Section:  .. / 0412-advisories  /

Page 3 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 50 - 75 of 253
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: 12.16.04-2.txt
Description:
iDEFENSE Security Advisory 12.16.2004-2 - Remote exploitation of a heap overflow vulnerability in Unix MPlayer could allow attackers to gain access to the computer. The vulnerability specifically exists due to a lack of bounds checking within the demux_open_bmp() routine defined in /libmpdemux/demux_bmp.c. If a specially crafted file specifies a large value for the biClrUsed field, an overflow is triggered in stream_read().
Homepage:http://www.idefense.com/
File Size:3890
Last Modified:Dec 30 10:03:28 2004
MD5 Checksum:0d2fc3ba8fe14f5e6379a670da388d15

 ///  File Name: la-gamespy.txt
Description:
Gamespy cd-key validation SDK toolkit suffers from an in-game buffer overflow vulnerability.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:goregsbof.zip"
File Size:3880
Last Modified:Dec 12 21:01:28 2004
MD5 Checksum:c59c53f29209a6bfb0b3ed5454cc022c

 ///  File Name: lithsock.txt
Description:
The Lithtech game engine is susceptible to a denial of service attack via a logic error when handling UDP packet with zero bytes.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:lithsock.zip"
File Size:3864
Last Modified:Dec 30 07:40:59 2004
MD5 Checksum:cbdc63c6abfeb71d4c773a5282838130

 ///  File Name: 12.20.04.txt
Description:
iDEFENSE Security Advisory 12.20.2004 - Local exploitation of an untrusted path vulnerability in the chcod command included by default in multiple versions of IBM Corp. AIX could allow for arbitrary code execution as the root user. Verified in version 5.2.
Homepage:http://www.idefense.com/
File Size:3830
Related CVE(s):CAN-2004-1028
Last Modified:Dec 31 10:31:06 2004
MD5 Checksum:fd13ffaaffddef8241c722f8dee67e2e

 ///  File Name: AD_LAB-04004.txt
Description:
Venustech AD-Lab Advisory AD_LAB-04004 - An exploitable integer buffer overflow exists in the LoadImage API of the USER32 Lib. This function loads an icon, a cursor or a bitmap and then try to proceed the image. If an attacker sends a specially crafter bmp, cur, ico or ani file within an HTML page or in an Email, it is then possible to run arbitrary code on the affected system. Vulnerable: Windows NT, Windows 2000 SP0, Windows 2000 SP1, Windows 2000 SP2, Windows 2000 SP3, Windows 2000 SP4, Windows XP SP0, Windows XP SP1, Windows 2003.
Author:Flashsky
File Size:3821
Last Modified:Dec 31 22:26:41 2004
MD5 Checksum:81e952563e525cfadf49575306ae2f33

 ///  File Name: 12.16.04-4.txt
Description:
iDEFENSE Security Advisory 12.16.2004-4 - Remote exploitation of a heap overflow vulnerability in Unix MPlayer could allow attackers to gain access to the computer. The vulnerability specifically exists due to a lack of bounds checking within the demux_open_bmp() routine defined in /libmpdemux/demux_bmp.c. If a specially crafted file specifies a large value for the biClrUsed field, an overflow is triggered in stream_read().
Homepage:http://www.idefense.com/
File Size:3799
Last Modified:Dec 30 10:04:16 2004
MD5 Checksum:7c969c0d4f32b1e66552c76570fa7bf7

 ///  File Name: rsshscponly.txt
Description:
Although rssh and scponly were designed to limit the use of a shell on a remote host, various underlying programs that they are allowed to use may allow for arbitrary command execution.
Author:Jason Wies
File Size:3797
Last Modified:Dec 12 01:15:24 2004
MD5 Checksum:dfe3c0a0d1fbc50c60dbf4f553b0e2fd

 ///  File Name: secres21122004.txt
Description:
Secunia Research has discovered a vulnerability in My Firewall Plus, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the Smc.exe process invoking the help functionality with SYSTEM privileges. This can be exploited to execute arbitrary programs on a system with escalated privileges.
Author:Carsten Eiram
Homepage:http://secunia.com/
File Size:3796
Last Modified:Dec 31 19:37:38 2004
MD5 Checksum:3dbe302ef53a7e08ca67adf7a69f91c5

 ///  File Name: 12.20.04-1.txt
Description:
iDEFENSE Security Advisory 12.20.2004-1 - Local exploitation of an untrusted path vulnerability in the invscout command included by default in multiple versions of IBM Corp.'s AIX could allow attackers to execute arbitrary code as the root user. Verified in version 5.2.
Homepage:http://www.idefense.com/
File Size:3759
Related CVE(s):CAN-2004-1054
Last Modified:Dec 31 10:32:49 2004
MD5 Checksum:30b7ea08a921a2a39681b89166ce578a

 ///  File Name: 12.21.04-1.txt
Description:
iDEFENSE Security Advisory 12.21.2004-1 - Remote exploitation of a buffer overflow in version 0.99.2 of xine could allow execution of arbitrary code. The vulnerability specifically exists in the RMF_TAG, DATA_TAG, PROP_TAG, MDPR_TAG and CONT_TAG handling code of the pnm_get_chunk() function. These tags are all handled by the same code. The code does not perform correct checking on the chunk size before reading data in. If the size given is less than the PREAMBLE_SIZE, a negative length read is made into a fixed length buffer. Because the read length parameter is an unsigned value, the negative length is interpreted as a very large length, allowing a buffer overflow to occur.
Homepage:http://www.idefense.com/
File Size:3672
Related CVE(s):CAN-2004-1188
Last Modified:Dec 31 20:11:06 2004
MD5 Checksum:20e2b1b5805349c861f2cd9d8056eca5

 ///  File Name: 12.13.04-2.txt
Description:
iDEFENSE Security Advisory 12.13.2004-2 - Remote exploitation of a format string vulnerability in version 6.0.2 of Adobe's Reader could allow attackers to execute arbitrary code.
Author:Greg MacManus
Homepage:http://www.idefense.com/
File Size:3668
Related CVE(s):CAN-2004-1153
Last Modified:Dec 30 08:41:55 2004
MD5 Checksum:28b6adbc87245d6c8f9bd22394e1fca9

 ///  File Name: gameport.txt
Description:
GamePort versions 3.0, 3.1, and 4.0 suffer from multiple vulnerabilities including reversal of the admin password.
Author:AmoXi and Dr. VaXin
File Size:3617
Last Modified:Dec 30 10:31:11 2004
MD5 Checksum:b7560aef6bf4b2b4549bdb18a6a44329

 ///  File Name: TA04-356A.txt
Description:
Technical Cyber Security Alert TA04-356A - The software phpBB contains an input validation problem in how it processes a parameter contained in URLs. An intruder can deface a phpBB website, execute arbitrary commands, or gain administrative privileges on a compromised bulletin board. Systems Affected: phpBB versions 2.0.10 and prior.
Homepage:http://www.us-cert.gov/cas/techalerts/TA04-356A.html
File Size:3607
Last Modified:Dec 31 20:18:28 2004
MD5 Checksum:fac18e58404274a340e48e35f2d2d867

 ///  File Name: 12.13.04.txt
Description:
iDEFENSE Security Advisory 12.13.2004 - Remote exploitation of an integer overflow vulnerability in various vendors' implementations of the read_prf_file method in the xzgv program could allow for arbitrary code execution.
Author:Infamous41md
Homepage:http://www.idefense.com/
File Size:3427
Related CVE(s):CAN-2004-0994
Last Modified:Dec 30 07:38:31 2004
MD5 Checksum:9094914ae014dcd01d35b12600763815

 ///  File Name: glsa-200412-17.txt
Description:
Gentoo Linux Security Advisory GLSA 200412-17 - kfax contains several buffer overflows potentially leading to execution of arbitrary code.
Homepage:http://security.gentoo.org/
File Size:3401
Last Modified:Dec 30 11:19:38 2004
MD5 Checksum:1357c3db8a9338a2b1dd11b088f41a12

 ///  File Name: MDKSA-2004-148.txt
Description:
Mandrakelinux Security Update Advisory - Herbert Xu discovered that iproute can accept spoofed messages sent via the kernel netlink interface by other users on the local machine. This could lead to a local Denial of Service attack.
Homepage:http://www.mandrakesoft.com/security/advisories/
File Size:3381
Last Modified:Dec 30 07:59:44 2004
MD5 Checksum:23c59b4cdc33e5534a6dba437ed924ff

 ///  File Name: glsa-200412-10.txt
Description:
Gentoo Linux Security Advisory GLSA 200412-10 - Several vulnerabilities related to the use of options in modelines have been found and fixed in Vim. They could potentially result in a local user escalating privileges.
Homepage:http://security.gentoo.org/
File Size:3362
Last Modified:Dec 30 09:12:28 2004
MD5 Checksum:c302c065ce3ced1c4c71f15c8aa2ff5e

 ///  File Name: db223122004L.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR2122004L - IBM's DB2 database server contains a procedure, generate_distfile. This procedure suffers from a stack based buffer overflow vulnerability. Systems Affected: DB2 8.1/7.x.
Author:David Litchfield
Homepage:http://www.ngssoftware.com/advisories/db223122004L.txt
File Size:3361
Last Modified:Dec 31 22:54:01 2004
MD5 Checksum:cdd3d73cfa50d9f5fe7a95749dd99e9d

 ///  File Name: 12.16.04-3.txt
Description:
iDEFENSE Security Advisory 12.16.2004-3 - Remote exploitation of a stack overflow vulnerability in MPlayer could allow remote users to gain access to the computer. The vulnerability specifically exists due to a lack of bounds checking in /libmpdemux/asf_mmst_straming.c. If a specially crafted file specifies a large value for the length field, the overflow is triggered in get_data().
Homepage:http://www.idefense.com/
File Size:3351
Last Modified:Dec 30 10:01:37 2004
MD5 Checksum:7d592e631fccdfd26500f0fd932e90f8

 ///  File Name: 12.21.04-5.txt
Description:
iDEFENSE Security Advisory 12.21.2004-5 - Remote exploitation of an integer overflow in libtiff may allow for the execution of arbitrary code. The overflow occurs in the parsing of TIFF files set with the STRIPOFFSETS flag in libtiff/tif_dirread.c.
Author:infamous41md
Homepage:http://www.idefense.com/
File Size:3348
Last Modified:Dec 31 20:16:44 2004
MD5 Checksum:356281e4e24566b78fde74e0612ea773

 ///  File Name: 12.21.04-2.txt
Description:
iDEFENSE Security Advisory 12.21.2004-2 - Remote exploitation of a buffer overflow in version 0.99.2 of xine could allow execution of arbitrary code. The vulnerability specifically exists in the PNA_TAG handling code of the pnm_get_chunk() function. The function does not check the if the length of an input to be stored in a fixed size buffer is larger than the buffer size.
Homepage:http://www.idefense.com
File Size:3340
Related CVE(s):CAN-2004-1187
Last Modified:Dec 31 20:12:42 2004
MD5 Checksum:ec842ba395331e1d46648b3c5cc979a1

 ///  File Name: 12.16.04-5.txt
Description:
iDEFENSE Security Advisory 12.16.2004-5 - Remote exploitation of a stack-based buffer overflow vulnerability in Veritas Backup Exec allows attackers to execute arbitrary code. The vulnerability specifically exists within the function responsible for receiving and parsing registration requests. The registration request packet contains the hostname and connecting TCP port of the client which is stored in an array on the stack. An attacker can send a registration request with an overly long hostname value to overflow the array and take control of the saved return address to execute arbitrary code.
Author:Patrik Karlsson
Homepage:http://www.idefense.com/
File Size:3337
Related CVE(s):CAN-2004-1172
Last Modified:Dec 30 10:05:22 2004
MD5 Checksum:0bdbea7721db97f2068ded18fe5b51af

 ///  File Name: SantyB.php.txt
Description:
Santy.b phpBB worm that affects versions 2.0.10 and below and installs a bot. Uses AOL/Yahoo search.
File Size:3312
Last Modified:Jan 2 19:53:15 2005
MD5 Checksum:f4c02459ecd6bf099c06b116417f8a3e

 ///  File Name: 12.21.04-3.txt
Description:
iDEFENSE Security Advisory 12.21.2004-3 - Remote exploitation of a buffer overflow vulnerability in the file transfer protocol (FTP) daemon included in multiple versions of Hewlett- Packard Development Co.'s (HP) HP-UX allows attackers to gain remote root access in certain configurations.
Homepage:http://www.idefense.com
File Size:3312
Last Modified:Dec 31 20:13:54 2004
MD5 Checksum:e833fca2b3048c3ea615dc3ed1d4a4f4

 ///  File Name: sa13466.txt
Description:
Secunia Security Advisory - Kostya Kortchinsky has reported two vulnerabilities in Microsoft Windows, allowing malicious people to compromise a vulnerable system via WINS.
Homepage:http://secunia.com/advisories/13466/
File Size:3298
Last Modified:Dec 30 08:49:48 2004
MD5 Checksum:ad4279b6166a8d6dce011c52ce340d3d