Section:  .. / 0401-advisories  /

Page 3 of 3
<< 1 2 3 >> Files 50 - 63 of 63
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: 01032004.html
Description:
PostNuke version 0.726, and possibly earlier releases, are open to SQL injection and cross site scripting attacks due to a lack of proper parameter sanitizing.
Author:JeiAr
Homepage:http://www.gulftech.org/01032004.php
File Size:19715
Last Modified:Jan 8 06:04:08 2004
MD5 Checksum:64c78e4b7d2d79dc435160a2f8242ed6

 ///  File Name: gtsTsXp4.0.103-adv.txt
Description:
GoodTech Telnet Server 4.x for Microsoft Windows NT/2000/XP is susceptible to a denial of service attack when attempting to handle an overly long input string.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:2258
Last Modified:Jan 8 05:44:36 2004
MD5 Checksum:fe0a9194327054b4039a6baac0b51526

 ///  File Name: phorum345.txt
Description:
Multiple cross site scripting and SQL injection vulnerabilities lie in Phorum versions 3.4.5 and below.
Author:Calum Power
File Size:6768
Last Modified:Jan 8 01:56:50 2004
MD5 Checksum:43a6d15e381300103edf8071bdcac0db

 ///  File Name: lotus602linux.txt
Description:
Lotus Notes version 6.0.2 on Linux installs with faulty permissions on its notes.ini file which would allow local attackers to compromise the system.
Author:l0om
Homepage:http://www.excluded.org
File Size:1821
Last Modified:Jan 8 01:43:45 2004
MD5 Checksum:ff479a3ada47d118cfedaa67912ff16d

 ///  File Name: zyxel.txt
Description:
ZyXEL10 OF ZyWALL Series Router is susceptible to a cross site scripting attack.
Author:Rafel Ivgi
Homepage:http://theinsider.deep-ice.com
File Size:1773
Last Modified:Jan 8 01:39:00 2004
MD5 Checksum:5c5ca227d8ddb70e868e2657d9a16ed3

 ///  File Name: edimax.txt
Description:
EDIMAX AR-6004 Full Rate ADSL Router is susceptible to a cross site scripting attack.
Author:Rafel Ivgi
Homepage:http://theinsider.deep-ice.com
File Size:2295
Last Modified:Jan 8 01:37:12 2004
MD5 Checksum:2626f1304cfc6b61c2db610b41e1b7e5

 ///  File Name: snapstream.txt
Description:
SnapStream PVS LITE is susceptible to a cross site scripting attack.
Author:Rafel Ivgi
Homepage:http://theinsider.deep-ice.com
File Size:1630
Last Modified:Jan 8 01:35:53 2004
MD5 Checksum:181c70c842590696e303e00c6e614d1d

 ///  File Name: realnetxss.txt
Description:
RealNetworks fails to address a Cross-Site Scripting vulnerability in RealOne Player.
Author:Arman Nayyeri
File Size:3899
Last Modified:Jan 8 01:30:13 2004
MD5 Checksum:5d2034db3aa68a7f7754c8edf0e18fed

 ///  File Name: AQ-2003-02.txt
Description:
AQTRONIX Security Advisory AQ-2003-02 - When an HTTP request with the verb TRACK under Microsoft IIS 5.0 is performed, the transaction is not logged. This can lead to the server being utilized for XST attacks along with other tactics for information gathering. Microsoft silently fixed this bug in IIS 6.0.
Author:Parcifal Aertssen
Homepage:http://www.aqtronix.com/Advisories/AQ-2003-02.txt
File Size:4502
Last Modified:Jan 6 01:51:56 2004
MD5 Checksum:270fe16944a7ca65fbca666e220244da

 ///  File Name: 10533.txt
Description:
Secunia Security Advisory SA10533 - A vulnerability has been reported in the Linux 2.4.x kernel series, which potentially can be exploited by malicious, local users to gain knowledge of sensitive information. The vulnerability is caused due to an unspecified error in /dev/rtc real time clock routines, which may disclose parts of kernel memory to unprivileged users.
Homepage:http://www.secunia.com/advisories/10533/
File Size:1750
Last Modified:Jan 5 21:57:05 2004
MD5 Checksum:888861e9dd2d987f5e1e6725b5db2997

 ///  File Name: webcamwatchdog.txt
Description:
Webcam Watchdog version 3.63 and below is vulnerable to a remotely exploitable stack based buffer overflow which can be triggered via an overly long HTTP GET request. Full detailed analysis of the vulnerability is given.
Author:Peter Winter-Smith
Homepage:http://www.elitehaven.net/webcamwatchdog.txt
Related Exploit:wcwdpoc.pl
File Size:5289
Last Modified:Jan 5 21:45:55 2004
MD5 Checksum:ab8534a516cb7f8c6cac460451b4de8a

 ///  File Name: switchoff.txt
Description:
Switch Off versions 2.3 and below suffer from a denial of service vulnerability and a stack-based buffer overflow in the message parameter of the application that may allow a remote attacker the ability to gain SYSTEM privileges.
Author:Peter Winter-Smith
Homepage:http://www.elitehaven.net/switchoff.txt
File Size:7284
Last Modified:Jan 5 21:38:43 2004
MD5 Checksum:b340ea10c36da09785dfc2bd04752ff9

 ///  File Name: isec-0013-mremap.txt
Description:
The mremap system call in the Linux kernel memory management code has a critical security vulnerability due to incorrect bounds checking. Proper exploitation of this vulnerability may lead to local privilege escalation including execution of arbitrary code with kernel level access.
Author:Paul Starzetz, Wojciech Purczynski
Homepage:http://isec.pl/vulnerabilities/isec-0013-mremap.txt
File Size:3727
Related CVE(s):CAN-2003-0985
Last Modified:Jan 5 20:55:40 2004
MD5 Checksum:caae1f46b6f3b8b0c136d4ef83ebbcd2