Section:  .. / 0412-advisories  /

Page 7 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 150 - 175 of 253
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: phpBB144.txt
Description:
phpBB versions 1.4.4 and below are susceptible to cross site scripting flaws.
Author:Gurjanov Ilia
File Size:275
Last Modified:Dec 30 09:25:45 2004
MD5 Checksum:3f0d001f50fdb2ed5a79123823f70239

 ///  File Name: phpMeta.txt
Description:
PHP version 4.3.9 is vulnerable to meta character attacks. The bug could enable an attacker to read arbitrary files from the filesystem of a webserver that hosts PHP scripts. In addition PHP versions 4.3.6 until 4.3.9 as well as PHP versions 5.0.0 until 5.0.2 contain a bug that enables an attacker to manipulate the file name of uploaded files to perform directory traversal.
Author:Daniel Fabian
File Size:4548
Last Modified:Dec 30 09:53:09 2004
MD5 Checksum:74b268a99f4a6aaefbb8d9e621614730

 ///  File Name: phpMyAdmin261rc1.txt
Description:
phpMyAdmin versions prior to 2.6.1-rc1 suffer from command execution and file disclosure vulnerabilities.
Author:Nicolas Gregoire
Homepage:http://www.exaprobe.com/
File Size:2436
Related CVE(s):CAN-2004-1147, CAN-2004-1148
Last Modified:Dec 30 07:26:36 2004
MD5 Checksum:d276543b1c17e03eb47b583955c9ef8f

 ///  File Name: pimpremote.txt
Description:
Remote Execute version 2.30 is susceptible to denial of service after receiving seven connections.
Author:Paul Craig
File Size:1572
Last Modified:Dec 12 18:51:14 2004
MD5 Checksum:7d9d209e155ca1c1b21d3c732ccb9de9

 ///  File Name: plesk700.txt
Description:
Plesk, a popular server administration tool used by many web hosting companies, is susceptible to cross site scripting flaws.
Author:Andrew Smith
File Size:1160
Last Modified:Dec 31 23:03:45 2004
MD5 Checksum:2a40d7304bd1fd94d5a07e880ad27fa5

 ///  File Name: postp393483.txt
Description:
phpBB versions 2.3.10 and below are susceptible to a directory traversal attack via the attachment module.
Author:Paul Laudanski
Homepage:http://castlecops.com/postp393483.html
File Size:5652
Last Modified:Dec 30 08:16:00 2004
MD5 Checksum:2c2c44852d605546587978a81e331e18

 ///  File Name: procmail.cshrc.txt
Description:
Due to procmail sourcing the .cshrc of the user it is forwarding the mail to under the root uid, it may be possible allow for local root compromise.
Author:Michael Barnes
File Size:2129
Last Modified:Dec 31 20:08:41 2004
MD5 Checksum:b5129ace3978a73c308b20318e809f23

 ///  File Name: PsychoStats.txt
Description:
PsychoStats versions 2.2.4 Beta and earlier are susceptible to a cross site scripting attack.
Author:James Bercegay
Homepage:http://www.gulftech.org/
File Size:2001
Last Modified:Dec 31 21:48:57 2004
MD5 Checksum:b859263831c45224a2b1a45ec7128718

 ///  File Name: qwik-smtpd-djb.txt
Description:
A buffer overflow vulnerability in qwik-smtpd version 0.3 enables mail relay possibilities.
Author:Jonathan Rockway
Homepage:http://tigger.uic.edu/~jlongs2/holes/qwik-smtpd.txt
File Size:1231
Last Modified:Dec 30 10:58:00 2004
MD5 Checksum:03b0d06401bc46791b619075557bdc32

 ///  File Name: realone2.txt
Description:
A vulnerability has been found in the Internet Explorer browser with system installed Realone 2.0 build 6.0.11.868 in the processing of the EMBED tag.
Author:Wei Li
File Size:1662
Last Modified:Dec 31 21:13:57 2004
MD5 Checksum:64fc26bb0fb97fb2d29bcf661b5b43ed

 ///  File Name: ricohICMP.txt
Description:
The RICOH Aficio 450/455 PCL 5e printer fails to handle malformed ICMP packets properly, resulting in a denial of service.
Author:Hongzhen Zhou
File Size:624
Last Modified:Dec 30 08:33:28 2004
MD5 Checksum:c77cf0fc482f5ae0969fb8d0a2d6a185

 ///  File Name: ringtonetools.txt
Description:
Ringtone Tools version 2.22 is susceptible to a buffer overflow in the parse_emelody() function.
Author:Qiao Zhang
File Size:1831
Last Modified:Dec 30 21:48:54 2004
MD5 Checksum:49c072a2956cb35e4660bdb38e148aa6

 ///  File Name: RLSA_06-2004.txt
Description:
QNX crttrap has a -c flag to specify where trap file will be written. Combined with the trap flag it is possible to read or write any file in the disk. QNX RTOS 2.4, 4.25, 6.1.0, 6.2.0 are all affected.
Author:Julio Cesar Fort
File Size:2847
Last Modified:Jan 2 21:01:56 2005
MD5 Checksum:5765faa4ad094a2c0a69ced0e9539975

 ///  File Name: roxioLocal.txt
Description:
Roxio Toast on Mac OS X is susceptible to local exploitation due to a format string bug.
Author:fintler
File Size:2699
Last Modified:Dec 30 08:13:49 2004
MD5 Checksum:670015d91740d91942ba93854dd29bcd

 ///  File Name: rsshscponly.txt
Description:
Although rssh and scponly were designed to limit the use of a shell on a remote host, various underlying programs that they are allowed to use may allow for arbitrary command execution.
Author:Jason Wies
File Size:3797
Last Modified:Dec 12 01:15:24 2004
MD5 Checksum:dfe3c0a0d1fbc50c60dbf4f553b0e2fd

 ///  File Name: rtf2latex2e.txt
Description:
A buffer overflow in the ReadFontTbl() function of rtf2latex2e version 1.0fc2 allows for arbitrary code execution.
Author:Limin Wang
Homepage:http://tigger.uic.edu/~jlongs2/holes/rtf2latex2e.txt
File Size:1855
Last Modified:Dec 30 11:06:09 2004
MD5 Checksum:078d428f64800e2f85bab6f0a7c95ec9

 ///  File Name: sa12856.txt
Description:
Secunia Security Advisory - Secunia Research has discovered some vulnerabilities in Ansel, which can be exploited by malicious people to conduct SQL injection and script insertion attacks. The vulnerabilities have been confirmed on version 2.1. Prior versions may also be affected.
Homepage:http://secunia.com/advisories/12856/
File Size:2137
Last Modified:Dec 12 19:01:40 2004
MD5 Checksum:183894877550ebc229bbc6cbb28c51ea

 ///  File Name: sa12981.txt
Description:
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to the filename and the Content-Type header not being sufficiently validated before being displayed in the file download dialog. This can be exploited to spoof file types in the download dialog by passing specially crafted Content-Disposition and Content-Type headers containing dots and ASCII character code 160. Successful exploitation may result in users being tricked into executing a malicious file via the download dialog. The vulnerability has been confirmed on Opera 7.54 for Windows. Other versions may also be affected.
Homepage:http://secunia.com/advisories/12981/
File Size:2187
Last Modified:Dec 12 20:46:36 2004
MD5 Checksum:3fb4866a9f4e307fff19bed0da4dd1ee

 ///  File Name: sa13129.txt
Description:
Secunia Security Advisory - Secunia Research has reported a vulnerability in Mozilla / Mozilla Firefox, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
Homepage:http://secunia.com/advisories/13129/
File Size:2614
Last Modified:Dec 12 19:55:21 2004
MD5 Checksum:7fe550a68547d583df329ea33a08f1c9

 ///  File Name: sa13234.txt
Description:
Secunia Security Advisory - A security issue has been reported in IBM WebSphere Commerce, which potentially may disclose customer information. The problem reportedly exists if store views update the database or directly invoke commands that perform the database update, which may result in customer information being stored under the default user. The security issue has been reported in versions 5.1, 5.4, 5.5, and 5.6.
Homepage:http://secunia.com/advisories/13234/
File Size:1954
Last Modified:Dec 12 08:35:43 2004
MD5 Checksum:69360318120b29e6b961128d35dfe063

 ///  File Name: sa13251.txt
Description:
Secunia Security Advisory - Secunia Research has reported a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
Homepage:http://secunia.com/advisories/13251/
File Size:2305
Last Modified:Dec 12 19:54:28 2004
MD5 Checksum:2125e5582ddf4f91aff13cb3f0773fc2

 ///  File Name: sa13252.txt
Description:
Secunia Security Advisory - Secunia Research has reported a vulnerability in Safari, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
Homepage:http://secunia.com/advisories/13252/
File Size:2095
Last Modified:Dec 12 19:56:42 2004
MD5 Checksum:ea33f990f046a701611a61f64d8e729e

 ///  File Name: sa13253.txt
Description:
Secunia Security Advisory - Secunia Research has reported a vulnerability in Opera, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
Homepage:http://secunia.com/advisories/13253/
File Size:2089
Last Modified:Dec 12 19:53:33 2004
MD5 Checksum:3efea787cbbeb726fc5397278bbf2e45

 ///  File Name: sa13311.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Unicenter Remote Control (URC), which can be exploited by malicious users to access arbitrary URC Management Servers.
Homepage:http://secunia.com/advisories/13311/
File Size:2416
Last Modified:Dec 12 19:31:20 2004
MD5 Checksum:d22a892027d698d1f996af8f5373ad90

 ///  File Name: sa13356.txt
Description:
Secunia Security Advisory - Secunia Research has reported a vulnerability in Internet Explorer for Mac, which can be exploited by malicious people to spoof the content of websites. The problem is that a website can inject content into another site's window if the target name of the window is known. This can e.g. be exploited by a malicious website to spoof the content of a pop-up window opened on a trusted website.
Homepage:http://secunia.com/advisories/13356/
File Size:2145
Last Modified:Dec 12 20:39:33 2004
MD5 Checksum:adf0af6b6b8a14df5261f983f91d7705