Section:  .. / 0410-advisories  /

Page 8 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 175 - 200 of 254
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: oldMonolith.txt
Description:
Some old games developed by Monolith, such as Alien versus Predator 2 versions 1.0.9.6 and below, Blood 2 versions 2.1 and below, No one lives forever 1.004 and below, etc, all suffer from a classical buffer-overflow which happens when an attacker sends a secure Gamespy query followed by at least 68 chars.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:lithsec.zip"
File Size:2605
Last Modified:Oct 13 09:00:54 2004
MD5 Checksum:5b420b5726ce75a01fb81218e7d38570

 ///  File Name: cannonicalization.txt
Description:
Microsoft is currently investigating a reported vulnerability in Microsoft ASP.NET. An attacker can send specially crafted requests to the server and view secured content without providing the proper credentials. This reported vulnerability exists in ASP.NET and does not affect ASP.
File Size:1422
Last Modified:Oct 13 08:51:28 2004
MD5 Checksum:9a18dcdda0f1c08ba532d3ab35bc4c6f

 ///  File Name: flash520g.txt
Description:
Flash Messaging versions 5.2.0g and below suffer from a denial of service attack.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:flashmsg.zip"
File Size:2117
Last Modified:Oct 13 08:48:39 2004
MD5 Checksum:b1ae4a74fda8952a53be248438a9bc6d

 ///  File Name: 10.07.04.txt
Description:
iDEFENSE Security Advisory 10.07.04 - Remote exploitation of a denial of service (DoS) vulnerability in RealNetworks, Inc.'s Helix Server could allow an attacker to restart and potentially disable the server.
Homepage:http://www.idefense.com/
File Size:3493
Related CVE(s):CAN-2004-0774
Last Modified:Oct 13 08:46:28 2004
MD5 Checksum:8a58c9e128ee2f4026ca041f5322070c

 ///  File Name: glsa-200410-05.txt
Description:
Gentoo Linux Security Advisory GLSA 200410-05 - Cyrus-SASL contains two vulnerabilities that might allow an attacker to completely compromise the vulnerable system.
Homepage:http://security.gentoo.org/
File Size:2677
Related CVE(s):CAN-2004-0884
Last Modified:Oct 13 08:01:03 2004
MD5 Checksum:acf0142f3ed0d9b045ef069c5cc93104

 ///  File Name: IEaperture.txt
Description:
Georgi Guninski security advisory #71 - By opening html in IE it is possible to read at least well formed xml from arbitrary servers. The info then may be transmitted.
Author:Georgi Guninski
Homepage:http://www.guninski.com
File Size:1926
Last Modified:Oct 13 07:58:53 2004
MD5 Checksum:07a3e977e24d41f26534d346ec4cb3f7

 ///  File Name: MSwordExploitable.txt
Description:
Microsoft Word is susceptible to having an exception triggered due to a lack of sufficient data validation when winword.exe parses a document file. Two types of exceptions can be triggered, with the second being possibly exploitable.
Author:Hexview
Homepage:http://www.hexview.com/
File Size:3334
Last Modified:Oct 13 07:56:46 2004
MD5 Checksum:cbd11131090e3133d081b6ca58e80bcd

 ///  File Name: wordpress12split.txt
Description:
WordPress 1.2 is susceptible to HTTP Response splitting flaws.
Author:Chaotic Evil
File Size:1767
Last Modified:Oct 13 07:54:05 2004
MD5 Checksum:4bdddc7a077f00a5d3ffa96c634f94d3

 ///  File Name: gosecure-2004-10.txt
Description:
When a valid user tries to authenticate via the Neoteris Instant Virtual Extranet VPN solution and the password is expired, the user will be asked to change their password and be directly forwarded to the changepassword.cgi without asking for any form of authentication.
Author:Jian Hui Wang
Homepage:http://www.gosecure.ca
File Size:2982
Last Modified:Oct 13 07:49:08 2004
MD5 Checksum:250625c5ada7141a5e993ab9cfd77b3d

 ///  File Name: 10.06.04a.txt
Description:
iDEFENSE Security Advisory 10.06.04a - Remote exploitation of an input validation error in MySQL MaxDB could allow attackers to trigger a denial of service condition.
Homepage:http://www.idefense.com/
File Size:3389
Related CVE(s):CAN-2004-0931
Last Modified:Oct 13 07:40:14 2004
MD5 Checksum:90aa1795266744d2932d325d7ad513fa

 ///  File Name: cubecart201.txt
Description:
CubeCart 2.0.1 is susceptible to full path disclosure and SQL injection attacks.
Author:cybercide
File Size:1776
Last Modified:Oct 13 07:39:14 2004
MD5 Checksum:dcbf15b005fb06c0b879af267e238d9b

 ///  File Name: maxpatrolDCP.txt
Description:
Multiple vulnerabilities were found in DCP-Portal. A remote user can conduct cross-site scripting attacks and HTTP response splitting attacks.
Homepage:http://www.maxpatrol.com
File Size:2933
Last Modified:Oct 13 07:37:16 2004
MD5 Checksum:22f372064e7263b17e979264f59dc3d9

 ///  File Name: 57600.html
Description:
Sun Security Advisory - If a local unprivileged user executes the gzip(1) command and specifies the -force or -f command line option, files which are hard linked to the target file(s) will have their permissions changed. This could allow other local unprivileged users the ability to read or modify files owned by the invoking user, or system files if gzip(1) is issued by a local privileged user.
Homepage:http://sunsolve.sun.com/search/printfriendly.do?assetkey=1-26-57600-1
File Size:6534
Last Modified:Oct 13 07:35:57 2004
MD5 Checksum:eb866a50ffaee2a84f8a48095049a924

 ///  File Name: dsa-559.txt
Description:
Debian Security Advisory DSA 559-1 - Stefan Nordhausen has identified a local security hole in net-acct, a user-mode IP accounting daemon. Old and redundant code from some time way back in the past created a temporary file in an insecure fashion.
Homepage:http://www.debian.org/security/
File Size:4756
Related CVE(s):CAN-2004-0851
Last Modified:Oct 13 07:31:47 2004
MD5 Checksum:967fc681eff45d4be117c7d5f323cc64

 ///  File Name: sa12733.txt
Description:
Secunia Security Advisory - Multiple vulnerabilities have been reported in DB2 Universal Database, where some of the vulnerabilities can be exploited to compromise a vulnerable system.
Homepage:http://secunia.com/advisories/12733/
File Size:3625
Last Modified:Oct 13 07:30:39 2004
MD5 Checksum:b4459d2fa1c077f9bd063bdca2bc4adb

 ///  File Name: sa12736.txt
Description:
Secunia Security Advisory - Gary Smith has reported a vulnerability in CUPS, which can be exploited by malicious, local users to gain knowledge of sensitive information. The problem is that user credentials are stored in the error_log log file when printing to a shared printer via Samba.
Homepage:http://secunia.com/advisories/12736/
File Size:1599
Last Modified:Oct 13 06:33:44 2004
MD5 Checksum:9206586a652631128d497a2a565f4d93

 ///  File Name: dsa-558.txt
Description:
Debian Security Advisory DSA 558-1 - Julian Reschke reported a problem in mod_dav of Apache 2 in connection with a NULL pointer dereference. When running in a threaded model, especially with Apache 2, a segmentation fault can take out a whole process and hence create a denial of service for the whole server.
Homepage:http://www.debian.org/security/
File Size:5118
Last Modified:Oct 13 06:32:50 2004
MD5 Checksum:2a63811cc7e3645b8e94d34d4fc10c6b

 ///  File Name: sambaCAN20040815.txt
Description:
Correction to an earlier Samba advisory stating that versions 3.0.0 through 3.0.5 were susceptible to a remote file access bug when only versions 3.0.x through 3.0.2a were susceptible.
File Size:2452
Last Modified:Oct 13 06:00:50 2004
MD5 Checksum:8e460aaeb70d83a3627e6e5503b3fee4

 ///  File Name: maxpatrolXSS.txt
Description:
Invision Power Board version 2.0.0 is susceptible to cross site scripting attacks.
Homepage:http://www.maxpatrol.com
File Size:1239
Last Modified:Oct 13 05:54:38 2004
MD5 Checksum:9e10fdefbc05fb9c27cf7c3c946a8915

 ///  File Name: 10.05.04.b.txt
Description:
iDEFENSE Security Advisory 10.05.04b - Remote exploitation of design vulnerability in Symantec's Norton AntiVirus allows malicious code to evade detection.
Homepage:http://www.idefense.com/
File Size:4397
Related CVE(s):CAN-2004-0920
Last Modified:Oct 13 05:53:41 2004
MD5 Checksum:1f260679422f53de50c357b68d904925

 ///  File Name: 10.05.04a.txt
Description:
iDEFENSE Security Advisory 10.05.04a - Remote exploitation of an input validation error in ColdFusion MX 6.1 on IIS could allow the disclosure of file contents.
Homepage:http://www.idefense.com/
File Size:3440
Related CVE(s):CAN-2004-0928
Last Modified:Oct 13 05:52:37 2004
MD5 Checksum:7a62846242e6250cef1f988b06169976

 ///  File Name: sa12732.txt
Description:
Secunia Security Advisory - BliZZard has reported a vulnerability in AWS MySQLguest, which can be exploited by malicious people to conduct script insertion attacks.
Homepage:http://secunia.com/advisories/12732/
File Size:1738
Last Modified:Oct 13 05:50:49 2004
MD5 Checksum:3f5762dbf69e95e933c510f375e0d541

 ///  File Name: sa12703.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Trading Partner Interchange 4.x, which can be exploited by malicious people to access arbitrary files. The vulnerability is caused due to an input validation error within the included Jetty HTTP server and can be exploited to gain access to arbitrary files and directories on the system.
Homepage:http://secunia.com/advisories/12703/
File Size:1868
Last Modified:Oct 13 05:50:03 2004
MD5 Checksum:77fde4c771474f4f26660467a3cc694d

 ///  File Name: sa12719.txt
Description:
Secunia Security Advisory - Ziv Kamir has reported a vulnerability in NetworkActiv Web Server, which can be exploited by malicious people to cause a DoS (Denial of Service).
Homepage:http://secunia.com/advisories/12719/
File Size:1891
Last Modified:Oct 13 05:47:25 2004
MD5 Checksum:c049c56c10713eff4eb6ff8d51e8d4ff

 ///  File Name: sa12721.txt
Description:
Secunia Security Advisory - Some unspecified vulnerabilities with unknown impacts have been reported in Real Estate Management Software.
Homepage:http://secunia.com/advisories/12721/
File Size:1538
Last Modified:Oct 13 05:46:35 2004
MD5 Checksum:4db0a887e04ee02da98985b42e3b553a