Section:  .. / 0410-advisories  /

Page 3 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 50 - 75 of 254
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: rsshFormat.txt
Description:
rssh versions below 2.2.2 suffer from a format string vulnerability that may allow for privilege escalation.
Author:Derek Martin
Homepage:http://www.pizzashack.org/
File Size:2475
Last Modified:Oct 27 05:42:07 2004
MD5 Checksum:66030e868f44a2848e1ae83843f52b6d

 ///  File Name: aoljournals_advisory.txt
Description:
An information disclosure flaw in AOL Journals allows any remote attacker to increment BlogIDs in order to reveal other user email addresses.
Author:Steven
File Size:2541
Last Modified:Oct 27 05:37:51 2004
MD5 Checksum:6e073986f6cffe97de9d366059c8082e

 ///  File Name: sa12946.txt
Description:
Secunia Security Advisory - An vulnerability has been reported in HP Serviceguard, which potentially can be exploited by malicious people to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/12946/
File Size:2034
Last Modified:Oct 27 05:35:21 2004
MD5 Checksum:43d715efe96a672010a370eea2eb9d7c

 ///  File Name: htmlrender.txt
Description:
Addendum to previous post regarding browser inabilities to render HTML securely. It appears that problems thought not to also include MSIE do affect that product as well.
Author:Michal Zalewski
Homepage:http://lcamtuf.coredump.cx/
File Size:2680
Last Modified:Oct 27 05:34:17 2004
MD5 Checksum:6efa666bf95d1f9996a5d197c3e7d894

 ///  File Name: 10.22.04.txt
Description:
iDEFENSE Security Advisory 10.22.04 - An exploitable heap overflow in the handling of malformed tiff files has been discovered in the latest version of libtiff when JPEG support has been enabled. An attacker can exploit the above-described vulnerability to execute arbitrary code under the permissions of the target user. Successful exploitation requires that the attacker convince the end-user to open the malicious tiff file using an application linked with a vulnerable version of libtiff.
Author:Andrei Nigmatulin
Homepage:http://www.idefense.com/
File Size:3073
Related CVE(s):CAN-2004-0929
Last Modified:Oct 27 05:30:06 2004
MD5 Checksum:6701146a2bb3ad217d77153d8dbf105b

 ///  File Name: JavaPhone.txt
Description:
Two very serious security vulnerabilities in Java technology for mobile devices (Java 2 Micro Edition) affects about 250 million mobile phones coming from Nokia, Siemens, Panasonic, Samsung, Motorola and others. Sun has refused to release an alert regarding these issues. Information about these flaws has been published at Hack In the Box Security Conference earlier this month in Kuala Lumpur, Malaysia.
Author:Adam Gowdiak
Homepage:http://www.man.poznan.pl
Related File:hitb04-adam-gowdiak.pdf
File Size:2542
Last Modified:Oct 27 05:24:06 2004
MD5 Checksum:1578a24e5a23db54eead328b0631221f

 ///  File Name: 20041021-1.txt
Description:
A specially crafted WAV file can cause the WAV file property handler to consume all available CPU resources on Windows XP.
Homepage:http://www.hexview.com/
File Size:3456
Last Modified:Oct 27 05:19:27 2004
MD5 Checksum:91b5dc8704dc9b548d58a9504b914f54

 ///  File Name: MDKSA-2004:113.txt
Description:
Mandrakelinux Security Update Advisory - Multiple integer overflow issues affecting xpdf-2.0 and xpdf-3.0. Also programs like cups which have embedded versions of xpdf. These can result in writing an arbitrary byte to an attacker controlled location which probably could lead to arbitrary code execution.
Author:Chris Evans
Homepage:http://www.mandrakesoft.com/security/advisories
File Size:3180
Related CVE(s):CAN-2004-0888, CAN-2004-0889
Last Modified:Oct 27 05:15:56 2004
MD5 Checksum:dbbeceb18f4a83c657d4ce2e53f6f3b8

 ///  File Name: glsa-200410-21.txt
Description:
Gentoo Linux Security Advisory GLSA 200410-21 - A flaw has been found in mod_ssl where the SSLCipherSuite directive could be bypassed in certain configurations if it is used in a directory or location context to restrict the set of allowed cipher suites.
Homepage:http://security.gentoo.org/
File Size:3381
Related CVE(s):CAN-2004-0885
Last Modified:Oct 27 05:13:37 2004
MD5 Checksum:2922101beae1ff2a51b7409661d3b481

 ///  File Name: serendipHTTP.txt
Description:
A HTTP Response Splitting vulnerability has been reported in Serendipity 0.7-beta4.
Author:Chaotic Evil
File Size:1338
Last Modified:Oct 27 05:09:15 2004
MD5 Checksum:db6a51a1b0c6c6234457ba964db7b11c

 ///  File Name: dsa-573.txt
Description:
Debian Security Advisory 573-1 - Chris Evans discovered several integer overflows in xpdf, that are also present in CUPS, the Common UNIX Printing System, which can be exploited remotely by a specially crafted PDF document.
Homepage:http://www.debian.org/security/
File Size:13747
Related CVE(s):CAN-2004-0888
Last Modified:Oct 27 05:04:09 2004
MD5 Checksum:e2c4e1c29299b78f7da86159ed8d6fe6

 ///  File Name: glsa-200410-19.txt
Description:
Gentoo Linux Security Advisory GLSA 200410-19 - The catchsegv script in the glibc package is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the script.
Homepage:http://security.gentoo.org/
File Size:2973
Last Modified:Oct 27 05:02:24 2004
MD5 Checksum:8c29131f33236e61b79b647c46f6c023

 ///  File Name: altiris.txt
Description:
Altiris Deployment server versions 5.x, 6.x, and possibly others are susceptible to a design flaw that allows an attacker to take complete control over all Altiris clients on a network with relative ease.
Author:Brian Gallagher
Homepage:http://DiamondSea.com
File Size:7937
Last Modified:Oct 27 05:00:09 2004
MD5 Checksum:5d13cbee590d98efdbaccd8d914aacf4

 ///  File Name: sa12916.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Speedtouch USB Driver, which potentially can be exploited by malicious, local users to gain escalated privileges.
Author:Max Vozeler
Homepage:http://secunia.com/advisories/12916/
File Size:1833
Last Modified:Oct 27 04:58:00 2004
MD5 Checksum:bd9eaac2e2cd8be12bcb3c9376cbb01e

 ///  File Name: sa12909.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Serendipity, which can be exploited by malicious people to conduct script insertion and cross-site scripting attacks.
Homepage:http://secunia.com/advisories/12909/
File Size:1873
Last Modified:Oct 27 04:56:28 2004
MD5 Checksum:dc31fe52bd039d06afae8e196c57a50c

 ///  File Name: dsa-572.txt
Description:
Debian Security Advisory 572-1 - A problem has been discovered in ecartis, a mailing-list manager, which allows an attacker in the same domain as the list admin to gain administrator privileges and alter list settings.
Homepage:http://www.debian.org/security/
File Size:6888
Related CVE(s):CAN-2004-0913
Last Modified:Oct 27 04:54:57 2004
MD5 Checksum:c59cb109affb7708979f4e265d2c07c6

 ///  File Name: SUSE-SA:2004:037.txt
Description:
SUSE Security Announcement - An integer underflow problem in the iptables firewall logging rules can allow a remote attacker to crash the machine by using a handcrafted IP packet. This attack is only possible with firewalling enabled.
Homepage:http://www.suse.com/
File Size:20625
Related CVE(s):CAN-2004-0816, CAN-2004-0887
Last Modified:Oct 27 04:51:52 2004
MD5 Checksum:02b512e803e2900214b02d8177cd1ce5

 ///  File Name: SA2004-02.txt
Description:
NSFOCUS Security Advisory SA2004-02 - NSFOCUS Security Team found a security vulnerability in the program stmkfont of an HP-UX system. Exploiting this vulnerability, local attackers could gain group bin privileges.
Homepage:http://www.nsfocus.com/
File Size:3058
Related CVE(s):CAN-2004-0965
Last Modified:Oct 27 04:48:24 2004
MD5 Checksum:0742a5f27abfff845168dab3ec030241

 ///  File Name: eSlate3000.txt
Description:
Interesting write up of using an eSlate3000 made by Hart Intercivic. Due to their early arrival, Honolulu County has already started using them for walk-in absentee ballots.
Author:Jason Coombs
File Size:3506
Last Modified:Oct 27 04:46:26 2004
MD5 Checksum:025a5931d8ee686fa6ee6d6bbffcd019

 ///  File Name: glsa-200410-17.txt
Description:
Gentoo Linux Security Advisory GLSA 200410-17 - OpenOffice.org uses insecure temporary files which could allow a malicious local user to gain knowledge of sensitive information from other users' documents.
Homepage:http://security.gentoo.org/
File Size:3777
Last Modified:Oct 27 04:42:45 2004
MD5 Checksum:99fe4ec6a92f27c7a540acfa6731c090

 ///  File Name: sa12881.txt
Description:
Secunia Security Advisory - Roger Sylvain has reported a vulnerability in Nortel Contivity VPN Client, potentially allowing malicious people to open a VPN tunnel to the client.
Homepage:http://secunia.com/advisories/12881/
File Size:2125
Last Modified:Oct 27 04:42:07 2004
MD5 Checksum:24587c615bb3ca2d06a6e56da6c48ac4

 ///  File Name: linuxRace.txt
Description:
Linux 2.6.9 fixes a set of race conditions in the Linux terminal subsystem which are believed to go back to 2.2 kernels if not earlier. The race shows up problematically in two places.
Author:Alan Cox
File Size:1390
Last Modified:Oct 27 04:38:19 2004
MD5 Checksum:5a2a6f231a171671c09eb5fb9804d236

 ///  File Name: privateer104141.txt
Description:
Privateer's Bounty: Age of Sail II versions 1.04.151 and below is affected by a buffer overflow occurring when an attacker joins on the server using a nickname at least 144 bytes in length.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:aos2bof.zip"
File Size:1513
Last Modified:Oct 27 04:34:53 2004
MD5 Checksum:25af558bcfdab021be410c93909f0826

 ///  File Name: dsa-570.txt
Description:
Debian Security Advisory 570-1 - Several integer overflows have been discovered by its upstream developers in libpng, a commonly used library to display PNG graphics. They could be exploited to cause arbitrary code to be executed when a specially crafted PNG image is processed.
Homepage:http://www.debian.org/security/
File Size:6647
Related CVE(s):CAN-2004-0955
Last Modified:Oct 27 04:32:37 2004
MD5 Checksum:a5eeff813aaaaaaf3c5a04b0266922fb

 ///  File Name: dsa-571.txt
Description:
Debian Security Advisory 571-1 - Several integer overflows have been discovered by its upstream developers in libpng, a commonly used library to display PNG graphics. They could be exploited to cause arbitrary code to be executed when a specially crafted PNG image is processed.
Homepage:http://www.debian.org/security/
File Size:6715
Related CVE(s):CAN-2004-0955
Last Modified:Oct 27 04:31:11 2004
MD5 Checksum:b330f88534c82e30bbf221dbaa75002d