Section:  .. / 0411-advisories  /

Page 2 of 7
<< 1 2 3 4 5 6 7 >> Files 25 - 50 of 167
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 2004-0058.txt
Description:
Trustix Secure Linux Security Advisory #2004-0058 - Various security fixes have been released for gd, samba, sqlgrey, and sudo.
Homepage:http://www.trustix.org/
File Size:6218
Related CVE(s):CAN-2004-0941, CAN-2004-0990, CAN-2004-0882, CAN-2004-0930
Last Modified:Nov 20 22:33:59 2004
MD5 Checksum:a6b47168cf3544c71a84850af96a4db6

 ///  File Name: 57606.html
Description:
Sun Security Advisory - Buffer overflow vulnerabilities in the Sun Java System Web Proxy Server may allow a remote unprivileged user to crash either the Web Proxy Server or the Admin Server (of the Web Proxy Server) or execute arbitrary code with the privileges of the respective server processes.
Homepage:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57606-1
File Size:5961
Last Modified:Nov 2 02:58:56 2004
MD5 Checksum:ff7518d2275c5f059050b1b4fdcd8d79

 ///  File Name: TA04-315A.txt
Description:
Technical Cyber Security Alert TA04-315A - Microsoft Internet Explorer (IE) contains a buffer overflow vulnerability that could allow a remote attacker to execute arbitrary code with the privileges of the user running IE. A buffer overflow vulnerability exists in the way IE handles the SRC and NAME attributes of various elements, including FRAME, IFRAME, and EMBED. Because IE fails to properly check the size of the NAME and SRC attributes, a specially crafted HTML document can cause a buffer overflow in heap memory. Due to the dynamic nature of the heap, it is usually difficult for attackers to execute arbitrary code using this type of vulnerability.
Homepage:http://www.cert.org/
File Size:5822
Last Modified:Nov 12 05:20:52 2004
MD5 Checksum:20c99413b69e1613b32257cf78c2f275

 ///  File Name: cryus.imap.2.2.8.txt
Description:
Cryus v2.2.8 and below contains four remote vulnerabilities, including one which is pre-authentication. Fix available here.
Author:Stefan Esser &
Homepage:http://security.e-matters.de/
File Size:5498
Related CVE(s):CAN-2004-1011, CAN-2004-1012, CAN-2004-1013
Last Modified:Nov 24 07:46:00 2004
MD5 Checksum:d4db20d02f1bf3f8bb227f7379525a1a

 ///  File Name: TA04-316A.txt
Description:
Technical Cyber Security Alert TA04-316A - There is a vulnerability in the way Cisco IOS processes DHCP packets. Exploitation of this vulnerability may lead to a denial of service. The processing of DHCP packets is enabled by default.
Homepage:http://www.cert.org/
File Size:5292
Last Modified:Nov 13 00:58:09 2004
MD5 Checksum:30f6202ff0bbbd77c9257fe3ea159596

 ///  File Name: MDKSA-2004:140.txt
Description:
Mandrakelinux Security Update Advisory - The GNU a2ps utility fails to properly sanitize filenames, which can be abused by a malicious user to execute arbitrary commands with the privileges of the user running the vulnerable application.
Homepage:http://www.mandrakesoft.com/security/advisories/
File Size:5061
Last Modified:Dec 11 22:55:02 2004
MD5 Checksum:d8e93f86af1b786f0bd3c3d4618007ff

 ///  File Name: dsa-598.txt
Description:
Debian Security Advisory 598-1 - Max Vozeler noticed that yardradius, the YARD radius authentication and accounting server, contained a stack overflow similar to the one from radiusd which is referenced as CAN-2001-0534. This could lead to the execution of arbitrary code as root.
Homepage:http://www.debian.org/security/
File Size:5038
Related CVE(s):CAN-2004-0987
Last Modified:Dec 11 21:38:25 2004
MD5 Checksum:f8025faa2445a5de116af73f69f142e4

 ///  File Name: c040619-001.txt
Description:
Corsaire Security Advisory - The aim of this document is to clearly define several vulnerabilities in the Danware NetOp Host product that suffers from multiple information disclosure issues.
Author:Martin O'Neal
Homepage:http://www.penetration-testing.com/
File Size:4850
Related CVE(s):CAN-2004-0950
Last Modified:Nov 20 23:37:33 2004
MD5 Checksum:62ac9ea687c7f3b8d3f743ef6881f1f0

 ///  File Name: LSS-2004-11-3.txt
Description:
LSS Security Advisory #LSS-2004-11-3 - There is a buffer overflow vulnerability in getnickuserhost() function that is called when BNC 2.8.9 is processing responses from an IRC server.
Author:Leon Juranic
Homepage:http://security.lss.hr
File Size:4686
Last Modified:Nov 12 05:02:10 2004
MD5 Checksum:c0e0e1ce2606be50b9101c898d297435

 ///  File Name: jreDoS.txt
Description:
Java Runtime Environment versions 1.4.2, 1.5.0, and possible others are susceptible to a remote denial of service attack.
Author:Kurt Huwig
File Size:4531
Last Modified:Nov 10 07:59:51 2004
MD5 Checksum:e0f21f81fc36ffd7277ab48d1aa46595

 ///  File Name: 20041104-1.txt
Description:
Symantec LiveUpdate is susceptible to compressed archive attacks known as zip bombing.
Homepage:http://www.hexview.com/
File Size:4488
Last Modified:Nov 5 05:37:44 2004
MD5 Checksum:bbe97d4e3a80efbbd9bcbac09a1d69d6

 ///  File Name: cyberguard.txt
Description:
Additional information about recent discussion various entities have have with CyberGuard regarding their firewall.
Author:jericho
Homepage:http://www.attrition.org/
File Size:4439
Last Modified:Nov 13 00:45:50 2004
MD5 Checksum:e1778c48d90dfe66ca6683aa8c9d6cce

 ///  File Name: secureCRTrce.txt
Description:
SecureCRT versions 4.1 and 4.0 suffer from flaws that allow for remote compromise due to links automatically launching the application.
Author:Brett Moore
Homepage:http://security-assessment.com/
File Size:4401
Last Modified:Dec 11 19:37:36 2004
MD5 Checksum:8210ae378698fdfe344c519600742518

 ///  File Name: hiredteam.txt
Description:
Hired Team: Trial versions 2.0/2.200 and below suffer from format string, malformed packet, and status/kick remote vulnerability flaws.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:4363
Last Modified:Nov 20 22:09:18 2004
MD5 Checksum:28a021ad2bac010545d974b6e3aaa075

 ///  File Name: 11.22.04.txt
Description:
iDEFENSE Security Advisory 11.22.04 - J2SE prior to v1.4.2_06 contains serious remote vulnerabilities which allow applets loaded in browsers to load an unsafe class, and write to any file on a users system. IE, Mozilla, and Firefox can lead to compromise on Linux and Windows systems if a malicious web page is loaded.
Author:Jouko Pynnonen
Homepage:http://www.idefense.com
File Size:4310
Related CVE(s):CAN-2004-1029
Last Modified:Nov 24 08:03:46 2004
MD5 Checksum:589ce64427e67a02d8109eeaf1fd0809

 ///  File Name: newsudo.txt
Description:
Sudo version 1.6.8, patchlevel 2 is now available. It includes a fix for a security flaw in sudo's environment cleaning that could give a malicious user with sudo access to a bash script the ability to run arbitrary commands.
Homepage:http://www.sudo.ws/
File Size:4277
Last Modified:Nov 13 03:39:53 2004
MD5 Checksum:d3b4864681ffd253122607f0458c0614

 ///  File Name: 20041103-1.txt
Description:
Zip console application by Info-Zip is susceptible to a buffer overflow condition that can be triggered and exploited during a recursive compression operation.
Homepage:http://www.hexview.com/
File Size:4208
Last Modified:Nov 5 05:33:20 2004
MD5 Checksum:a935cf0a01b3ad7007cda55353b3743f

 ///  File Name: zoneAdBlock.txt
Description:
ZoneAlarm Security Suite and ZoneAlarm Pro have been updated to address a vulnerability in their ad-blocking functions.
Homepage:http://www.zonelabs.com/security
File Size:4161
Last Modified:Nov 20 23:26:37 2004
MD5 Checksum:491b70c200644db74a75979fec666aef

 ///  File Name: netgearDG384.txt
Description:
Netgear DG834 is susceptible to a denial of service attack and URL filtering bypass vulnerabilities.
Author:Dr_insane
File Size:3969
Last Modified:Nov 10 08:28:12 2004
MD5 Checksum:264d5ce592ac8e8cc5b6e0ed25c722d9

 ///  File Name: 132004.txt
Description:
Samba versions 3 through 3.0.7 suffer from a buffer overflow inside the QFILEPATHINFO request handler. This vulnerability allows for remote code execution.
Author:Stefan Esser
Homepage:http://security.e-matters.de/
File Size:3905
Related CVE(s):CAN-2004-0882
Last Modified:Nov 20 20:39:56 2004
MD5 Checksum:2e206dfee16b6d2c1db677d7fc949b5d

 ///  File Name: winamp505.txt
Description:
Detailed analysis and overview of the Winamp 5.05 vulnerability recently patched.
Author:Brett Moore
Homepage:http://security-assessment.com/
File Size:3892
Last Modified:Dec 11 19:39:30 2004
MD5 Checksum:24b1db34abd1449688876f4b51823628

 ///  File Name: sa13263.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in various F-Secure products, which can be exploited by malware to bypass certain scanning functionality.
Homepage:http://secunia.com/advisories/13263/
File Size:3871
Last Modified:Dec 11 19:49:21 2004
MD5 Checksum:19bee47fa2d4c055536e479f1212491e

 ///  File Name: glsa-200411-15.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-15 - groffer, included in the Groff package, and the der_chop script, included in the OpenSSL package, are both vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.
Homepage:http://security.gentoo.org/
File Size:3862
Last Modified:Nov 10 07:54:52 2004
MD5 Checksum:e9876782c9278b91279b2263bc936706

 ///  File Name: msISAauthbypass.txt
Description:
Methods exist to allow for Microsoft ISA authentication bypass when the server is configured as a proxy.
Author:Debasis Mohanty
Homepage:http://www.hackingspirits.com
File Size:3825
Last Modified:Nov 5 04:58:31 2004
MD5 Checksum:da0d366ebc0b3b7b38a77a637ae9c66c

 ///  File Name: bogofilter-SA-2004-01.txt
Description:
A vulnerability in bogofilter/bogolexer causes a segmentation fault due to malformed input.
Author:Antti-Juhani Kaijanaho, Clint Adams, David Relson
File Size:3786
Last Modified:Nov 1 04:11:50 2004
MD5 Checksum:de3d71a71544b27c4427eac5daf74186