Section:  .. / 0403-advisories  /

Page 3 of 4
<< 1 2 3 4 >> Files 50 - 75 of 90
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: NA2002.txt
Description:
Norton Antivirus 2002 fails to scan files with special character(s) properly resulting in a crash.
Author:Bipin Gautam aka hUNT3R
File Size:1280
Last Modified:Mar 6 04:37:00 2004
MD5 Checksum:841aebbb1228c4004ee3eb606f20d08a

 ///  File Name: netscreenXSS.txt
Description:
Netscreen-SA 5000 services VPNs are susceptible to cross site scripting attacks.
Author:Mark Lachniet
File Size:2964
Last Modified:Mar 2 21:31:00 2004
MD5 Checksum:41c6f05cfa3d60c2f48908869e627ae5

 ///  File Name: nisrce.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR19042004b - Symantec's Norton Internet Security 2004 Professional makes use of an ActiveX component that is marked safe for scripting, particularly WrapUM.dll. Using the LaunchURL method an attacker has the ability to force the browser to run arbitrary executables on the target.
Author:Mark Litchfield
Homepage:http://www.ngssoftware.com/advisories/nisrce.txt
File Size:2559
Last Modified:Mar 19 19:23:00 2004
MD5 Checksum:463931f265ad4a0daff86e14957d6f76

 ///  File Name: novellweb.htm
Description:
Novell has identified an issue with the default configuration of GroupWise 6 and 6.5 WebAccess that could allow unauthorized access to the WebAccess server. This issue affects only systems running GroupWise 6 or 6.5 WebAccess on NetWare using the Apache 1.3x web server and where Apache is loaded using the GWAPACHE.CONF file.
Homepage:http://support.novell.com/cgi-bin/search/searchtid.cgi?/10091330.htm
File Size:17080
Last Modified:Mar 16 08:18:09 2004
MD5 Checksum:99d7e8c58a751f22499bf208ee154361

 ///  File Name: o-088.shtml
Description:
CIAC INFORMATION BULLETIN O-088: On both Solaris 8 and 9 (SPARC and x86 Platforms) a local unprivileged user may be able to gain unauthorized root privileges due to a security issue involving the passwd command.
Author:CIAC
Homepage:http://www.ciac.org/ciac/bulletins/o-088.shtml
File Size:8388
Last Modified:Mar 6 04:33:24 2004
MD5 Checksum:e7588f48331a2951ecdecaf22b0f1df1

 ///  File Name: OpenPKG-SA-2004.006.txt
Description:
OpenPKG Security Advisory - UUDeview versions 0.5.19 and below suffer from buffer overflows and insecure temporary file handling.
Author:The OpenPKG Project
Homepage:http://www.openpkg.org/security.html
File Size:3777
Last Modified:Mar 13 08:31:33 2004
MD5 Checksum:84e1c8fa1dfdb48cec0b64b5098d5c62

 ///  File Name: outlook032004.txt
Description:
Microsoft Outlook contains a vulnerability which allows execution of arbitrary code when a victim user views a web page or an e-mail message created by an attacker. According to Microsoft the affected supported versions are Microsoft Office XP SP2 and Microsoft Outlook 2002 SP 2. Some earlier versions are vulnerable too, but not supported by the vendor.
Author:Jouko Pynn�nen
Homepage:http://iki.fi/jouko/
File Size:2618
Last Modified:Mar 11 02:35:27 2004
MD5 Checksum:a786f33a68425d0d583bd412ca29aeb1

 ///  File Name: phpBB206a.txt
Description:
phpBB versions 2.0.6 and below suffer from a SQL injection vulnerability in the search.php file. Workaround included.
Author:pokleyzz
Homepage:http://www.scan-associates.net
Related Exploit:gemuruh-v2.php.txt
File Size:2341
Last Modified:Mar 15 20:40:12 2004
MD5 Checksum:7eba141ea384a599e9677a3788face6c

 ///  File Name: phpBB207a.txt
Description:
phpBB versions 2.0.7a and below are susceptible to cross site scripting, SQL injection, and remote command execution attacks.
Author:JeiAr
Homepage:http://www.gulftech.org
File Size:7322
Last Modified:Mar 20 18:23:00 2004
MD5 Checksum:8c1c502b91197f96ecae43347d872b74

 ///  File Name: phpbbprofile.txt
Description:
phpBB 2.0.6d suffers from a cross site scripting vulnerability.
Author:Cheng Peng Su
File Size:1404
Last Modified:Mar 20 18:12:00 2004
MD5 Checksum:8a96d182867bd1bae916a3b61e995dca

 ///  File Name: phpkit.txt
Description:
PHPKIT version 1.6.03 suffers from a cross site scripting vulnerability.
Author:Yanosz
File Size:792
Last Modified:Mar 30 20:40:00 2004
MD5 Checksum:ea9213f4c4ba3a9d332cc7099f954461

 ///  File Name: picophone163.txt
Description:
PicoPhone versions 1.63 and below have a buffer overflow in their logging function that allows an attacker to take over the server.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:picobof.zip
File Size:1524
Last Modified:Mar 24 17:17:00 2004
MD5 Checksum:c58c41988177769677bdbda6666df03f

 ///  File Name: R7-0017.txt
Description:
Rapid7 Security Advisory - tcpdump versions 3.8.1 and below contain multiple flaws in the packet display functions for the ISAKMP protocol. Upon receiving specially crafted ISAKMP packets, tcpdump will try to read beyond the end of the packet capture buffer and crash.
Author:Rapid7 Security Advisories
Homepage:http://www.rapid7.com/advisories/R7-0017.html
File Size:4839
Related CVE(s):CAN-2004-0183, CAN-2004-0184
Last Modified:Mar 30 19:48:00 2004
MD5 Checksum:67e1c0e97a7b6127733398b41d86e52e

 ///  File Name: R7-0018.isakmpd.txt
Description:
Rapid7 Security Advisory - OpenBSD isakmpd payload handling is subject to multiple denial of service vulnerabilities. Known vulnerable: OpenBSD 3.4 and earlier, OpenBSD-current as of March 17, 2004.
Author:Rapid7 Security Advisories
Homepage:http://www.rapid7.com/
File Size:5061
Related CVE(s):CAN-2004-0218, CAN-2004-0219, CAN-2004-0220, CAN-2004-0221, CAN-2004-0222
Last Modified:Mar 24 07:15:00 2004
MD5 Checksum:ff6add0baf9cf2fe0508ba814bc1c676

 ///  File Name: realHelix9.txt
Description:
Pentest Limited Security Advisory - The RealNetworks Helix 9 Server allows for an authenticated attacker to submit malformed HTTP POST requests against the Administration server to trigger a buffer overflow and execute arbitrary code. Affected versions: Helix Universal Mobile Server and Gateway 10, version 10.1.1.120 and prior; Helix Universal Server and Gateway 9, version 9.0.2.881 and prior.
Homepage:http://www.pentest.co.uk/
File Size:2607
Related CVE(s):CAN-2004-0049
Last Modified:Mar 18 18:25:29 2004
MD5 Checksum:66d23f86209a9b83426d2f5cba1e4e4b

 ///  File Name: repredhat.txt
Description:
A local buffer overflow vulnerability exists in REP version 0.15.1 on RedHat Linux 7.3. Proof of concept exploitation included.
Homepage:http://www.blackangels.it
File Size:2517
Last Modified:May 1 18:09:19 2004
MD5 Checksum:39225a84cba3e870a2ffcdc5452210b4

 ///  File Name: RHSA-2004:093-01.txt
Description:
Red Hat Security Advisory RHSA-2004:093-01 - Alan Cox discovered a vulnerability in the systat package where the post and trigger scripts insecurely created temporary filenames, allowing for a symlink attack using /tmp.
Homepage:https://www.redhat.com/solutions/security/news/contact.html
File Size:3953
Related CVE(s):CAN-2004-0107
Last Modified:Mar 11 17:44:38 2004
MD5 Checksum:43d951b7e20b40788c778ebd4604593e

 ///  File Name: RHSA-2004:134-01.txt
Description:
Red Hat Security Advisory RHSA-2004:134-01 - A bug was found in the processing of %-encoded characters in a URL in versions of Squid 2.5.STABLE4 and earlier. If a Squid configuration uses Access Control Lists (ACLs), a remote attacker could create URLs that would not be correctly tested against Squid's ACLs, potentially allowing clients to access prohibited URLs.
Homepage:http://www.redhat.com/
File Size:4393
Related CVE(s):CAN-2004-0189
Last Modified:Mar 29 02:11:00 2004
MD5 Checksum:4c18ad62669586588d02b6bf5eb9695d

 ///  File Name: rogerwilco2.txt
Description:
RogerWilco versions 1.4.1.6 and below and RogerWilco Base Station versions 0.30a suffer from multiple bugs. From being crashed with a malformed UDP packet to spoofing 'voice' traffic when not even being connected to a channel, quite a few amusing problems are listed.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:wilco.zip
File Size:10816
Last Modified:Mar 31 20:11:00 2004
MD5 Checksum:c415dccfdd1b912ce202b7e7b276f867

 ///  File Name: RSTACK-20040325.txt
Description:
Rstack Team Security Advisory RSTACK-20040325 - Nstxd has been found vulnerable to a denial of service attack due to a null-pointer-dereference.
Author:Rstack Team
Homepage:http://www.rstack.org/
File Size:2289
Last Modified:Mar 27 04:14:14 2004
MD5 Checksum:5e32679021aad2cac7230454ff587b51

 ///  File Name: safariJS.txt
Description:
Safari Javascript engine versions 1.2 and below suffer from a denial of service vulnerability due to an improper allocation of arrays.
Author:kang
File Size:1123
Last Modified:Mar 9 06:19:04 2004
MD5 Checksum:7ba0d5c9506735a8a2c00a009be66a99

 ///  File Name: secadv_20040317.txt
Description:
OpenSSL Security Advisory - A Null-pointer assignment during an SSL handshake can result in a denial of service. Versions 0.9.6c to 0.9.6k and 0.9.7a to 0.9.7c are affected by this issue. Versions 0.9.7a, 0.9.7b, and 0.9.7c are affected by another vulnerability in the handling of Kerberos ciphersuites that can cause OpenSSL to crash. Patches are attached to the advisory.
Homepage:http://www.openssl.org/news/secadv_20040317.txt
File Size:3155
Related CVE(s):CAN-2004-0079, CAN-2004-0112
Last Modified:Mar 17 15:36:13 2004
MD5 Checksum:8296433d89da39966b6d020c7aa78ebb

 ///  File Name: slmailsrc.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR05022004a - SLMail Pro Supervisor Report Center versions 2.0.9 and below are vulnerable to a buffer overflow attack when supplied with an overly long HTTP sub-version.
Author:David Litchfield
Homepage:http://www.ngssoftware.com/advisories/slmailsrc.txt
File Size:2147
Last Modified:Mar 5 22:23:58 2004
MD5 Checksum:381f8428881bb22dd2452beba88e8254

 ///  File Name: slmailwm.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR05022004b - SLWebMail has multiple buffer overflow vulnerabilities that are related to ISAPI appliactions.
Author:David Litchfield
Homepage:http://www.ngssoftware.com/advisories/slmailwm.txt
File Size:2019
Last Modified:Mar 5 22:28:00 2004
MD5 Checksum:3b3c992ac61ac071ca7b1da1388f08c5

 ///  File Name: soapy.txt
Description:
Multiple vendors suffer from a denial of service vulnerability in their SOAP servers. Products affected: Macromedia ColdFusion/MX 6.0 and 6.1, ColdFusion/MX 6.0 and 6.1 J2EE, all editions of Macromedia JRun 4.0, and Sun Java System Application Server 7 Update 2 Upgrade and prior releases.
Author:Amit Klein
Homepage:http://www.SanctumInc.com
File Size:1693
Last Modified:Mar 17 07:41:11 2004
MD5 Checksum:c51d9646055d66485691116fe1f72ee0