Section:  .. / 0402-advisories  /

Page 3 of 5
<< 1 2 3 4 5 >> Files 50 - 75 of 107
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: linksysSNMP.txt
Description:
The Linksys WAP55AG does not properly secure SNMP community strings.
Author:NN Poster
File Size:384
Last Modified:Feb 18 08:08:00 2004
MD5 Checksum:bb29eb1215f03927a712e8902f59dab5

 ///  File Name: livejournalXSS.txt
Description:
LiveJournal is vulnerable to a cross site scripting vulnerability.
Author:Joshua Miller
File Size:1276
Last Modified:Feb 19 23:32:00 2004
MD5 Checksum:e9d41f06621b8ba3970b959288ecda53

 ///  File Name: LoadLibrary.txt
Description:
A LoadLibrary / LoadLibraryEx weakness makes SSL on Internet Explorer very vulnerable to a DLL proxy attack. If exploited, unencrypted data can be intercepted before Internet Explorer uses the SSL module to encrypt the data.
Author:OS Security
Homepage:http://www.ossecurity.ca
File Size:4881
Last Modified:Feb 9 23:17:00 2004
MD5 Checksum:be9f982d682ea51f7153b6f707a08b18

 ///  File Name: LynX-adv4_SignatureDB.txt
Description:
SignatureDB is vulnerable to a denial of service attack due to a buffer overflow in a sprintf statement.
Author:LynX
File Size:4075
Last Modified:Feb 16 20:37:00 2004
MD5 Checksum:e00765c5ccf16153c5b01d7c1df273a3

 ///  File Name: MacOSXAFP.txt
Description:
Paper discussing how the the standard Apple Filing Protocol (AFP) does not use encryption to protect transfered data. Login credentials may be sent in cleartext or protected with one of several different hashed exchanges or Kerberos. There does not appear to have been any serious third-party security review of Apple's client or server implementations.
Author:Chris Adams
File Size:7290
Last Modified:Feb 27 23:33:00 2004
MD5 Checksum:8bdd1487d6b85c881f615d77e4101b7b

 ///  File Name: mailmgr.txt
Description:
mailmgr version 1.2.3 is vulnerable to symlink attacks. If the utility is run as root, any file on the system can be overwritten.
Author:Marco van Berkum
File Size:1334
Last Modified:Feb 13 02:56:00 2004
MD5 Checksum:a0f7ca82945ecb9df067978cd8d70653

 ///  File Name: maxwebportal.txt
Description:
MaxWebPortal is vulnerable to a cross site scripting and SQL injection attack.
Author:Manuel L pez
File Size:2636
Last Modified:Feb 10 19:15:00 2004
MD5 Checksum:403d4d022d010104bcdc748ef2a8fcc5

 ///  File Name: mbsa.txt
Description:
The Microsoft Base Analyzer fails to properly report vulnerabilities on its systems when machines have been patched but not rebooted for the patches to take affect.
Author:dotsecure
File Size:2866
Last Modified:Feb 11 02:44:00 2004
MD5 Checksum:0a5a2bbe1000e47ac503c2f90193e72c

 ///  File Name: metamailBUGS.txt
Description:
Two format string bugs and two buffer overflows exist in Metamail versions 2.2 through 2.7. Patch and test scripts to test for these vulnerabilities are available here.
Author:Ulf H�rnhammar
File Size:4373
Related CVE(s):CAN-2004-0104, CAN-2004-0105
Last Modified:Feb 19 05:40:00 2004
MD5 Checksum:728aa78a892e32396f83d3f4bfad3d3c

 ///  File Name: mnoGoSearch0215.txt
Description:
mnoGoSearch versions 3.2.13-15 are vulnerable to a buffer overflow attack when a large document is indexed.
Author:Frank Denis
File Size:3290
Last Modified:Feb 16 17:40:00 2004
MD5 Checksum:fd3a2099347691ac608293bbe7a1ad85

 ///  File Name: monkey081.txt
Description:
Monkey httpd versions 0.8.1 and below suffer from a denial of service vulnerability when subjected to specially crafted HTTP requests.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:1583
Last Modified:Feb 12 00:44:00 2004
MD5 Checksum:8cb5fcea4d067186cd0fc4e8edeae700

 ///  File Name: nCipher-09.txt
Description:
nCipher Security Advisory No. 9 - On certain models and firmware combinations, an attacker who is able to issue commands to an HSM may be able to access secret data stored in the module, including critical application keys.
Homepage:http://www.ncipher.com/support/advisories/
File Size:11635
Last Modified:Feb 23 23:33:00 2004
MD5 Checksum:31dac511eb4d01d3206db5729fcf4f51

 ///  File Name: NGSrealone.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR04022004a -
Author:crafting malformed .RP, .RT, .RAM, .RPM or .SMIL file, it is possible to cause heap and stack based overruns in RealPlayer / RealOne Player. Homepage: http://www.ngssoftware.com/.
File Size:2587
Last Modified:Feb 5 02:56:00 2004
MD5 Checksum:0d5f21938ce0d94310e6cd768dad55e2

 ///  File Name: NokiaVuln.txt
Description:
Nokia 6310i cellular phones (and possibly others like it) could be subject of a denial of service attack when invalid OBEX messages are sent to the phones' protocol handler. This attack results in the phone resetting, terminating any current operations. No device pairing is required therefore anyone in range of the phone could initiate an attack.
Author:Tim Hurman
Homepage:http://www.pentest.co.uk/
File Size:3348
Last Modified:Feb 9 22:45:00 2004
MD5 Checksum:20ce91e11f3277f4c1f201784b2b30ac

 ///  File Name: phpBBXSS.txt
Description:
phpBB's ViewTopic.php script is vulnerable to a cross site scripting attack.
Author:Cheng Peng Su
File Size:1570
Last Modified:Feb 29 22:11:00 2004
MD5 Checksum:cf7d999c135a18776b6c789e7da3f45c

 ///  File Name: phpnukeSQL.txt
Description:
PHPNuke versions greater than 6.9 are susceptible to SQL injection attacks that allow a remote attacker to get an administrator's hash to achieve to administrator access.
Author:pokleyzz
File Size:2139
Last Modified:Feb 10 18:12:00 2004
MD5 Checksum:10409d176ded0ab738e079c21cc40ce7

 ///  File Name: PHPXportal.txt
Description:
PHPX versions 3.2.3 and below suffer from cross site scripting, code injection, and cookie hijacking flaws.
Author:Manuel L�pez
File Size:1929
Last Modified:Feb 4 02:33:00 2004
MD5 Checksum:72601f3690201f010e5fd30f0d1f8566

 ///  File Name: pine-cert-20040201.txt
Description:
Pine Digital Security Advisory PINE-CERT-20040201 - The shmat(2) function has a flaw that allows local users to achieve escalated privileges. Vulnerable systems: FreeBSD versions 2.2.0 and greater, NetBSD versions 1.3 and greater, and OpenBSD versions 2.6 and greater.
Author:Joost Pol
Homepage:http://www.pine.nl/
File Size:3683
Last Modified:Feb 4 23:03:00 2004
MD5 Checksum:25db0c46af816ef1da53abd971ffd9e5

 ///  File Name: PSOProxy091.txt
Description:
The PSOProxy server version 0.91 has a buffer overflow vulnerability when handling large GET requests.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
Related Exploit:PSOProxy.c
File Size:1524
Last Modified:Feb 20 19:06:00 2004
MD5 Checksum:ac59f17fd7642c57beb983616882e383

 ///  File Name: purge.txt
Description:
Purge versions 1.4.7 and below and Purge Jihad versions 2.0.1 and below have buffer overflows affecting the clients of this game.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:2195
Last Modified:Feb 17 00:02:00 2004
MD5 Checksum:616cae731fc987a1e1f2659952800ce2

 ///  File Name: ratbag.txt
Description:
Various game engines and games developed by Ratbag is vulnerable to a denial of service attack. Full analysis given.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:2540
Last Modified:Feb 12 01:02:00 2004
MD5 Checksum:4f5787a77c01c54a7a19019ab3af9f67

 ///  File Name: realplayer.traversal.txt
Description:
When adding a skin file to RealPlayer, if the filename contains a directory traversal, a remote attacker may get files deployed onto the machine anywhere in the system. According to RealNetworks the flaw affects RealOne Player, RealOne Player v2, RealOne Enterprise Desktop, RealPlayer Enterprise.
Author:Jouko Pynn�nen
Homepage:http://iki.fi/jouko/
File Size:2936
Last Modified:Feb 11 02:08:00 2004
MD5 Checksum:71432a1df8d16c4d162d0cbfbcef0b60

 ///  File Name: redfaction120.txt
Description:
Red Faction versions 1.20 and below for Windows and MacOS is susceptible to a buffer overflow client-side.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:2145
Last Modified:Mar 1 20:49:00 2004
MD5 Checksum:142a5eeea2b52b07f705d67926670026

 ///  File Name: RHSA-2004:051-01.txt
Description:
Red Hat Security Advisory - A bug was found in the index menu code in versions of mutt. A remote attacker could send a carefully crafted mail message that can cause mutt to segfault and possibly execute arbitrary code as the victim.
Author:Mark Cox
Homepage:http://www.redhat.com/
File Size:3939
Related CVE(s):CAN-2004-0078
Last Modified:Feb 12 00:21:00 2004
MD5 Checksum:4dcf681d5cc413d1c68cac9efd852ac9

 ///  File Name: rxgoogle.txt
Description:
A cross site scripting vulnerability exists in the rxgoogle.cgi utility. Patch included.
Author:Shaun Colley
File Size:4843
Last Modified:Feb 4 23:20:00 2004
MD5 Checksum:308c941b75c70e20fdcd387e6e6c3641