Section:  .. / 0411-advisories  /

Page 5 of 7
<< 1 2 3 4 5 6 7 >> Files 100 - 125 of 167
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: glsa-200411-18.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-18 - Chintan Trivedi discovered a vulnerability in Apache httpd 2.0 that is caused by improper enforcing of the field length limit in the header-parsing code. Versions below 2.0.52 are affected.
Homepage:http://security.gentoo.org/
File Size:2702
Last Modified:Nov 12 05:14:27 2004
MD5 Checksum:89634012c0b1696c56a26a89d326a6bc

 ///  File Name: cisco-sa-20041110-dhcp.txt
Description:
Cisco Security Advisory - Cisco IOS devices running branches of Cisco IOS version 12.2S that have Dynamic Host Configuration Protocol (DHCP) server or relay agent enabled, even if not configured, are vulnerable to a denial of service where the input queue becomes blocked when receiving specifically crafted DHCP packets.
Homepage:http://www.cisco.com/warp/public/707/cisco-sa-20041110-dhcp.shtml
File Size:21623
Last Modified:Nov 12 05:10:47 2004
MD5 Checksum:851088c1fa365c741777092a5b696a34

 ///  File Name: hotfoon.txt
Description:
Hotfoon, an Internet telephony utility, is susceptible to automatically opening up malicious links.
Author:Saudi Linux
File Size:953
Last Modified:Nov 12 05:08:58 2004
MD5 Checksum:66f850f051ed2e983fd450aed2bd7bd2

 ///  File Name: LSS-2004-11-3.txt
Description:
LSS Security Advisory #LSS-2004-11-3 - There is a buffer overflow vulnerability in getnickuserhost() function that is called when BNC 2.8.9 is processing responses from an IRC server.
Author:Leon Juranic
Homepage:http://security.lss.hr
File Size:4686
Last Modified:Nov 12 05:02:10 2004
MD5 Checksum:c0e0e1ce2606be50b9101c898d297435

 ///  File Name: nortelVPN.txt
Description:
The Nortel Networks Contivity VPN Client authentication error message provides more information than is necessary, thus allowing an attacker to discover existing users on the system.
Author:Network Intelligence (I) Pvt. Ltd.
File Size:1684
Last Modified:Nov 12 04:43:05 2004
MD5 Checksum:acb958b66167874f86ad74927acf1ebe

 ///  File Name: squirrelXSS.txt
Description:
SquirrelMail versions 1.4.3a and below suffer from a cross site scripting issue in the decoding of encoded text in certain headers. It correctly decodes the specially crafted header, but does not sanitize the decoded strings.
Author:Joost Pol
Homepage:http://www.squirrelmail.org
File Size:1939
Last Modified:Nov 12 04:41:47 2004
MD5 Checksum:e2157d9b8a998aad296e8c1f503db370

 ///  File Name: 758884.html
Description:
NISCC Vulnerability Advisory 758884/NISCC/DNS - Several vulnerabilities have been discovered within the Domain Name System (DNS) protocol by two DNS experts.
Author:Roy Arends, Jakob Schlyter
Homepage:http://www.uniras.gov.uk/vuls/2004/758884/index.htm
File Size:49218
Last Modified:Nov 10 09:09:51 2004
MD5 Checksum:7e4a7ebf7b077bd4a370bd9fa9b3afee

 ///  File Name: 57665.html
Description:
Sun Security Advisory - A security vulnerability in iPlanet Messaging Server/Sun ONE Messaging web-based e-mail may allow a remote unprivileged user the ability to gain unauthorized access to a webmail user's e-mail using a specially crafted e-mail message.
Homepage:http://sunsolve.sun.com/search/document.do?assetkey=1-26-57665-1
File Size:6730
Last Modified:Nov 10 09:04:55 2004
MD5 Checksum:883bf941e604852669a17456baf950d3

 ///  File Name: MS04-039.html
Description:
Microsoft Security Advisory MS04-039 - A spoofing vulnerability exists that can enable an attacker to spoof trusted Internet content. Users could believe they are accessing trusted Internet content when in reality they are accessing malicious Internet content, for example a malicious Web site.
Author:Martijn de Vries, Thomas de Klerk
Homepage:http://www.microsoft.com/technet/security/bulletin/MS04-039.mspx
File Size:49336
Related CVE(s):CAN-2004-0892
Last Modified:Nov 10 09:02:46 2004
MD5 Checksum:dc8cf6d204d866ca58ef7281d7d85de7

 ///  File Name: glsa-200411-17.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-17 - mtink is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.
Homepage:http://security.gentoo.org/
File Size:2546
Last Modified:Nov 10 08:45:36 2004
MD5 Checksum:4bb9ae668d33192c1f4c7746b394b7d7

 ///  File Name: eEye.kerio.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a severe denial of service vulnerability in the Kerio Personal Firewall product for Windows. The vulnerability allows a remote attacker to reliably render a system inoperative with one single packet. Physical access is required in order to bring an affected system out of this "frozen" state. This specific flaw exists within the component that performs low level processing of TCP, UDP, and ICMP packets. Kerio Personal Firewall 4.1.1 and prior.
Author:Karl Lynn
Homepage:http://www.eeye.com
File Size:3775
Last Modified:Nov 10 08:44:05 2004
MD5 Checksum:a3c41e8aa0c8c8f7f668532ea2cd2038

 ///  File Name: glsa-200411-16.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-16 - zip contains a buffer overflow when creating a ZIP archive of files with very long path names. This could lead to the execution of arbitrary code.
Homepage:http://security.gentoo.org/
File Size:2549
Last Modified:Nov 10 08:42:11 2004
MD5 Checksum:79ff5c2d41d3a80fddcdd69334dd4d07

 ///  File Name: dsa-590.txt
Description:
Debian Security Advisory 590-1 - Khan Shirani discovered a format string vulnerability in gnats, the GNU problem report management system. This problem may be exploited to execute arbitrary code.
Homepage:http://www.debian.org/security/
File Size:6556
Related CVE(s):CAN-2004-0623
Last Modified:Nov 10 08:37:59 2004
MD5 Checksum:bfea0894710fa20d5afcddd8c36ebaff

 ///  File Name: sa13135.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in SQLgrey Postfix greylisting service, which can be exploited by malicious people to conduct SQL injection attacks.
Homepage:http://secunia.com/advisories/13135/
File Size:2060
Last Modified:Nov 10 08:35:33 2004
MD5 Checksum:9f6c9f8097901c09f79bec2c36439e3b

 ///  File Name: sa13137.txt
Description:
Secunia Security Advisory - Positive Technologies has reported some vulnerabilities in Infuseum ASP Message Board, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Homepage:http://secunia.com/advisories/13137/
File Size:2439
Last Modified:Nov 10 08:34:45 2004
MD5 Checksum:f7e2a463fa031151688e741ee7da1ed4

 ///  File Name: sa13130.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in Samhain, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to a boundary error in the database update code. This can be exploited to cause a buffer overflow when a malicious directory is checked with Samhain. The vulnerability has been reported in versions 1.8.9 through 2.0.1.
Homepage:http://secunia.com/advisories/13130/
File Size:2283
Last Modified:Nov 10 08:34:00 2004
MD5 Checksum:7f879296efa6e2a310304673c46b41fe

 ///  File Name: sa13136.txt
Description:
Secunia Security Advisory - Positive Technologies has reported some vulnerabilities in Nucleus, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.
Homepage:http://secunia.com/advisories/13136/
File Size:2379
Last Modified:Nov 10 08:32:18 2004
MD5 Checksum:3af3c485ca5a0d0ccf2cde53bde350cf

 ///  File Name: netgearDG384.txt
Description:
Netgear DG834 is susceptible to a denial of service attack and URL filtering bypass vulnerabilities.
Author:Dr_insane
File Size:3969
Last Modified:Nov 10 08:28:12 2004
MD5 Checksum:264d5ce592ac8e8cc5b6e0ed25c722d9

 ///  File Name: 11.08.04.txt
Description:
iDEFENSE Security Advisory 11.08.04 - Remote exploitation of an input validation error in Samba could allow an attacker to consume system resources and potentially cause the target system to crash.
Author:Karol Wiesek
Homepage:http://www.idefense.com
File Size:3531
Related CVE(s):CAN-2004-0930
Last Modified:Nov 10 08:11:56 2004
MD5 Checksum:eeb9deef0bf252b50f560d80d13a7dda

 ///  File Name: trusteXSS.txt
Description:
truste.org is susceptible to cross site scripting flaws.
Author:Andrew Smith
File Size:1312
Last Modified:Nov 10 08:09:34 2004
MD5 Checksum:7495ce240837fdb604e646db32ffab7c

 ///  File Name: sa13104.txt
Description:
Secunia Security Advisory - A vulnerability has been reported in JAF CMS, which can be exploited by malicious people to disclose sensitive information.
Homepage:http://secunia.com/advisories/13104/
File Size:2092
Last Modified:Nov 10 08:06:47 2004
MD5 Checksum:7d5b85212d50b3e130c1de3a00e485a1

 ///  File Name: sa13111.txt
Description:
Secunia Security Advisory - Two vulnerabilities have been reported in Mantis, which can be exploited by malicious users to gain knowledge of potentially sensitive information.
Homepage:http://secunia.com/advisories/13111/
File Size:2392
Last Modified:Nov 10 08:05:43 2004
MD5 Checksum:c9a2117b8e5b41023f61d07279ec52b8

 ///  File Name: jreDoS.txt
Description:
Java Runtime Environment versions 1.4.2, 1.5.0, and possible others are susceptible to a remote denial of service attack.
Author:Kurt Huwig
File Size:4531
Last Modified:Nov 10 07:59:51 2004
MD5 Checksum:e0f21f81fc36ffd7277ab48d1aa46595

 ///  File Name: glsa-200411-15.txt
Description:
Gentoo Linux Security Advisory GLSA 200411-15 - groffer, included in the Groff package, and the der_chop script, included in the OpenSSL package, are both vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.
Homepage:http://security.gentoo.org/
File Size:3862
Last Modified:Nov 10 07:54:52 2004
MD5 Checksum:e9876782c9278b91279b2263bc936706

 ///  File Name: dsa-586.txt
Description:
Debian Security Advisory 586-1 - The upstream developers of Ruby have corrected a problem in the CGI module for this language. Specially crafted requests could cause an infinite loop and thus cause the program to eat up cpu cycles.
Homepage:http://www.debian.org/security/
File Size:26180
Related CVE(s):CAN-2004-0983
Last Modified:Nov 10 07:52:29 2004
MD5 Checksum:14e31557d2b0c443051b91ee5fcc789a