Section:  .. / 0403-advisories  /

Page 2 of 4
<< 1 2 3 4 >> Files 25 - 50 of 90
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: crafty-adv.txt
Description:
A vulnerability exists in the Crafty game versions 19.3 and below that allows a local user to escalate privileges via a buffer overflow.
Author:Steve Kemp
Homepage:http://www.rosiello.org/
File Size:1626
Last Modified:Mar 17 08:01:38 2004
MD5 Checksum:04de1ee02537eee1d62754fc7e2301f2

 ///  File Name: dameware4100.txt
Description:
Dameware Mini Remote Control version 4.1.0.0 passes its Blowfish encryption key on the wire in the clear. It also uses a poor random bit generator to create the key.
Author:ax09001h
File Size:1378
Last Modified:Mar 24 05:22:00 2004
MD5 Checksum:bb8347a1595e5a0e7b01a6872944a841

 ///  File Name: db2rmtcmd.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR09032004 - IBM's DB2 version 8.1 Enterprise Edition on Windows has a remote command server that runs as db2admin, but can have commands executed by a guest account, allowing for privilege escalation.
Author:David Litchfield
Homepage:http://www.ngssoftware.com/advisories/db2rmtcmd.txt
File Size:2204
Last Modified:Mar 11 02:31:20 2004
MD5 Checksum:1962d75fb94caac85d2385e494eaa814

 ///  File Name: dsa-469.txt
Description:
Debian Security Advisory DSA 469-1 - Primoz Bratanic discovered a bug in libpam-psgl, a PAM module to authenticate using a PostgreSQL database. The library does not escape all user-supplied data that are sent to the database. An attacker could exploit this bug to insert SQL statements.
Author:Martin Schulze
Homepage:http://www.debian.org/security/
File Size:4860
Related CVE(s):CAN-2004-0366
Last Modified:Mar 29 15:44:00 2004
MD5 Checksum:e90b8688ebc10816a8e89622a4d44c52

 ///  File Name: dtlogin.sxw.pdf
Description:
Immunity Security Advisory - A double-free weakness in the XDMCP parser of dtlogin (CDE) results in remote code execution against popular server operating systems, such as Solaris. This attack is performed over UDP port 177.
Author:Dave Aitel
Homepage:http://www.immunitysec.com
File Size:24986
Last Modified:Mar 24 05:24:00 2004
MD5 Checksum:01c14a6a98f0a677463029b74cc20f5c

 ///  File Name: eEye.iss.txt
Description:
eEye Security Advisory - A critical vulnerability has been discovered in the PAM component used in all current ISS host, server, and network device solutions. A routine within the Protocol Analysis Module (PAM) that monitors ICQ server responses contains a series of stack based buffer overflow vulnerabilities. If the source port of an incoming UDP packet is 4000, it is assumed to be an ICQ v5 server response. Any incoming packet matching this criterion will be forwarded to the vulnerable routine.
Author:delivering a carefully crafted response packet to the broadcast address of a network operating RealSecure/BlackICE agents an attacker can achieve anonymous, remote SYSTEM access across all vulnerable nodes. Homepage: http://www.eEye.com.
File Size:4537
Last Modified:Mar 19 18:12:00 2004
MD5 Checksum:89bb0e2f36e4df086c28ec3597fcec82

 ///  File Name: etherlords.txt
Description:
Etherlords I versions 1.07 and below and Etherlords II versions 1.03 and below suffer from a bug where reading of unallocated memory causes a crash.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:ethboom.zip
File Size:2345
Last Modified:Mar 26 02:54:16 2004
MD5 Checksum:b981557285057dbc3946715d75f4e822

 ///  File Name: expcrashnp.txt
Description:
Internet Explorer and Explorer.exe can be crashed when a null pointer exception occurs during a shell: call with a double backslash for a filename.
Author:Rafel Ivgi aka The-Insider
Homepage:http://theinsider.deep-ice.com
File Size:2414
Last Modified:Mar 19 20:32:00 2004
MD5 Checksum:6d4bc179453917274d5cf3f9973eeeeb

 ///  File Name: extcompose.txt
Description:
Extcompose, a function of the metamail package, fails to properly verify a file exists prior to writing to it, and will accept symbolic links, leaving it open to being an attack vector.
Author:Shaun Colley
Homepage:http://www.nettwerked.co.uk
File Size:4857
Last Modified:Mar 13 08:27:21 2004
MD5 Checksum:e04213c055e9d94968876691fc2b2ac0

 ///  File Name: FreeBSD-SA-04:06.ipv6.txt
Description:
FreeBSD Security Advisory FreeBSD-SA-04:06.ipv6 - Applications may manipulate the behavior of an IPv6 socket using the setsockopt(2) system call. This may allow a local attacker to read portions of kernel memory.
Author:Katsuhisa ABE, Colin Percival
Homepage:http://www.freebsd.org/security/
File Size:4053
Related CVE(s):CAN-2004-0370
Last Modified:Mar 29 17:46:00 2004
MD5 Checksum:b5aebf5d0593c20a8019ec6f67e94cbd

 ///  File Name: freshmeatXSS.txt
Description:
Freshmeat.net is susceptible to a cross site scripting flaw.
Author:Steve Kemp
File Size:1554
Last Modified:Mar 27 03:58:45 2004
MD5 Checksum:8adc2e66da95b1f65b1d0cb562f21729

 ///  File Name: gm005-mc.txt
Description:
GreyMagic Security Advisory GM#005-MC - Both Yahoo and Hotmail are susceptible to cross site scripting attacks.
Homepage:http://security.greymagic.com/adv/gm005-mc/
File Size:4527
Last Modified:Mar 23 20:49:00 2004
MD5 Checksum:d92616a623403f44dcc8abe3ff567f06

 ///  File Name: hotmailfun.txt
Description:
Some amusing flaws in Hotmail.com allows for credential theft.
Author:http-equiv@excite.com
Homepage:http://www.malware.com
File Size:2649
Last Modified:Mar 19 17:00:00 2004
MD5 Checksum:fe20ef3354aa143ca18df7704983ee22

 ///  File Name: hp_http.sxw.pdf
Description:
Immunity Security Advisory - The Compaq Web Management system (HP HTTP) has a bug in its validation system that allows an anonymous user to upload trusted certificates.
Author:Dave Aitel
Homepage:http://www.immunitysec.com
File Size:36578
Last Modified:Mar 16 04:40:59 2004
MD5 Checksum:c1e5ac017c6b14f2d230d2a70d36394e

 ///  File Name: hushmail_09-03-04.txt
Description:
Various cross site scripting vulnerabilties exist in the hushmail.com site.
Author:Calum Power
File Size:1987
Last Modified:Mar 12 02:57:03 2004
MD5 Checksum:c8874effe33c599a0604170fe41131ae

 ///  File Name: ieXSS.txt
Description:
Internet Explorer version 6.0 with SP1 is susceptible to Cross Zone and Site scripting vulnerabilities.
Author:Cheng Peng Su
File Size:4218
Last Modified:Mar 3 23:33:00 2004
MD5 Checksum:d23e8a84ad6f0fb34fc5c9af59a5d226

 ///  File Name: linbit.txt
Description:
SEC-CONSULT Security Advisory - Linbit Linbox is vulnerable to authentication circumvention on its administration portal, password disclosure for all existing users, and using the obtained passwords, any account can be logged into via SSH.
Author:Daniel FABIAN
Homepage:http://www.sec-consult.com
File Size:4982
Last Modified:Mar 30 18:06:00 2004
MD5 Checksum:7492df126274009cc647dd21fc84d3ed

 ///  File Name: macadmin.txt
Description:
The admin service on Mac OS-X, which runs on port 660, has a buffer overflow vulnerability.
Author:crEp
Homepage:http://www.crepinc.com
File Size:652
Last Modified:Mar 19 17:55:00 2004
MD5 Checksum:6e0b20cea6a04031757e096e76b4fb42

 ///  File Name: MG-2004-01.txt
Description:
Hard coded login sequence values for Oracle SSO allow for easy man in the middle attacks.
Author:Guido van Rooij, Arjan de Vet
Homepage:http://www.madison-gurkha.com/advisories/MG-2004-01.txt
File Size:2253
Last Modified:Mar 30 17:58:00 2004
MD5 Checksum:87135b2bb648920a8b367396787a1281

 ///  File Name: moddiskcache.txt
Description:
mod_disk_cache, for versions of Apache 2.0.49 and below, stores all client authentication credentials for cached objects on disk. This means proxy authentication credentials and possibly in certain RFC2616 defined cases, standard authentication credentials.
Author:Andreas Steinmetz
File Size:4541
Last Modified:Mar 20 17:44:00 2004
MD5 Checksum:35f35aab82f5ee3c24bcf057d2067fee

 ///  File Name: modsurvey0321.txt
Description:
The mod_survey module versions 3.0.16-pre1 and below for Apache are susceptible to a script injection attack.
Author:Niklas Deutschman
File Size:4706
Last Modified:Mar 22 21:34:00 2004
MD5 Checksum:f206233ec99f76b47d3854937d0b91c2

 ///  File Name: mplayer02.txt
Description:
MPlayer Security Advisory #002 - A remotely exploitable buffer overflow vulnerability was found in MPlayer. A malicious host can craft a harmful HTTP header (Location:), and trick MPlayer into executing arbitrary code upon parsing that header. Versions affected: MPlayer 0.90pre series, MPlayer 0.90rc series, MPlayer 0.90, MPlayer 0.91, MPlayer 1.0pre1, MPlayer 1.0pre2, MPlayer 1.0pre3.
Author:Gabucino
File Size:1380
Last Modified:Mar 30 17:54:00 2004
MD5 Checksum:f77fd385a682cb32d1a7acbf64c10f22

 ///  File Name: mpsb04-03.html
Description:
Macromedia Security Bulletin MPSB04-03 - Macintosh versions of the Macromedia installers and e-licensing client install a service whose file permissions allow other users to write to the file. This may allow one local user to obtain the permissions of another local user, resulting in privilege escalation.
Author:Chris Irvine
Homepage:
File Size:21034
Last Modified:Mar 16 08:21:02 2004
MD5 Checksum:a449adbbc3dc8c5e93120adf76faa059

 ///  File Name: msSharePointXSS.txt
Description:
Microsoft SharePoint Portal Server 2001 suffer from cross site scripting vulnerabilities.
Author:Ory Segal
Homepage:http://www.SanctumInc.com
File Size:1331
Related CVE(s):CAN-2004-0379
Last Modified:Apr 5 13:12:00 2004
MD5 Checksum:a45b4a69b109f9c83050e3b018d90d77

 ///  File Name: MyProxy20030629.txt
Description:
Due to a lack of proper input validation, cross site scripting flaws exist in MyProxy version 20030629.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1608
Last Modified:Mar 12 02:58:15 2004
MD5 Checksum:7aff814f81d05f258777d74a195b448a