Section:  .. / 0407-advisories  /

Page 5 of 5
<< 1 2 3 4 5 >> Files 100 - 114 of 114
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: SSRT4718.txt
Description:
HP Security Bulletin - The NTP (Network Time Protocol) package provided with HP Tru64 UNIX contains an integer overflow. The overflow may cause clients with clocks set too far in the past to receive an incorrect date/time offset from the ntp server, resulting in an incorrect date/time on the client. Affected versions: HP Tru64 UNIX V5.1B (PK4), HP Tru64 UNIX V5.1B (PK3), HP Tru64 UNIX V5.1B (PK2), HP Tru64 UNIX V51.A (PK6), HP Tru64 UNIX V4.0G (PK4), HP Tru64 UNIX V4.0F (PK8).
Homepage:http://www.hp.com/
File Size:7907
Last Modified:Jul 7 12:38:00 2004
MD5 Checksum:ebeee01621c00f25105d18e9643229eb

 ///  File Name: SSRT4782.txt
Description:
HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running the CIFS Server. This buffer overflow could potentially be exploited to remotely gain access. HP-UX versions B.11.00, B.11.11, B.11.22, and B.11.23 are all affected.
Homepage:http://www.hp.com/
File Size:6978
Last Modified:Jul 28 22:25:45 2004
MD5 Checksum:d61ad57ac28a5c887e36a94b552e508b

 ///  File Name: TA04-184A.txt
Description:
Technical Cyber Security Alert TA04-163A - A class of vulnerabilities in IE allows malicious script from one domain to execute in a different domain which may also be in a different IE security zone. Attackers typically seek to execute script in the security context of the Local Machine Zone (LMZ).
Homepage:http://www.us-cert.gov/cas/techalerts/TA04-163A.html
File Size:7305
Last Modified:Jul 2 18:50:00 2004
MD5 Checksum:0f88c00b299eab5ae291cff9ceb90b40

 ///  File Name: TA04-196A.txt
Description:
Technical Cyber Security Alert TA04-196A - Multitudes of vulnerabilities have been discovered amongst the Microsoft product line. Flaws that exist include Outlook Express failing to properly validate malformed e-mail headers, the Utility Manager allowing code execution, POSIX allowing code execution, IIS having a buffer overflow, the Task Scheduler having a buffer overflow, the HTML Help component failing to properly validate input data, and the Windows Shell allowing remote code execution.
Homepage:http://www.us-cert.gov/cas/techalerts/TA04-196A.html
File Size:6979
Related CVE(s):CAN-2003-1041, CAN-2004-0201, CAN-2004-0205, CAN-2004-0210, CAN-2004-0212, CAN-2004-0213, CAN-2004-0215, CAN-2004-0420
Last Modified:Jul 14 16:51:00 2004
MD5 Checksum:bbf0898a83a0cd9e8ec0525a14664b41

 ///  File Name: twoMoz.txt
Description:
Mozilla and Firefox are susceptible to a couple of flaws that allow for remote code execution under the guise of the local zone.
Author:Mindwarper
Homepage:http://mlsecurity.com
File Size:3661
Last Modified:Jul 13 14:55:00 2004
MD5 Checksum:2428c4ef0d9f7e9ac75e103aeeebe5ff

 ///  File Name: unreal.ircd.txt
Description:
Unreal ircd versions below 3.2 suffer from a faulty cloaking scheme to hide IP addresses which allows attackers to find the true IP address of people using the server.
Author:bartavelle
Homepage:http://www.bandecon.com/advisory/unreal.txt
File Size:2121
Last Modified:Jul 5 08:17:00 2004
MD5 Checksum:61355316be6103ac7b56fdc8ab490da3

 ///  File Name: Vpop3.txt
Description:
VPOP3 2.0.0k is susceptible to a denial of service attack due to a buffer overflow.
Author:dr_insane, papabfs
Homepage:http://members.lycos.co.uk/r34ct/
File Size:2060
Last Modified:Jul 24 02:33:25 2004
MD5 Checksum:3f5c8f4d2d7aafaf6a7c2c10e020a448

 ///  File Name: vserverProcFS.txt
Description:
VServer versions 1.27 and below (Linux 2.4 stable branch), 1.3.9 and below (Linux 2.4 devel branch), and 1.9.1 and below (Linux 2.6 devel branch) all allow for modifications to the proc filesystem that inadvertently propagate to the real underlying OS.
Author:Veit Wahlich
Homepage:http://ircnet.de/article.shtml?vsproc
File Size:2905
Last Modified:Jul 3 14:02:00 2004
MD5 Checksum:2aaac76c964ecf3137c54926b1a690c5

 ///  File Name: waraxe-2004-SA034.txt
Description:
PHPBB 2.0.8 is susceptible to full patch disclosure and cross site scripting vulnerabilities.
Author:Janek Vind
Homepage:http://www.waraxe.us/index.php?modname=sa&id=34
File Size:3845
Last Modified:Jul 16 14:22:00 2004
MD5 Checksum:54edaf34e6a8d8831832bb7b3202a67a

 ///  File Name: whisperFTP.txt
Description:
A buffer overflow in Whisper FTP Surfer 1.0.7 occurs when the client tries to delete a temporary file with an excessively long filename.
Author:Komrade
Homepage:http://unsecure.altervista.org
File Size:1023
Last Modified:Jul 22 00:29:29 2004
MD5 Checksum:753eef219f0cc2824040bb6d012d42d5

 ///  File Name: winmediaExec.txt
Description:
A flaw exists in Windows Media Player that allows a malicious asx file to be executed running javascript in a local zone. Tested against MSDXM.DLL file version 6.4.09.1128 on Microsoft Windows 2000.
Author:Paul
Homepage:http://www.geryhats.cjb.net
File Size:1163
Last Modified:Jul 11 11:45:00 2004
MD5 Checksum:d9d57e639a404636401e7610d05eb4fe

 ///  File Name: XSR1800.txt
Description:
Enterasys XSR-1800 Security Routers crash when passing a packet with the option record route.
Author:Frederico Queiroz
File Size:452
Last Modified:Jul 2 18:55:00 2004
MD5 Checksum:82b0c71694cec2c8a53171e63d09bdb1

 ///  File Name: ZH2004-15SA.txt
Description:
I-Mall Commerce is susceptible to remote arbitrary command execution due to a lack of variable sanity checking.
Author:SPAX
Homepage:http://www.zone-h.org
File Size:1143
Last Modified:Jul 5 08:43:00 2004
MD5 Checksum:9a169081332944c9dcd152290b3fa100

 ///  File Name: ZoomX3.txt
Description:
The Zoom X3 ADSL modem has a backdoor menu on TCP port 254 that uses the factory default password for access. However, even if the password is changed on the main menu, the backdoor system still allows access with it.
Author:Adam Laurie
File Size:2428
Last Modified:Jul 5 08:39:00 2004
MD5 Checksum:dc2c285338609813f1f60e4ce58f4566