on the BT Voyager 2000 Wireless ADSL router.
Author:Konstantin V. Gavrilenko
Homepage:http://www.arhont.com
File Size:2607
Last Modified:Jun 25 11:38:00 2004
MD5 Checksum:f5cddd8c6c87e246584a2c4e90391329

 ///  File Name: tocaracedriver120.txt
Description:
Remote denial of service attacks are possible against the server and connected clients of Race Driver versions 1.20 and below when a server receives a message packet with a length identifier of 0.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:rdboom.zip"
File Size:2579
Last Modified:Jun 9 08:12:26 2004
MD5 Checksum:5ed51807d5919737956f867e6ee6c0d4

 ///  File Name: snitzxss.txt
Description:
Sec-Tec Advisory - A cross site scripting vulnerability has been discovered in Snitz Forums 2000. Version 3.4.04 is affected.
Author:Pete Foster
Homepage:http://www.sec-tec.co.uk/vulnerability/snitzxss.html
File Size:2542
Last Modified:Jun 18 02:45:19 2004
MD5 Checksum:7012e9ae03857f86bff396165533b03b