Section:  .. / 0412-advisories  /

Page 2 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 25 - 50 of 253
Currently sorted by: File NameSort By: Last Modified, File Size

 ///  File Name: 6503.txt
Description:
Opera for Linux has a flaw that allows remote users to execute arbitrary shell commands via the kfmclient default setting for file viewing.
Author:Giovanni Delvecchio
File Size:2385
Last Modified:Dec 30 07:31:06 2004
MD5 Checksum:3ad93256e25abd9367495accc0dacae8

 ///  File Name: 7a69-17.txt
Description:
7a69ezine Advisories #17 - Internet Explorer version 6.0.3790.0 suffers from an FTP download path disclosure flaw.
Author:Albert Puigsech Galicia
Related Exploit:ftpd-iexpl.c"
File Size:3095
Last Modified:Jan 2 21:24:19 2005
MD5 Checksum:c90e32830006de416786d6541fff9884

 ///  File Name: 7a69Adv15.txt
Description:
The Internet Explorer web browser fails to properly filter FTP requests to disallow for local command execution. Versions 6.0.2800.1106 and newer are affected.
Homepage:http://www.7a69ezine.org/
File Size:2654
Last Modified:Dec 12 19:26:39 2004
MD5 Checksum:a678ee5d4e67a04313f3bee38b26db2a

 ///  File Name: 7a69Adv16.txt
Description:
The Konqueror web browser fails to properly filter FTP requests to disallow for local command execution. Versions 3.3.1 and newer are affected.
Homepage:http://www.7a69ezine.org/
File Size:2675
Last Modified:Dec 12 18:46:39 2004
MD5 Checksum:9644f10b59f8a1120d89e73afe9a5d5a

 ///  File Name: abc2midi.txt
Description:
abc2midi suffers from two vulnerabilities that allow for system compromise.
Author:Limin Wang
Homepage:http://tigger.uic.edu/~jlongs2/holes/abc2midi.txt
File Size:2178
Last Modified:Dec 30 10:53:56 2004
MD5 Checksum:76e99f06e6a5ef24b8fe943881ff7086

 ///  File Name: abc2mtex.txt
Description:
abc2mtex version 1.6.1 has a boundary error condition in the process_abc() function that allows for arbitrary code execution.
Author:Limin Wang
Homepage:http://tigger.uic.edu/~jlongs2/holes/abc2mtex.txt
File Size:2039
Last Modified:Dec 30 10:42:26 2004
MD5 Checksum:e12f113d24d952fbfdf7bf71b1622856

 ///  File Name: abcm2ps.txt
Description:
A boundary error condition in the put_words() function of abcm2ps version 3.7.20 allows for arbitrary code execution.
Author:Limin Wang
Homepage:http://tigger.uic.edu/~jlongs2/holes/abcm2ps.txt
File Size:1831
Last Modified:Dec 30 10:39:18 2004
MD5 Checksum:54e0f622e9324e40942a6ebaf0eb7e71

 ///  File Name: abcpp.txt
Description:
A vulnerability in abcpp 1.3.0 allows for system compromise.
Author:Yosef Klein
Homepage:http://tigger.uic.edu/~jlongs2/holes/abcpp.txt
File Size:1896
Last Modified:Dec 30 10:59:33 2004
MD5 Checksum:f13c23ffd3c56cba99cf073fd03f13fb

 ///  File Name: abctab2ps.txt
Description:
Two vulnerabilities in abctab2ps allow for local compromise of a system. Version 1.6.3 is affected.
Author:Limin Wang
Homepage:http://tigger.uic.edu/~jlongs2/holes/abctab2ps.txt
File Size:2251
Last Modified:Dec 30 10:51:27 2004
MD5 Checksum:773d4df2ce8d86eee4c048d358ac3ce4

 ///  File Name: AD_LAB-04003.txt
Description:
Venustech AD-Lab Advisory AD_LAB-04003 - The Linux 2.6 kernel series POSIX Capability LSM module is problematic in that upon insertion, all the processes that currently exist from normal users will have root capabilities.
Author:LiangBin, icbm
File Size:7945
Last Modified:Dec 31 22:14:54 2004
MD5 Checksum:a39459332a777e6539bde153cab326e3

 ///  File Name: AD_LAB-04004.txt
Description:
Venustech AD-Lab Advisory AD_LAB-04004 - An exploitable integer buffer overflow exists in the LoadImage API of the USER32 Lib. This function loads an icon, a cursor or a bitmap and then try to proceed the image. If an attacker sends a specially crafter bmp, cur, ico or ani file within an HTML page or in an Email, it is then possible to run arbitrary code on the affected system. Vulnerable: Windows NT, Windows 2000 SP0, Windows 2000 SP1, Windows 2000 SP2, Windows 2000 SP3, Windows 2000 SP4, Windows XP SP0, Windows XP SP1, Windows 2003.
Author:Flashsky
File Size:3821
Last Modified:Dec 31 22:26:41 2004
MD5 Checksum:81e952563e525cfadf49575306ae2f33

 ///  File Name: AD_LAB-04005.txt
Description:
Venustech AD-Lab Advisory AD_LAB-04005 - Parsing a specially crafted ANI file causes the windows kernel to crash or stop to work properly. An attacker can crash or freeze a target system if he sends a specially crafted ANI file within an HTML page or within an Email. Vulnerable: Windows NT, Windows 2000 SP0, Windows 2000 SP1, Windows 2000 SP2, Windows 2000 SP3, Windows 2000 SP4, Windows XP SP0, Windows XP SP1, Windows 2003.
Author:Flashsky
File Size:2190
Last Modified:Dec 31 22:27:48 2004
MD5 Checksum:7c8b2895949b4c596fe65af09ac8e905

 ///  File Name: AD_LAB-04006.txt
Description:
Venustech AD-Lab Advisory AD_LAB-04006 - There is a vulnerability in Microsoft Windows .hlp file parsing program winhlp32.exe. The vulnerability is caused due to a decoding error within the windows .hlp header processing. This can be exploited to cause a heap-based buffer overflow. Vulnerable: Windows NT, Windows 2000 SP0, Windows 2000 SP1, Windows 2000 SP2, Windows 2000 SP3, Windows 2000 SP4, Windows XP SP0, Windows XP SP1, Windows 2003.
Author:Keji
File Size:4495
Last Modified:Dec 31 22:29:01 2004
MD5 Checksum:0ec28ea44a85a8bfd45ab479be994cf5

 ///  File Name: advanced231.txt
Description:
A cross site scripting bug is in Advanced Guestbook 2.3.1.
Author:Emile van Elen
File Size:145
Last Modified:Dec 12 01:19:51 2004
MD5 Checksum:ee162bdf6c9f0fa870004dc843dfec3f

 ///  File Name: advisory-20041213-1.txt
Description:
KDE Security Advisory: The Konqueror web browser allows websites to load web pages into a window or tab currently used by another website. This vulnerability is similar to the Konqueror Frame Injection Vulnerability reported on 2004-08-11 but the solution offered as part of that advisory did not cover the window case. All versions of KDE up to KDE 3.3.2 inclusive.
Homepage:http://www.kde.org/info/security/advisory-20041213-1.txt
File Size:2564
Related CVE(s):CAN-2004-1158
Last Modified:Dec 30 07:36:11 2004
MD5 Checksum:aedf90d9742b949b828604cd0432a405

 ///  File Name: advisory-20041220-1.txt
Description:
KDE Security Advisory: Two flaws in the Konqueror webbrowser make it possible to by pass the sandbox environment which is used to run Java-applets. One flaw allows access to restricted Java classes via JavaScript, making it possible to escalate the privileges of the Java-applet. The other problem is that Konqueror fails to correctly restrict access to certain Java classes from the Java-applet itself. All versions of KDE up to KDE 3.3.1 inclusive. KDE 3.3.2 is not affected.
Homepage:http://www.kde.org/info/security/advisory-20041220-1.txt
File Size:1948
Related CVE(s):CAN-2004-1145
Last Modified:Dec 30 22:57:23 2004
MD5 Checksum:06097183c8b1a9e1d053061955ca4e44

 ///  File Name: advisory-20041223-1.txt
Description:
KDE Security Advisory: kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a buffer overflow that can be triggered by a specially crafted PDF file.
Homepage:http://www.kde.org/info/security/advisory-20041223-1.txt
File Size:1789
Related CVE(s):CAN-2004-1125
Last Modified:Dec 31 22:05:55 2004
MD5 Checksum:4cc8f052407c343665cb29f837bd73a6

 ///  File Name: ADVISORY-email.txt
Description:
Several large Indian portals such as Rediffmail and the Indiatimes are susceptible to scripting attacks, putting millions at risk.
Author:S.G.Masood
File Size:4394
Last Modified:Dec 31 21:53:18 2004
MD5 Checksum:08b70d9afa864fe490df4057182d6e64

 ///  File Name: argosoft_advisory.txt
Description:
Versions prior to 1.4.2.1 of the ArGoSoft FTP server will disclose whether or not a supplied username is valid or not. A login name supplied with the USER command will not be accepted unless it is valid.
Author:Steven
Homepage:http://www.lovebug.org/argosoft_advisory.txt
File Size:2626
Last Modified:Jan 2 21:38:12 2005
MD5 Checksum:de8f3d772594d1e69c4b985eedc6f2b2

 ///  File Name: asanteFM2008.txt
Description:
The Asante FM2008 switch appears to have hardcoded credentials.
File Size:3202
Last Modified:Dec 30 09:04:12 2004
MD5 Checksum:8fbac90f7e72f41831dbf8e201f78681

 ///  File Name: asp2php.txt
Description:
Two vulnerabilities in asp2php version 0.76.23 allow for system compromise.
Author:Qiao Zhang
Homepage:http://tigger.uic.edu/~jlongs2/holes/asp2php.txt
File Size:2095
Last Modified:Dec 30 10:52:49 2004
MD5 Checksum:afd094baa3735c21b59625bbc6e4bfef

 ///  File Name: aspcal.txt
Description:
The ASP Calendar software allows for direct administrative panel access without any authorization.
Author:AcTiOnSpIdEr
File Size:749
Last Modified:Dec 30 08:26:36 2004
MD5 Checksum:ba3d0ddb254555fdac92b7a682819d36

 ///  File Name: bfcboom.txt
Description:
Battlefield 1942 versions 1.6.19 and below and Battlefield Vietnam versions 1.2 and below suffer from a client side denial of service flaw.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:bfcboom.zip"
File Size:2340
Last Modified:Dec 12 19:37:42 2004
MD5 Checksum:fc6cf68bf186e250f3865960c23fefb4

 ///  File Name: browserFind.txt
Description:
Mozilla, Firefox, and Opera appear to allow access to the content from one frame from another, allowing for disclosure of the local directory structure. Tested versions include Firefox 1.0, Mozilla 1.7, and Opera 7.51 through 7.54.
Author:Giovanni Delvecchio
File Size:5510
Last Modified:Dec 12 18:59:40 2004
MD5 Checksum:d9c7073b18d4d47731fabb9ae36fa28f

 ///  File Name: bsb2ppm.txt
Description:
A buffer overflow vulnerability in libbsb version 0.0.6 allows for system compromise.
Author:James Longstreet, Tom Indelli
Homepage:http://tigger.uic.edu/~jlongs2/holes/bsb2ppm.txt
File Size:2106
Last Modified:Dec 30 11:01:01 2004
MD5 Checksum:428561c54110ead22c8fd9f495687c65