Section:  .. / 0401-advisories  /

Page 2 of 3
<< 1 2 3 >> Files 25 - 50 of 63
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: windows.ftp.server.txt
Description:
The Windows FTP Server is a small free third party ftp server which contains a format string vulnerability in v1.6.1 and below.
Author:Peter Winter-Smith
Homepage:http://www.elitehaven.net
File Size:4169
Last Modified:Jan 9 09:36:35 2004
MD5 Checksum:279f460bb70cb08f92a777935f164bc4

 ///  File Name: yahooIM.txt
Description:
Yahoo Instant Messenger versions 5.6.0.1351 and below are susceptible to a buffer overflow when an attacker sends a specially crafted long filename to a user and that user attempts to download the file.
Author:Tri Huynh from SentryUnion
File Size:3910
Last Modified:Jan 8 19:31:04 2004
MD5 Checksum:4d70a9c8b0985d1d304a04938f269f4e

 ///  File Name: realnetxss.txt
Description:
RealNetworks fails to address a Cross-Site Scripting vulnerability in RealOne Player.
Author:Arman Nayyeri
File Size:3899
Last Modified:Jan 8 01:30:13 2004
MD5 Checksum:5d2034db3aa68a7f7754c8edf0e18fed

 ///  File Name: isec-0013-mremap.txt
Description:
The mremap system call in the Linux kernel memory management code has a critical security vulnerability due to incorrect bounds checking. Proper exploitation of this vulnerability may lead to local privilege escalation including execution of arbitrary code with kernel level access.
Author:Paul Starzetz, Wojciech Purczynski
Homepage:http://isec.pl/vulnerabilities/isec-0013-mremap.txt
File Size:3727
Related CVE(s):CAN-2003-0985
Last Modified:Jan 5 20:55:40 2004
MD5 Checksum:caae1f46b6f3b8b0c136d4ef83ebbcd2

 ///  File Name: fishcart.txt
Description:
FishCart versions 3.0 and below suffer from an integer overflow when using PHP2 and receiving an order of a billion or more. Patch available here.
Author:Luke Campbell
File Size:3620
Last Modified:Jan 14 18:06:00 2004
MD5 Checksum:bbb24d8a1273781656d5580e6aa5770f

 ///  File Name: nfshp2cbof-adv.txt
Description:
Need for Speed Hot Pursuit 2 has a vulnerable client that is susceptible to a buffer overflow attack by a hostile server. The buffer overflow occurs when too long of a string is sent back to the client during an information query. Electronic Arts has not bothered to even return e-mails regarding this problem.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
File Size:3482
Last Modified:Jan 23 01:45:00 2004
MD5 Checksum:b230abcd649ea7baef8f4888deaeae85

 ///  File Name: mephistoles.txt
Description:
The Mephistoles Internet Suite version 0.6.0final is susceptible to a cross site scripting attack.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:3238
Last Modified:Feb 10 06:29:14 2004
MD5 Checksum:4f6399a53e2ceb4e2b4da8288b6c443d

 ///  File Name: vBulletinBBS.txt
Description:
vBulletin Bulletin Board derivatives contain a security bug that may lead to disclosure of private information via cross site scripting attacks. This vulnerability may also enable an attacker to transmit sensitive information such as encrypted passwords, user identification numbers, or forum passwords to another server.
Author:Darkwell
Homepage:http://www.gcf.de
File Size:3224
Last Modified:Jan 21 02:42:00 2004
MD5 Checksum:3f197c1d220e6abf13c6b6c7f362b095

 ///  File Name: a012704-1.txt
Description:
Atstake Security Advisory A012704-1 - The version of TruBlueEnvironment that is shipped with Mac OS X 10.3.x and 10.2.x takes the value of an environment variable and copies it into a buffer without performing any bounds checking. Since this buffer is stored on the stack, it is possible to overwrite the return stack frame and execute arbitrary code as root.
Author:Dave G.
Homepage:http://www.atstake.com/research/advisories/2004/a012704-1.txt
File Size:2802
Last Modified:Jan 29 05:01:00 2004
MD5 Checksum:ef3249d227b311b24f7d6ae925005c3a

 ///  File Name: CAN-2004-0004.txt
Description:
OpenCA Security Advisory - All versions of OpenCA including 0.9.1.6 are susceptible to a signature validation flaw that will allow a signature from a certificate if the certificate's chain is trusted by the chain directory of OpenCA.
Author:Michael Bell, Alexandru Matei
Homepage:http://www.openca.org/news/CAN-2004-0004.txt
File Size:2722
Related CVE(s):CAN-2004-0004
Last Modified:Jan 17 01:04:00 2004
MD5 Checksum:b208fceedb4f2dd87f9354f0379b018c

 ///  File Name: inn240.txt
Description:
A buffer overflow has been discovered in a portion of the control message handling code introduced in INN 2.4.0. It is likely that this overflow could be remotely exploited to gain access to the user innd runs as. INN versions 2.3.x and below are not affected.
Author:Russ Allbery, Katsuhiro Kondou
File Size:2579
Last Modified:Jan 8 19:26:58 2004
MD5 Checksum:7bac448a8e55a3bbb570c6ddd4b0d831

 ///  File Name: pablo-ftp.txt
Description:
Pablo FTP server version 1.77 allows for information disclosure by detecting whether or not a file exists outside of the FTP root directory, allow a remote attack to peruse the system at will.
Author:scrap
Homepage:http://www.securiteinfo.co
File Size:2544
Last Modified:Jan 19 06:19:00 2004
MD5 Checksum:f29de99e9408ded01ce5fc1b6d811ec3

 ///  File Name: Adv-20040123.txt
Description:
S-Quadra Advisory #2004-01-23 - QuadComm Q-Shop ASP Shopping Cart Software has multiple SQL injection and cross site scripting vulnerabilities.
Author:Nick Gudov
File Size:2321
Last Modified:Jan 24 02:00:00 2004
MD5 Checksum:913076b7cf76eea8ed71345d5313ad2c

 ///  File Name: edimax.txt
Description:
EDIMAX AR-6004 Full Rate ADSL Router is susceptible to a cross site scripting attack.
Author:Rafel Ivgi
Homepage:http://theinsider.deep-ice.com
File Size:2295
Last Modified:Jan 8 01:37:12 2004
MD5 Checksum:2626f1304cfc6b61c2db610b41e1b7e5

 ///  File Name: gtsTsXp4.0.103-adv.txt
Description:
GoodTech Telnet Server 4.x for Microsoft Windows NT/2000/XP is susceptible to a denial of service attack when attempting to handle an overly long input string.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:2258
Last Modified:Jan 8 05:44:36 2004
MD5 Checksum:fe0a9194327054b4039a6baac0b51526

 ///  File Name: open3sIDSontape.txt
Description:
A stack-based buffer overflow exists in the ONCONFIG environment variable read process when it is bigger than 495 bytes and read in by the IBM Informix IDSv9.40 ontape binary.
Author:Juan Manuel Pascual Escriba
Homepage:http://www.open3s.com
File Size:2249
Last Modified:Jan 28 19:55:00 2004
MD5 Checksum:17aba62d43551a5f45a47720c8ff8fa7

 ///  File Name: 001.txt.asc
Description:
Ultramagnetic, a utility based off of a fork of the GAIM IM software, is susceptible to the vulnerabilities found in GAIM versions 0.75 and below.
Homepage:http://ultramagnetic.sourceforge.net/advisories/001.html
Related File:012004.gaim.txt
File Size:2183
Related CVE(s):CAN-2004-0005, CAN-2004-0006, CAN-2004-0007, CAN-2004-0008
Last Modified:Jan 29 20:03:00 2004
MD5 Checksum:40979778b61b51ef629d5a557c36b1dd

 ///  File Name: WebcamXP.txt
Description:
WebcamXP versions 1.06.945 is susceptible to a XSS attack.
Author:Rafel Ivgi aka The-Insider
Homepage:http://theinsider.deep-ice.com
File Size:2036
Last Modified:Jan 21 08:44:00 2004
MD5 Checksum:d6b3ff49bac4d12f3e6b465bd776087c

 ///  File Name: KpyM_advisory.txt
Description:
KpyM telnet server versions 1.05 and below for Microsoft Windows NT/2000/XP fail to properly clean up when disconnecting users, allowing for a remote attacker to commit a denial of service attack.
Author:NoRpiUs
Homepage:http://norpius.altervista.org
File Size:1995
Last Modified:Jan 8 19:45:48 2004
MD5 Checksum:db7d4233952586e4397371701d0b607f

 ///  File Name: advisory-20040114-1.txt
Description:
KDE Security Advisory: All versions of kdepim, as distributed with KDE versions 3.1.0 through 3.1.4 inclusive, have a buffer overflow in the file information reader of VCF files.
Homepage:http://www.kde.org/
File Size:1929
Related CVE(s):CAN-2003-0988
Last Modified:Jan 14 23:55:00 2004
MD5 Checksum:f8f052ad423add962cde590bb3d901d7

 ///  File Name: getware.txt
Description:
WebCam Live and Photohost are 2 shareware programs used to share webcam streams and photo albums through the web. WebCam Live versions 2.01 and below and Photohost versions 4.0 and below are all susceptible to a denial of service attack when the Content-Length parameter is set to a negative number during a transaction.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org/
File Size:1918
Last Modified:Jan 20 03:52:00 2004
MD5 Checksum:710c784e10753b7d4d1e61b2e59448fb

 ///  File Name: honeyd-2004-001.txt
Description:
Honeyd is vulnerable to remote detection via a simple probe packet. All versions up to 0.8 are susceptible.
Author:Niels Provos
Homepage:http://www.honeyd.org/
File Size:1908
Last Modified:Jan 21 12:50:00 2004
MD5 Checksum:37aad30362c5442ca781f43d25058799

 ///  File Name: sa10561.txt
Description:
Secunia Security Advisory SA10561 - FSP Suite 2.x has two vulnerabilities. One allows malicious attackers to gain system access and view files outside of the web root. Another is an unspecified boundary error that can be exploited to cause a buffer overflow with the possibility of arbitrary code execution.
Homepage:http://www.secunia.com/advisories/10561/
File Size:1904
Last Modified:Jan 8 06:22:29 2004
MD5 Checksum:fab71eb8e2bce70767ef721a1a960f67

 ///  File Name: lotus602linux.txt
Description:
Lotus Notes version 6.0.2 on Linux installs with faulty permissions on its notes.ini file which would allow local attackers to compromise the system.
Author:l0om
Homepage:http://www.excluded.org
File Size:1821
Last Modified:Jan 8 01:43:45 2004
MD5 Checksum:ff479a3ada47d118cfedaa67912ff16d

 ///  File Name: zyxel.txt
Description:
ZyXEL10 OF ZyWALL Series Router is susceptible to a cross site scripting attack.
Author:Rafel Ivgi
Homepage:http://theinsider.deep-ice.com
File Size:1773
Last Modified:Jan 8 01:39:00 2004
MD5 Checksum:5c5ca227d8ddb70e868e2657d9a16ed3