Section:  .. / 0407-advisories  /

Page 5 of 5
<< 1 2 3 4 5 >> Files 100 - 114 of 114
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: 200420kernel.txt
Description:
SuSE Security Announcement - A problem exists in the Linux kernel 2.4 and 2.6 series where missing Discretionary Access Control (DAC) in the chown(2) system call allow an attacker with a local account the ability to change the group ownership of arbitrary files.
Homepage:http://www.suse.com/
File Size:31979
Related CVE(s):CAN-2004-0495, CAN-2004-0496, CAN-2004-0497, CAN-2004-0535, CAN-2004-0626
Last Modified:Jul 2 14:32:00 2004
MD5 Checksum:f336a283e5c65794d679c8de8d8fb57c

 ///  File Name: glsa-200407-01.html
Description:
Tavis Ormandy has discovered a vulnerability in esearch for Gentoo Linux, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The vulnerability is caused due to the eupdatedb utility creating the temporary file /tmp/esearchdb.py.tmp insecurely. This can be exploited via symlink attacks to create or overwrite arbitrary files with the privileges of the user invoking the utility.
Homepage:http://www.gentoo.org/security/en/glsa/glsa-200407-01.xml
File Size:4177
Last Modified:Jul 2 07:08:00 2004
MD5 Checksum:ce0089fbf7bc30790f0f9e0328132fbb

 ///  File Name: sa11986.txt
Description:
Secunia Security Advisory - Two vulnerabilities have been reported in RSBAC, potentially allowing malicious, local users to escalate their privileges. One allows a malicious user the ability to switch the AUTH module off. This affects 1.0.8 through 1.2.2. The other allows users to create suid and sgid files. This affects 1.2.2.
Homepage:http://secunia.com/advisories/11986/
File Size:2085
Last Modified:Jul 2 07:02:00 2004
MD5 Checksum:f5ab3013ab4a68f86a7e1b67fd99ec91

 ///  File Name: IBMispy.txt
Description:
The IBM Informix I-Spy product has a flaw where the runbin executable present in the bin directory has set userid permission for user root. As a result, there is a potential for users to gain root access.
Homepage:http://www-1.ibm.com/support/docview.wss?uid=swg21172742&rs=260
File Size:3055
Last Modified:Jul 2 06:59:00 2004
MD5 Checksum:e6cd2f038601cc860c957427395de767

 ///  File Name: 07.01.04.txt
Description:
iDEFENSE Security Advisory 07.01.04: WinGate Information Disclosure Vulnerability - An input validation vulnerability in Qbik WinGate allows attackers to retrieve arbitrary system files.
Homepage:http://www.idefense.com
File Size:3394
Related CVE(s):CAN-2004-0577, CAN-2004-0578
Last Modified:Jul 2 06:56:00 2004
MD5 Checksum:85d822a1002428c6710f836c60121262

 ///  File Name: SCIphoto.txt
Description:
SCI Photo Chat Server version 3.4.9 is susceptible to a cross site scripting vulnerability.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1621
Last Modified:Jul 2 06:55:00 2004
MD5 Checksum:60f617448ee17a2e546fc9c02cc2a395

 ///  File Name: easy12.txt
Description:
Easy Chat Server version 1.2 is susceptible to multiple denial of service vulnerabilities.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:2164
Last Modified:Jul 2 06:54:00 2004
MD5 Checksum:b924b36113ed9cd033d8663f2c60cc3a

 ///  File Name: Easy_chat_server.txt
Description:
A vulnerability in the Easy Chat server allows access to files located outside of the "webroot" due to the possibility of trivial escaping the webroot by typing ../.
Author:dr_insane, dr_insane@pathfinder.gr
Homepage:http://members.lycos.co.uk/r34ct/
File Size:1092
Last Modified:Jul 1 14:19:00 2004
MD5 Checksum:c70ac4f95758b578812126b07d87ed2e

 ///  File Name: Enceladus_web_server.txt
Description:
A directory traversal vulnerability has been discovered in Enceladus web server beta 4.0.2. It can be trivially exploited by simply tying ../ as part of the URL to view directories or files outside of the webroot.
Homepage:http://members.lycos.co.uk/r34ct/
File Size:1380
Last Modified:Jul 1 14:01:00 2004
MD5 Checksum:9afa43e3750e0a07d1d3e9cb3ed59991

 ///  File Name: netegrityXSS.txt
Description:
A cross site scripting vulnerability exists in Netegrity IdentityMinder Web Edition 5.6 SP2 for Windows and Netegrity Policy Server version 5.5.
Author:hexview
File Size:2399
Last Modified:Jul 1 13:59:00 2004
MD5 Checksum:2b214c050da725dba066adffb8ca0d4f

 ///  File Name: dlink624.txt
Description:
The DI-624+ SOHO DLINK router suffers a script injection vulnerability that uses DHCP as a vector of attack.
Author:Gregory Duchemin
File Size:2547
Last Modified:Jul 1 13:53:00 2004
MD5 Checksum:c941c048bae8662782f9d8aad28f39fe

 ///  File Name: FreeBSD-SA-04:13.linux.txt
Description:
FreeBSD Security Advisory FreeBSD-SA-04:13.linux - A programming error in the handling of some Linux system calls may result in memory locations being accessed without proper validation under FreeBSD. All 4.x and 5.x releases are susceptible.
Homepage:http://www.freebsd.org/security/
File Size:5825
Related CVE(s):CAN-2004-0602
Last Modified:Jul 1 13:42:00 2004
MD5 Checksum:f5ab23185b06aeb32c628c6b256c9f97

 ///  File Name: domino651.txt
Description:
Lotus Domino 6.5.0/6.5.1 has a flaw that allows every user the ability to change their quota on an imap-enabled Domino Server to any value.
Author:Andreas Klein
File Size:1521
Last Modified:Jul 1 13:33:00 2004
MD5 Checksum:04d6aebd6dd58b66b662226d23b31021

 ///  File Name: sa11978.txt
Description:
Secunia Security Advisory - A 6 year old vulnerability has been discovered in multiple browsers, allowing malicious people to spoof the content of websites. The problem is that the browsers do not check if a target frame belongs to a website containing a malicious link, which therefore does not prevent one browser window from loading content in a named frame in another window. Successful exploitation allows a malicious website to load arbitrary content in an arbitrary frame in another browser window owned by e.g. a trusted site. Affected browsers: Safari 1.x, Opera 5-7.x, Netscape 6-7.x, Mozilla Firefox 0.x, Mozilla 0-1.6, Konqueror 3.x, and Internet Explorer 5.x for Mac.
Homepage:http://secunia.com/advisories/11978/
File Size:3379
Last Modified:Jul 1 13:28:00 2004
MD5 Checksum:bcb379122027a7b03deb633f933cae85