Section:  .. / 0406-advisories  /

Page 4 of 6
<< 1 2 3 4 5 6 >> Files 75 - 100 of 129
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: GM006-MC.txt
Description:
GreyMagic Security Advisory GM#006-MC - GreyMagic discovered that by sending a maliciously formed email to a Yahoo user it is possible to circumvent the filter and execute script in the context of a logged-in Yahoo! user due to a cross site scripting flaw.
Homepage:http://www.greymagic.com/security/advisories/gm006-mc/
File Size:2527
Last Modified:Jun 3 19:19:03 2004
MD5 Checksum:aff7ba82f97cc8e4a914623dc9a8a271

 ///  File Name: lotus.inject.txt
Description:
During the client-side Windows installation of Lotus Notes, a notes: URL handler is registered in the registry. An argument injection attack allows an intruder to pass command line arguments to notes.exe, which can lead to execution of arbitrary code.
Author:Jouko Pynnonen
Homepage:http://iki.fi/jouko/
File Size:2526
Last Modified:Jun 27 23:14:00 2004
MD5 Checksum:2fd0f23c99e3a334d8b5d70d022b19b8

 ///  File Name: KM-2004-01.txt
Description:
Blosxom, a weblog tool, is susceptible to cross site scripting attacks.
Author:Kyle Maxwell
File Size:2509
Last Modified:Jun 9 08:01:07 2004
MD5 Checksum:ba0c8daca8bb3a886f90222afcc84f92

 ///  File Name: advisory-08.txt
Description:
csFAQ is susceptible to a path disclosure vulnerability.
Author:DarkBicho
Homepage:http://www.darkbicho.tk
File Size:2487
Last Modified:Jun 28 02:36:00 2004
MD5 Checksum:e819136f86ae261f1e4f5d3529d02ec7

 ///  File Name: osticket.txt
Description:
A flaw in osTicket will allow a malicious attacker the ability to view files that are supposed to be protected.
Author:Guy Pearce
File Size:2471
Last Modified:Jun 23 01:16:53 2004
MD5 Checksum:d815c3f9325b66f8f1de32be46fa35b5

 ///  File Name: cellphoneVirii.txt
Description:
Bit of information regarding the first cellular phone virus called Cabir being discovered.
Author:lowdownhaxor
File Size:2440
Last Modified:Jun 18 02:40:23 2004
MD5 Checksum:a80bf45246702e59461cf3d40b6c21ef

 ///  File Name: GLSA200406-22.txt
Description:
Gentoo Linux Security Advisory GLSA 200406-22 - Pavuk contains a bug potentially allowing an attacker to run arbitrary code.
Homepage:http://www.gentoo.org/
File Size:2440
Last Modified:Jun 30 12:12:00 2004
MD5 Checksum:a6478252cfee03abd1c105f70ba63da8

 ///  File Name: isakmpdAgain.txt
Description:
Unauthorized deletion of IPsec SAs is still possible using a delete payload piggybacked on an initiation of main mode with the latest version of isakmpd.
Author:Thomas Walpuski
File Size:2386
Last Modified:Jun 10 08:50:37 2004
MD5 Checksum:4d35d10802dfc221a5d6be5493aaa368

 ///  File Name: GM007-OP.txt
Description:
GreyMagic Security Advisory GM#007-OP - It is possible to use a shortcut icon in Opera to fool users into believing that they are in a domain they trust. Tested versions which are affected: Opera 7.23 and 7.50.
Homepage:http://security.greymagic.com/security/advisories/gm007-op/
File Size:2385
Last Modified:Jun 3 19:20:56 2004
MD5 Checksum:eae62b844a0fb6f3ca84f8958e9c9757

 ///  File Name: realra.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR11062004 - By crafting a malformed .RA, .RM, .RV or .RMJ file it possible to cause heap corruption that can lead to execution of arbitrary code. By forcing a browser or enticing a user to a website containing such a file, arbitrary attacker supplied code could be executed on the target machine. This code will run in the security context of the logged on user. Another attacker vector is via an e-mail attachment. NGSResearchers have created reliable exploits to take advantage of these issues. Versions affected are: RealOne Player (English), RealOne Player v2 (all languages), RealPlayer 10 (English, German and Japanese), RealPlayer 8 (all languages), RealPlayer Enterprise (all versions, standalone and as-configured by the RealPlayer Enterprise Manager).
Author:John Heasman
Homepage:http://www.nextgenss.com/advisories/realra.tx
File Size:2216
Last Modified:Jun 14 09:51:09 2004
MD5 Checksum:9b39749f4276503fbe10da621c33ba0b

 ///  File Name: billionFW.txt
Description:
A vulnerability in the Billion BIPAC-640 AE Broadband Firewall Gateway can be exploited by malicious people to bypass user authentication on the administrative web interface.
Author:Tommy A. Olsen
File Size:2189
Last Modified:Jun 14 10:15:18 2004
MD5 Checksum:706bf78e6fbf6d6a1b310ca5f9d3e0a5

 ///  File Name: aspXSS.txt
Description:
AspDotNetStorefront 3.3 is susceptible to cross site scripting attacks.
Author:Tom
File Size:2185
Last Modified:Jun 10 09:31:29 2004
MD5 Checksum:e9d4f52aa7ecf0cf6b4fa20dc5b41e17

 ///  File Name: sqwebmailXSS.txt
Description:
Sqwebmail 4.0.4.20040524 is susceptible to a cross site scripting vulnerability.
Author:Luca Legato
File Size:2078
Last Modified:Jun 23 00:56:04 2004
MD5 Checksum:bed2413cb1cadb0226c9ca0b40f9fedf

 ///  File Name: sa11950.txt
Description:
A vulnerability in JUNOS can be exploited by transmitting specially-crafted IPv6 packets.
Homepage:http://secunia.com/product/3418/
File Size:2059
Related CVE(s):CAN-2004-0468
Last Modified:Jun 29 13:59:00 2004
MD5 Checksum:fd4b86d888b70777512552f554032c2f

 ///  File Name: colinmcraerally04.txt
Description:
Colin McRae Rally 04 has a flaw where a client can passively block an entire gaming network by setting a value too high.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org/
Related Exploit:cmr4cdos.zip"
File Size:2007
Last Modified:Jun 8 02:13:38 2004
MD5 Checksum:42cf656302a67cc739161b7f24fbd07d

 ///  File Name: sa11944.txt
Description:
Secunia Security Advisory - Valerie Holfield has discovered a vulnerability in phpmyfamily, which can be exploited by malicious people to gain edit privileges. It is possible to be automatically logged in as user nobody when clicking to download a document and then leaving the page. This grants the person ability to add people, change information, upload and delete documents and images.
Homepage:http://secunia.com/product/3619/
File Size:1999
Last Modified:Jun 29 12:37:00 2004
MD5 Checksum:7a48b2c53f4f7d2095df499a86c435b1

 ///  File Name: CAN-2004-0413-advisory.txt
Description:
Subversion versions up to and including 1.0.4 have a potential Denial of Service and Heap Overflow issue related to the parsing of strings in the 'svn://' family of access protocols. This affects only sites running svnserve.
File Size:1962
Related CVE(s):CAN-2004-0413
Last Modified:Jun 14 10:02:05 2004
MD5 Checksum:6c57e45271df0257835bf6f75027de6f

 ///  File Name: zone-h-drcat.txt
Description:
Zone-h Security Advisory - Drcatd is susceptible to multiple local and remote buffer overflows.
Author:Khan Shirani
Homepage:http://www.zone-h.org
File Size:1891
Last Modified:Jun 25 13:33:00 2004
MD5 Checksum:8fb7ead33f30e6c160a15a3dfbe98254

 ///  File Name: sa11824.txt
Description:
A vulnerability has been discovered in ignitionServer versions 0.1.2 through 0.3.1, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to missing password verification when linking servers.
Author:Keith Gable
Homepage:http://www.ignition-project.com/ignition/server/download/
File Size:1872
Last Modified:Jun 14 10:59:28 2004
MD5 Checksum:3ed7bf846be98922567d8958ae3a1273

 ///  File Name: trendOfficeScan55.txt
Description:
Trend OfficeScan version 5.5 has a flaw that allows a malicious user to escalate a program's privileges to that of the virus scanner.
Author:Donald Reid
File Size:1819
Last Modified:Jun 10 09:12:45 2004
MD5 Checksum:bc8d3150c3d1faa2fe9aec6822a56db4

 ///  File Name: sa11928.txt
Description:
Secunia Security Advisory - VeNoMouS has reported a vulnerability in php-exec-dir, which can be exploited by malicious users to bypass certain security restrictions.
Homepage:http://secunia.com/product/3612/
File Size:1817
Last Modified:Jun 25 13:38:00 2004
MD5 Checksum:6ad1a23b9f59682c89fb027ed2bfbaba

 ///  File Name: sa11807.txt
Description:
A vulnerability has been discovered in MoinMoin that can be exploited by malicious users to gain escalated privileges. The problem is that a user can gain the same privileges as an administrative group by creating a user with the same name. The vulnerability has been reported in versions 1.1, 1.2, and 1.2.1.
Author:Michael Castleman
File Size:1796
Last Modified:Jun 14 10:55:57 2004
MD5 Checksum:977b231f1ac6323f67c2ab8e56305c8c

 ///  File Name: sa11794.txt
Description:
Two vulnerabilities have been discovered in Webmin, which can be exploited by malicious people to cause a DoS (Denial of Service) or bypass certain security restrictions. Versions below 1.150 are susceptible.
File Size:1795
Last Modified:Jun 8 01:43:51 2004
MD5 Checksum:ecfc1c9d20ce91436c0f320fd91ca67f

 ///  File Name: ie6xss.txt
Description:
Information regarding proper exploitation of a cross site scripting flaw affecting Internet Explorer 6 SP1 running on Windows XP.
Author:liu die yu
File Size:1758
Last Modified:Jun 23 00:54:31 2004
MD5 Checksum:86a570a697441562d1433091fc6e6107

 ///  File Name: zone-h-gnats.txt
Description:
A format string bug has been discovered in the Gnats package version 4.0 which could possibly be exploited to execute arbitrary commands.
Author:Khan Shirani
Homepage:http://www.zone-h.org/
File Size:1730
Last Modified:Jun 25 14:39:00 2004
MD5 Checksum:ed3a0943d7ef171187f6ce526e6e72e6