Section:  .. / 0408-advisories  /

Page 2 of 6
<< 1 2 3 4 5 6 >> Files 25 - 50 of 147
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: sa12374.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in ignitionServer, which can be exploited by malicious people to cause a DoS (Denial of Service) on vulnerable systems. The vulnerability is caused due to insufficient restrictions on the SERVER command. The command is designed for server to server communication, but can be exploited by clients to introduce non-existing servers to the network. This can further be exploited to cause a DoS by introducing multiple servers, which can potentially flood the network. The vulnerability reportedly affect versions 0.1.2 through 0.3.1.
Homepage:http://secunia.com/advisories/12374/
File Size:2068
Last Modified:Aug 26 23:26:22 2004
MD5 Checksum:0a17fff5f0bfcfc42a7c6b42118e67a3

 ///  File Name: rediffnewreport.txt
Description:
Multiple filter bypass vulnerabilities have been discovered in rediffmail.com.
Author:Viper
File Size:9738
Last Modified:Aug 26 23:20:13 2004
MD5 Checksum:df19239f1198cb933045a509aee1fc9b

 ///  File Name: outlookNoBCC.html
Description:
E-mail recipients who are listed in the BCC box can be viewed by e-mail recipients who are listed in the To and CC boxes when you send a multi-part e-mail message by using Outlook Express 6.0
Homepage:http://support.microsoft.com/default.aspx?scid=kb;EN-US;843555
File Size:5891
Last Modified:Aug 26 23:17:39 2004
MD5 Checksum:0d81541e32da87256bd0786496c3f1de

 ///  File Name: NGSEC-2004-7.txt
Description:
Next Generation Advisory NGSEC-2004-7 - NtRegmon, the Registry monitoring utility for Windows, suffers from an unvalidated pointer referencing. While any privileged user is using NtRegmon, any local and unauthorized user can crash the system. Versions below 6.12 are susceptible.
Author:Ferm�n J. Sern/a>
Homepage:http://www.ngsec.com/
File Size:2540
Last Modified:Aug 26 22:12:53 2004
MD5 Checksum:0fe7c24bff3aa28d43b7413f8a80d29e

 ///  File Name: entrust-sgs20-readme.txt
Description:
The Model 5400 Series Symantec Gateway Security 2.0 has released hotfixes that address the denial of service attack issue reported against isakmpd.
File Size:2999
Related CVE(s):CAN-2004-0369
Last Modified:Aug 26 22:10:18 2004
MD5 Checksum:35c9f36da5ed660dbd1dbfd342b426f2

 ///  File Name: entrust-sgs10-readme.txt
Description:
Symantec Gateway Security 1.0 has released hotfixes that address the denial of service attack issue reported against isakmpd.
File Size:1857
Related CVE(s):CAN-2004-0369
Last Modified:Aug 26 22:09:14 2004
MD5 Checksum:2c2095c708ae3a35170199ffe50d6303

 ///  File Name: entrust-vr15-readme.txt
Description:
Symantec VelociRaptor 1.5 has released hotfixes that address the denial of service attack reported against isakmpd.
File Size:1866
Related CVE(s):CAN-2004-0369
Last Modified:Aug 26 22:07:58 2004
MD5 Checksum:092651efef30307d6382ccede260c3e1

 ///  File Name: phpcodeXSS.txt
Description:
The PHP Code Snippet Library suffers from multiple cross site scripting flaws.
Author:Nikyt0x
Homepage:http://nikyt0x.webcindario.com
File Size:799
Last Modified:Aug 26 21:54:10 2004
MD5 Checksum:aff61ed38393ebfb61960afb38496665

 ///  File Name: sa12360.txt
Description:
Secunia Security Advisory - The vendor has reported a vulnerability in PvPGN, potentially allowing malicious people to see sensitive information. An unspecified problem with statsreq may expose sensitive information. This has been fixed in version 1.6.4.
Homepage:http://secunia.com/advisories/12360/
File Size:1644
Last Modified:Aug 26 21:36:53 2004
MD5 Checksum:31be559d1ae953be8389b98ba093f79b

 ///  File Name: painkiller131.txt
Description:
Painkiller versions 1.3.1 and below have a memory corruption flaw with limited code execution possibilities.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:painkex.zip"
File Size:2815
Last Modified:Aug 26 21:24:20 2004
MD5 Checksum:a76cebe5fbd44a2d121210f1cf27db83

 ///  File Name: 00044-08232004.txt
Description:
GulfTech Security Advisory - Multiple Liveworld products suffer from cross site scripting flaws.
Author:James Bercegay
Homepage:http://www.gulftech.org/
File Size:2785
Last Modified:Aug 26 21:17:05 2004
MD5 Checksum:fd60e55e1e12b2b8e39359c2d9b691b0

 ///  File Name: sredird.txt
Description:
sredird versions 2.2.1-1 and below suffer from a format string bug and a buffer overflow that may let remote users execute arbitrary code.
Author:Max Vozeler
File Size:4286
Last Modified:Aug 26 21:10:27 2004
MD5 Checksum:cad9ea9b796dc1cc4e5cbd09351fac2d

 ///  File Name: 57627.html
Description:
Sun Security Advisory - A buffer overflow in the Sun Solaris CDE Mailer dtmail allows for arbitrary code execution with mail group privileges.
Homepage:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57627
File Size:6085
Last Modified:Aug 26 20:47:37 2004
MD5 Checksum:5a7c0c8e8e253ca73f9b7c84f4fb1a7a

 ///  File Name: DynixWebpac.txt
Description:
Epixtech Dynix Webpac suffers from SQL injection attacks that allow for login bypass, command execution, and more.
Author:Wil Allsopp
File Size:847
Last Modified:Aug 26 20:41:56 2004
MD5 Checksum:afc84328a0fe6ca2ef6f07e6c71f2387

 ///  File Name: IEdetect.txt
Description:
Much like in the recent advisory about detection of directories in Opera, a similar method of detection has been discovered in Internet Explorer versions 6 and 5.
Author:Martin Aberastegue
Homepage:http://www.rzw.com.ar
Related File:gm009-op.txt
File Size:2095
Last Modified:Aug 26 20:39:56 2004
MD5 Checksum:fac2f3f45bed49b99f76b4e49dc789e4

 ///  File Name: dsa-541.txt
Description:
Debian Security Advisory DSA 541-1 - In icecast-server, the UserAgent variable is not properly html_escaped allowing an an attacker the ability to cause the client to execute arbitrary Java script commands.
Author:Martin Schulze
Homepage:http://www.debian.org/security/
File Size:4795
Related CVE(s):CAN-2004-0781
Last Modified:Aug 26 20:19:42 2004
MD5 Checksum:4ac93631fadd1df088d9fd3136a56b1e

 ///  File Name: windowWasher55.txt
Description:
Window Washer 5.5 fails to actually full wipe files as the product functionality claims. After deletion, files can still be recovered, and only their metadata is actually wiped.
Author:wbglinks
File Size:1830
Last Modified:Aug 26 20:13:42 2004
MD5 Checksum:e064b2496a011e9b20e2192b4fad9c7e

 ///  File Name: sa12337.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Davenport WebDAV-CIFS Gateway, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to insufficient validation of XML documents sent from clients. This can be exploited by using a specially crafted overly long XML document, which will require excessive resources on expansion. The vulnerability affects versions prior to 0.9.10.
Homepage:http://secunia.com/advisories/12337/
File Size:1750
Last Modified:Aug 26 19:40:57 2004
MD5 Checksum:f554e7058bbea86faea38a0ac5b26aca

 ///  File Name: HS04-005_e.html
Description:
Hitachi Security Advisory - The JP1/File Transmission Server/FTP is susceptible to a denial of service attack. It would be seriously impressive if their advisories could be more vague.
Homepage:http://www.hitachi-support.com/security_e/vuls_e/HS04-005_e/index-e.html
File Size:3837
Last Modified:Aug 26 19:15:15 2004
MD5 Checksum:7cebbc56d7076439d5e39304f75270c3

 ///  File Name: hastysec.html
Description:
Hastymail version 1.0.1 stable and below and 1.1 development and below suffer from a cross site scripting flaw.
Homepage:http://hastymail.sourceforge.net/security.php
File Size:9183
Last Modified:Aug 26 19:02:50 2004
MD5 Checksum:79ebd296718b3fce8e89dd39a67b448c

 ///  File Name: suphp-advisory.txt
Description:
MOD_SUPHP is an Apache module that allows php scripts to run as users rather than the www-data user. A condition exists that would allow an attacker to use this module to run arbitrary code.
Author:Steven Van Acker
File Size:3966
Related OSVDB(s):9156
Last Modified:Aug 26 04:02:01 2004
MD5 Checksum:45f90e4fc4ffcce292b38d4d8ee7cfd4

 ///  File Name: sa12334.txt
Description:
Secunia Security Advisory - Dmitriy Baranov has reported a vulnerability in aGSM, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when receiving information from a game server. This can be exploited by a malicious server to cause a buffer overflow by returning a specially crafted, overly long Half-life server name (about 148 bytes). Successful exploitation may lead to execution of arbitrary code. The vulnerability has been reported in versions 2.35c and 2.51c. Other versions may also be affected.
Homepage:http://secunia.com/advisories/12334/
File Size:1848
Last Modified:Aug 26 02:20:45 2004
MD5 Checksum:2f5324a442e260eaf7c709e820f3e8e6

 ///  File Name: birdChat161.txt
Description:
Bird Chat version 1.61 is susceptible to a denial of service attack.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1408
Last Modified:Aug 24 10:27:45 2004
MD5 Checksum:a195c0f9b087b5ba971b60c69e7669ea

 ///  File Name: TID10094233.txt
Description:
An unspecified vulnerability with an unknown impact has been reported in Novell Web Manager on Novell NetWare 6.5.
File Size:1308
Last Modified:Aug 24 09:53:44 2004
MD5 Checksum:db119648199c75cb94429ffb399deff3

 ///  File Name: advisory-20040823-1.txt
Description:
KDE Security Advisory - Konqueror suffers from a Cross-Domain Cookie Injection vulnerability.
Homepage:http://www.kde.org/info/security/advisory-20040823-1.txt
File Size:2735
Related CVE(s):CAN-2004-0746
Last Modified:Aug 24 09:45:25 2004
MD5 Checksum:20dd8cfea48eed3ff3a2e76f30cc6985