Section:  .. / 0408-advisories  /

Page 5 of 6
<< 1 2 3 4 5 6 >> Files 100 - 125 of 147
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: sa12269.txt
Description:
Secunia Security Advisory - Multiple unspecified vulnerabilities have been reported in IceWarp 1.x through 5.x Web Mail, which can potentially be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, access sensitive information, and manipulate the file system.
Homepage:http://secunia.com/advisories/12269/
File Size:2794
Last Modified:Aug 12 09:22:11 2004
MD5 Checksum:7c144959b5c1ba033aa319ccb58a3f81

 ///  File Name: sa12261.txt
Description:
Secunia Security Advisory - Microsoft has released an update for Exchange Server 5.5 SP4. This fixes a vulnerability, allowing malicious people to conduct script insertion attacks. The vulnerability is caused due to an input validation error in a HTML redirection query. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected website when a malicious entry is viewed. This vulnerability affects Microsoft Exchange 5.5 with Service Pack 4.
Homepage:http://secunia.com/advisories/12261/
File Size:2054
Last Modified:Aug 11 02:49:46 2004
MD5 Checksum:07b9deeae3068944868026d1ae63a15b

 ///  File Name: c031120-003.txt
Description:
Corsaire Security Advisory - Sygate Enforcer releases prior to 3.5MR1 allow unauthenticated broadcast traffic to pass through.
Author:Martin O'Neal
Homepage:http://www.corsaire.com/
File Size:3345
Related CVE(s):CAN-2004-0593
Last Modified:Aug 11 02:47:30 2004
MD5 Checksum:6ce87f0c5416d4232f2bf06b34db8511

 ///  File Name: c031120-002.txt
Description:
Corsaire Security Advisory - Sygate Secure Enterprise versions prior to 3.5MR3 are susceptible to a replay attack that allows for resource exhaustion.
Author:Martin O'Neal
Homepage:http://www.corsaire.com/
File Size:3882
Related CVE(s):CAN-2004-0163
Last Modified:Aug 11 02:45:12 2004
MD5 Checksum:de6daa25dc2e5829b7afc4c72f3c43c3

 ///  File Name: c031120-001.txt
Description:
Corsaire Security Advisory - Sygate Enforcer 4.0 and prior releases are susceptible to a denial of service attack via malformed discovery packets.
Author:Martin O'Neal
Homepage:http://www.corsaire.com/
File Size:3940
Related CVE(s):CAN-2003-0931
Last Modified:Aug 11 02:42:43 2004
MD5 Checksum:de1fb9fa753cec65d523201d6f548a38

 ///  File Name: 57619.html
Description:
Sun Security Advisory - A vulnerability has been reported in Solaris, which can be exploited by malicious people to cause a denial of service. The vulnerability is caused due to an unspecified error within the processing of XDMCP requests. Successful exploitation crashes the X Display Manager (xdm).
Homepage:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57619
File Size:5853
Last Modified:Aug 11 02:37:04 2004
MD5 Checksum:80579d07a67e98c925a4d7a282266605

 ///  File Name: sa12254.txt
Description:
Secunia Security Advisory - Multiple vulnerabilities have been reported in Symantec Clientless VPN Gateway 4400 Series, where some have an unknown impact and others can be exploited to conduct cross-site scripting attacks or manipulate users' signon information.
Homepage:http://secunia.com/advisories/12254/
File Size:2223
Last Modified:Aug 11 02:30:13 2004
MD5 Checksum:4a9b8fb475f433345bee811648c1e855

 ///  File Name: GLSA200408-07.txt
Description:
Gentoo Linux Security Advisory - Horde-IMP fails to properly sanitize email messages that contain malicious HTML or script code so that it is not safe for users of Internet Explorer when using the inline MIME viewer for HTML messages. Versions below and equal to 3.2.4 are vulnerable.
Homepage:http://security.gentoo.org/
File Size:2885
Last Modified:Aug 11 01:48:07 2004
MD5 Checksum:1d43e3497ba76a2ae33efe3d52430e9f

 ///  File Name: SSRT4785.txt
Description:
HP Security Bulletin - A potential security vulnerability has been identified with HP Process Resource Manager on all OS versions running PRM C.02.01[.01] and prior. HP PRM is also used in Workload Manager, so this also affects WLM version A.02.01 and prior as well. This vulnerability could potentially be exploited to corrupt data on a system running PRM.
Homepage:http://www.hp.com/
File Size:8625
Last Modified:Aug 11 01:43:30 2004
MD5 Checksum:9d093bf7ed58f415323fbe7c227ae637

 ///  File Name: CORE-2004-0714.txt
Description:
Core Security Technologies Advisory ID: CORE-2004-0714 - Cfengine is susceptible to multiple vulnerabilities. Two were found in cfservd, a daemon which acts as both a file server and a remote cfagent executor. This daemon authenticates requests from the network and processes them. If exploited, the first vulnerability allows an attacker to execute arbitrary code with those privileges of root. The second vulnerability allows an attacker to crash the server, denying service to further requests. These vulnerabilities are present in versions 2.0.0 to 2.1.7p1 of cfservd.
Author:Juan Pablo Martinez Kuhn
Homepage:http://www.coresecurity.com/
File Size:20085
Last Modified:Aug 10 02:09:11 2004
MD5 Checksum:15ba95726d93045f7801f45b52ac7232

 ///  File Name: phpWeird.txt
Description:
Special requests using PHP on Apache go unlogged and cause a segfault. Tested systems: Windows / Apache 1.3.31 / PHP 5.0.0, Windows / Apache 1.3.27 / PHP 4.3.3, Linux / Apache 1.3.24 / PHP 4.2.
Author:Anthony Debhian
File Size:941
Last Modified:Aug 10 02:04:37 2004
MD5 Checksum:61b2fd5728f1287bef46a27d2f1ad3f1

 ///  File Name: typepadXSS.txt
Description:
Typepad weblogging service is susceptible to a cross site scripting flaw.
Author:Matt Oyer
Homepage:http://Spiffomatic64.com
File Size:1007
Last Modified:Aug 10 02:02:16 2004
MD5 Checksum:9f1f92faf4fb3c0e10f27f17bd961ac9

 ///  File Name: moodle13.2.txt
Description:
Moodle versions 1.3 and below suffer from multiple cross site scripting flaws.
Author:Javier Ubilla Brenni
File Size:2321
Last Modified:Aug 10 02:01:25 2004
MD5 Checksum:3c4960d6144091dcdfcab8a80aa9dd76

 ///  File Name: Aim.DoS.8_9.pdf
Description:
A buffer overflow vulnerability has been discovered in AOL Instant Messenger 5.x that can allow for arbitrary code execution.
Author:Ryan McGeehan, Kevin Benes
Homepage:http://TheBillyGoatCurse.com
File Size:16322
Last Modified:Aug 10 01:51:02 2004
MD5 Checksum:cc4acdf40c3a7425037d1540dc289281

 ///  File Name: yastControl.txt
Description:
By placing the preferences submenu in a K Menu, the SuSE YAST Control Center can be accessed with needing root authentication.
Author:Jordan Pilat
File Size:494
Last Modified:Aug 7 22:30:22 2004
MD5 Checksum:77583c4e279c33f08c2bbd06c105d870

 ///  File Name: infoOverflow.txt
Description:
The info utility version 4.7-2.1 has an overflow that is exploitable if for some odd reason the binary was set setuid, which it is not by default.
Author:Josh Martin
File Size:1990
Last Modified:Aug 7 22:27:52 2004
MD5 Checksum:c50817171e81d9c336d6465a02a1699e

 ///  File Name: gm008-op.txt
Description:
GreyMagic Security Advisory GM#008-OP - Opera versions 7.53 and below on Windows, Linux and Macintosh fail to block write-access to the often-used location object, allowing an attacker to gain immediate script access to any webpage.
Homepage:http://www.greymagic.com/security/advisories/gm008-op/
File Size:4091
Last Modified:Aug 7 22:26:42 2004
MD5 Checksum:6cc54f7d3c3f95e52dbbea817fd6f10f

 ///  File Name: 08.05.04.txt
Description:
iDEFENSE Security Advisory 08.05.04: Remote exploitation of a design error vulnerability in Thompson's SpeedTouch Home ADSL modem allows attackers to spoof TCP traffic on behalf of the device.
Homepage:http://www.idefense.com/application/poi/display?id=120
File Size:4479
Related CVE(s):CAN-2004-0641
Last Modified:Aug 6 20:58:41 2004
MD5 Checksum:a8b4d8e57a1d17dacac166231ba15b2b

 ///  File Name: CESA-2004-001.txt
Description:
libpng version 1.2.5 is susceptible to stack-based buffer overflows and various other code concerns.
Author:Chris Evans
Related File:TA04-217A.txt
File Size:8651
Related CVE(s):CAN-2004-0597, CAN-2004-0598, CAN-2004-0599
Last Modified:Aug 5 09:13:17 2004
MD5 Checksum:127f70ce6d41af038f6c102662444fe0

 ///  File Name: TA04-217A.txt
Description:
Technical Cyber Security Alert TA04-217A - All applications and systems that use the libpng library versions 1.2.5 and below are susceptible to several vulnerabilities, the most serious of which could allow a remote attacker to execute arbitrary code on an affected system.
Homepage:http://www.cert.org/
File Size:6502
Last Modified:Aug 5 09:04:08 2004
MD5 Checksum:281f0fd6e4bbc6bda55f4c0e54efea1e

 ///  File Name: webchat.txt
Description:
Free Web Chat suffers from both denial of service and resource allocation bugs.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:4195
Last Modified:Aug 5 09:00:53 2004
MD5 Checksum:324b4b3bdaaa4f1883beae438580b2b9

 ///  File Name: datakeyPassword.txt
Description:
Datakey's tokens and smartcards suffer from a clear text password exposure vulnerability. The communication channel between the token and the driver is not encrypted. A user's PIN can be retrieved using a proxy driver or hardware sniffer. Systems affected: Rainbow iKey2032 USB token and Datakey's up-to-date CIP client package.
Author:hexview
File Size:3505
Last Modified:Aug 5 08:17:06 2004
MD5 Checksum:eeb3ebb3e6ccc0a53b808eb6a13c65d2

 ///  File Name: adv03-y3dips-2004.txt
Description:
JetboxOne CMS version 2.0.8 keeps system passwords in an unencrypted state and also has a remote code execution flaw.
Author:y3dips
Homepage:http://y3dips.echo.or.id/
File Size:4750
Last Modified:Aug 5 08:12:20 2004
MD5 Checksum:752a4e9ece4d9839fe95cfbf85265b8a

 ///  File Name: eNdonesiaCMS.txt
Description:
eNdonesia CMS version 8.3 is susceptible to full path disclosure and cross site scripting flaws.
Author:y3dips
Homepage:http://y3dips.echo.or.id/
File Size:3371
Last Modified:Aug 5 08:09:59 2004
MD5 Checksum:86a9952194b133099f969eb10c0eb88e

 ///  File Name: webbsyte.txt
Description:
When over 40 connections are made to Webbsyte 0.9.0, the service crashes.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1534
Last Modified:Aug 5 08:08:21 2004
MD5 Checksum:9e0bb4f36d041ee36552eacb315d8b54