Section:  .. / 0405-advisories  /

Page 3 of 5
<< 1 2 3 4 5 >> Files 50 - 75 of 105
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: iephish.txt
Description:
Internet Explorer version 6.0.2800 (and possibly others) suffers from a certificate theft bug that can be used against victims for phishing scams.
Author:Emmanouel Kellinis
Homepage:http://www.cipher.org.uk
File Size:2962
Last Modified:May 4 04:36:52 2004
MD5 Checksum:d54552efc93210c23a9b6940f487cfb7

 ///  File Name: imperva.crystal.txt
Description:
Imperva's Application Defense Center has announced that several vulnerabilities exist in BusinessObject's Crystal Reports' Web Interface. These vulnerabilities allow a potential hacker to retrieve and delete any file from the file system of the server on which it runs, as well as causing a complete denial of service to the server.
Author:Ofer Maor
Homepage:http://www.imperva.com/adc/
File Size:1155
Last Modified:May 4 04:45:54 2004
MD5 Checksum:97e058b7658f8cab3f13b8fc0082baab

 ///  File Name: kolab.html
Description:
Kolab server version 1.x suffers from an information disclosure vulnerability where it stores the OpenLDAP root password in clear text in slapd.conf.
Author:Luca Villani
File Size:3378
Last Modified:May 7 23:13:27 2004
MD5 Checksum:e947dbd6444a6d2ca3139a7ca0eee667

 ///  File Name: lduXSS.txt
Description:
A cross site scripting vulnerability exist in the BBcodes of the LDU forum.
Author:crypt0
Homepage:http://www.cyber-war.org
File Size:1083
Last Modified:May 30 21:51:49 2004
MD5 Checksum:924907310ffd3709f6b835eadee11418

 ///  File Name: lha.txt
Description:
LHa versions 1.14d to 1.14i and 1.17 suffer from buffer overflows and directory traversal flaws.
Author:Ulf Harnhammar
File Size:6898
Related CVE(s):CAN-2004-0234, CAN-2004-0235
Last Modified:May 4 06:25:06 2004
MD5 Checksum:031b3444c6323f7d1b41f760f1265411

 ///  File Name: lhasilly.txt
Description:
LHA has some additional buffer overflows in the extract_one function.
Author:Lukasz Wojtow
File Size:613
Last Modified:May 18 05:34:15 2004
MD5 Checksum:0e27f4f6cbb53a85340d08b4f22c2e08

 ///  File Name: liferayxss.txt
Description:
Liferay Enterprise Portal is said to be subject to multiple cross site scripting flaws.
Author:Sandeep Giri
File Size:1130
Last Modified:May 24 08:17:49 2004
MD5 Checksum:b5be4c30a75c28ec3b6d61d0b67301ae

 ///  File Name: livecd91.txt
Description:
SuSE Security Announcement - A configuration error on the SuSE Live CD version 9.1 allows for a passwordless, remote root login to the system via ssh, if the computer has booted from the Live CD and if it is connected to a network.
Homepage:http://www.suse.com/
File Size:15223
Last Modified:May 9 20:09:45 2004
MD5 Checksum:dee5f18f339847c8fd8db99eb54d2f4d

 ///  File Name: MACOSX.SSHURI.txt
Description:
Mac OS X versions 10.3.3 and greater along with various browsers suffer from yet another URI silent code execution flaw using the SSH handler.
Author:kang
Homepage:http://www.insecure.ws/article.php?story=200405222251133
Related File:021829.html
File Size:2771
Last Modified:May 26 00:34:05 2004
MD5 Checksum:43c14820da5ad7432988ed2bc8ec7c7d

 ///  File Name: minishare132.txt
Description:
MiniShare HTTP server version 1.3.2 is susceptible to a denial of service attack due to mismanagement of requests. If a HEAD or GET request is sent with only one line following it, the server will crash.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1979
Last Modified:May 28 03:17:23 2004
MD5 Checksum:b9408a34ff51863488b63616ccf25e42

 ///  File Name: Mollensoft36.txt
Description:
Mollensoft Hyperion FTP Server version 3.6 is vulnerable to a buffer overflow attack via the CD command.
Author:Chintan Trivedi
Homepage:http://www.eos-india.net
File Size:2229
Last Modified:May 30 21:49:37 2004
MD5 Checksum:ed4a30926065c28a2f1212c3b73cff46

 ///  File Name: moodle13.txt
Description:
Moodle versions 1.3 and below suffer from a cross site scripting flaw.
Author:Bartek Nowotarski
Homepage:http://silence.0.pl
File Size:1815
Last Modified:May 4 04:41:13 2004
MD5 Checksum:43b17860cae91cf14465bd4e99d36a37

 ///  File Name: mplayerRTSP.html
Description:
Multiple vulnerabilities have been discovered and fixed in the Real-Time Streaming Protocol (RTSP). Versions of MPlayer below 1.0pre4 are affected.
Homepage:http://www.mplayerhq.hu/
File Size:4515
Last Modified:May 1 18:43:09 2004
MD5 Checksum:0e22669fb9c8e65d570d75ef7d965f1f

 ///  File Name: msaspCookie.txt
Description:
The Microsoft Active Server Pages (ASP) engine does not properly handle special cookie values when they are retrieved. Because of this, an unhandled error is returned to the client. This behavior can be used maliciously to gather sensitive information from web applications. All Microsoft Internet Information Server (IIS) web applications using Active Server Pages (ASP) are affected.
Author:Cesar Cerrudo
File Size:2837
Last Modified:May 7 23:19:51 2004
MD5 Checksum:75c0cc47922f883dd028dd0ea48ef8d9

 ///  File Name: msIPSec.txt
Description:
Write up noting how Microsoft's Windows IPSec implementation fails to properly authenticate an IPSec gateway and in return will accept client certificates as gateway certificates.
Author:Steffen Pfendtner
File Size:2367
Last Modified:May 9 20:30:58 2004
MD5 Checksum:491aea36a63f1eac59a430e9cdce7f0b

 ///  File Name: msxml3dll.txt
Description:
The msxml3.dll crashes when a page is refreshed that has an ampersand included inside of a link or value.
Author:Rafel Ivgi aka The-Insider
Homepage:http://theinsider.deep-ice.com/
File Size:565
Last Modified:May 12 08:27:15 2004
MD5 Checksum:cf8024a13ad78e9a62cd99bb80c7ab35

 ///  File Name: netchat73.txt
Description:
NetChat, an application intended to allow users on the same subnet to chat with one another, is susceptible to a stack-based buffer overflow. Versions 7.3 and below are affected. The overflow allows for arbitrary code execution under the user running the application.
Author:Marius Huse Jacobsen
File Size:1992
Last Modified:May 18 05:53:43 2004
MD5 Checksum:43ac9c127208900025e4d35d23a4c6d8

 ///  File Name: netgearURI.txt
Description:
Netgear RP114 devices, and possibly other related Netgear hardware, have a URI filtering bypass vulnerability when the URI being evaluated is larger than 220 bytes long.
Author:Marc Ruef
Homepage:http://www.computec.ch/mruef/advisories/
File Size:2249
Last Modified:May 25 23:46:10 2004
MD5 Checksum:ce323745796bf51d574d7ce28c0c46e4

 ///  File Name: outlook2k3.txt
Description:
Outlook 2003 has a flaw that will allow malicious spammers to verify whether or not a recipient has read an email.
Author:http-equiv
Homepage:http://www.malware.com/
File Size:1677
Last Modified:May 12 22:10:14 2004
MD5 Checksum:ec1578a8e7a78f2568956d0d1825a58f

 ///  File Name: outlooksilent.txt
Description:
Microsoft Outlook 2003 allows for a security zone bypass when an embedded OLE object with a reference to a Windows media file in a Rich Text Format (RTF) message is received.
Author:http-equiv
File Size:2373
Last Modified:May 19 01:53:33 2004
MD5 Checksum:418f4bf45bb6bfd608761d865ff267d5

 ///  File Name: outpost.txt
Description:
Outpost Pro Firewall has a flaw that allows malicious people to cause a Denial of Service. The issue has been reported in Agnitum Outpost Pro Firewall version 2.1. Prior versions may also be affected.
Author:Armin Pelkmann
File Size:1693
Last Modified:May 14 01:21:44 2004
MD5 Checksum:7dd17a71642694ba7857cd6cabec5c07

 ///  File Name: p4db.txt
Description:
P4DB versions 2.01 and below suffer from a lack of proper user input validation that allows for remote arbitrary command execution. Some cross site scripting flaws also exist.
Author:Jon McClintock
File Size:1722
Last Modified:May 7 23:02:11 2004
MD5 Checksum:ae4d1f584dcca17dc47571d4cceb2348

 ///  File Name: PaX26DoS.txt
Description:
A denial of service condition exists in the PaX kernel patch for the 2.6 series that will put the kernel in an infinite loop when ASLR is enabled.
Author:chris
Homepage:http://www.cr-secure.net
File Size:1913
Last Modified:May 4 04:48:44 2004
MD5 Checksum:eb21d32408eb877a5db16ba7dc01cedc

 ///  File Name: phpshop_29-04-04.txt
Description:
phpShop versions 0.7.1 and below have a flaw where it is possible for an attacker to execute arbitrary code as the server.
Author:Calum Power
File Size:2330
Last Modified:May 11 06:40:58 2004
MD5 Checksum:8133d93ec81c68a6dcb324f7ed7013a6

 ///  File Name: props061.txt
Description:
Props version 0.6.1 is susceptible to cross site scripting attack and allows an attacker the ability to see any file on the system due to flaws in glossary.php.
Author:Manuel Lopez
File Size:3939
Last Modified:May 4 04:43:57 2004
MD5 Checksum:dc448db60056a58bf9c72c8afd7328dc