Section:  .. / 0406-advisories  /

Page 2 of 6
<< 1 2 3 4 5 6 >> Files 25 - 50 of 129
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: SSRT3456.txt
Description:
A potential security vulnerability has been identified with HP-UX running ftp where the vulnerability could be exploited remotely to allow unauthorized access. Impacted versions: HP-UX B.11.00, B.11.11, B.11.22.
Homepage:http://www.hp.com/
File Size:7352
Last Modified:Jun 14 09:01:58 2004
MD5 Checksum:8a4b86d932e2a37b0f7cabc398cdd68f

 ///  File Name: hpsbux0202-182.txt
Description:
HP advisory against running Netscape on HP-UX platform.
Homepage:http://www5.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0202-182
File Size:7139
Last Modified:Jun 30 12:25:00 2004
MD5 Checksum:2b41838b3518947dbd0353148012746e

 ///  File Name: spfp.html
Description:
Sygate Personal Firewall Pro version 5.x is susceptible to a denial of service attack by being crashed via unprivileged applications sending specially crafted messages to the ListView control in the GUI.
Author:Tan Chew Keong
Homepage:http://www.security.org.sg/vuln/spfp.html
File Size:6843
Last Modified:Jun 18 08:54:07 2004
MD5 Checksum:6db7060b0f91673eabfcc809e036974f

 ///  File Name: 092004.txt
Description:
A team audit of the CVS codebase has revealed more security related problems. The vulnerabilities discovered include exploitable, potentially exploitable and simple crash bugs. Vulnerable versions are CVS feature releases up to 1.12.8 and stable release up to 1.11.16.
Author:Stefan Esser
Homepage:http://security.e-matters.de/advisories/092004.html
File Size:6672
Related CVE(s):CAN-2004-0414, CAN-2004-0416, CAN-2004-0417, CAN-2004-0418
Last Modified:Jun 10 09:28:47 2004
MD5 Checksum:15d5f057bf9e9a5cec1e69c9dad30bbc

 ///  File Name: SSRT4758.txt
Description:
A potential vulnerability has been identified with HP-UX running ObAM 5.0 with the WebAdmin capability enabled. This vulnerability could be exploited remotely to allow unauthorized access. Impacted version: HP-UX B.11.11 running ObAM 5.0.
Homepage:http://www.hp.com/
File Size:6662
Last Modified:Jun 29 14:02:00 2004
MD5 Checksum:9ed87a78b6cbedd00fdf61b116af9b32

 ///  File Name: SSRT3552.txt
Description:
A potential vulnerability has been identified in the HP-UX ARPA Transport which could be exploited by a local user to create a Denial of Service. Impacted versions: HP-UX B.11.00, B.11.04, B.11.11.
Homepage:http://www.hp.com/
File Size:6452
Last Modified:Jun 29 14:17:00 2004
MD5 Checksum:2722dc60aa6e99f8549197d80b437536

 ///  File Name: SSRT4741.txt
Description:
DCE for HP Tru64 UNIX is susceptible to a potential RPC buffer overrun attack that can result in a denial of service. Affected releases: All versions of DCE/DFS for Tru64 UNIX are vulnerable v4.1.4 (ifspec), v4.1.5, v4.2 and v4.3.
Homepage:http://www.hp.com/
File Size:6226
Last Modified:Jun 25 13:12:00 2004
MD5 Checksum:5105524b134383c9389d9305c83b7d38

 ///  File Name: TA04-174A.txt
Description:
Technical Cyber Security Alert TA04-174A - Two vulnerabilities in the ISC DHCP allow a remote attacker to cause a denial of the DHCP service on a vulnerable system. It may be possible to exploit these vulnerabilities to execute arbitrary code on the system. Systems affected are ISC DHCP versions 3.0.1rc12 and 3.0.1rc13.
Homepage:http://www.us-cert.gov/cas/techalerts/TA04-174A.html
File Size:5627
Last Modified:Jun 23 01:37:13 2004
MD5 Checksum:38468dc7a5f7532d69739b603f55df3f

 ///  File Name: aspellOverflow.txt
Description:
Aspell is susceptible to a stack overflow when it makes use of a wordlist file that has an entry exceeding 256 bytes.
Author:shaun2k2 aka Shaun Colley
Homepage:http://www.nettwerked.co.uk
File Size:5568
Last Modified:Jun 10 08:58:31 2004
MD5 Checksum:9c966404c0f3b3642724ecafe8e07326

 ///  File Name: TA04-163A.txt
Description:
Technical Cyber Security Alert TA04-163A - There is a cross-domain vulnerability in the way Microsoft Internet Explorer determines the security zone of a browser frame that is opened in one domain then redirected by a web server to a different domain.
Homepage:http://www.us-cert.gov/cas/techalerts/TA04-163A.html
File Size:5311
Related CVE(s):CAN-2004-0549
Last Modified:Jun 14 10:06:00 2004
MD5 Checksum:863aa8ed338738125c76110936385e7e

 ///  File Name: iss7bypass.txt
Description:
Users of Internet Scanner 7 from ISS can bypass license restrictions due to a key bypass flaw.
Author:Chris Hurley
Homepage:http://www.assureddecisions.com
File Size:5310
Last Modified:Jun 22 09:47:12 2004
MD5 Checksum:1cb10a7a01960e4a265bf3bac5dd1f8c

 ///  File Name: eEye.ibm.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a security vulnerability in IBM's signed eGatherer activex. Because this application is signed, it might be presented to users on the web for execution in the name of IBM. If users trust IBM, they will run this, and their systems will be compromised. This activex was designed by IBM to be used for an automated support solution for their PC's. This is installed by default on many popular IBM PC models.
Author:http-equiv, Drew Copley
Homepage:http://www.eeye.com/
File Size:5225
Last Modified:Jun 22 09:32:45 2004
MD5 Checksum:c3699a077e6d6827a92ac0240a977421

 ///  File Name: linux24.i2c.txt
Description:
The Linux 2.4.x kernel series comes with an i2c driver that has an integer overflow vulnerability during the allocation of memory.
Author:Shaun Colley aka shaun2k2
Homepage:http://www.nettwerked.co.uk
File Size:5141
Last Modified:Jun 18 02:47:47 2004
MD5 Checksum:3e2981111ef6497518ffeb00b3a98e99

 ///  File Name: dsa-521.txt
Description:
Debian Security Advisory DSA 521-1 - A format string vulnerability has been discovered in sup, a set of programs to synchronize collections of files across a number of machines, whereby a remote attacker could potentially cause arbitrary code to be executed with the privileges of the supfilesrv process.
Author:jaguar
Homepage:http://www.debian.org/security/2004/dsa-521
File Size:4780
Related CVE(s):CAN-2004-0451
Last Modified:Jun 22 09:18:33 2004
MD5 Checksum:932c2bbb794d476913ccd1bb1787fba7

 ///  File Name: dsa-513.txt
Description:
Debian Security Advisory DSA 513-1 - Jaguar discovered a format string vulnerability in log2mail, whereby a user able to log a specially crafted message to a logfile monitored by log2mail (for example, via syslog) could cause arbitrary code to be executed with the privileges of the log2mail process. Versions below 0.2.5.2 are affected.
Author:Matt Zimmerman
Homepage:http://www.debian.org/security/
File Size:4767
Related CVE(s):CAN-2004-0450
Last Modified:Jun 9 06:48:48 2004
MD5 Checksum:fd5e806abf0c91e09db3b7b823489f87

 ///  File Name: dsa-522.txt
Description:
Debian Security Advisory DSA 522-1 - A format string vulnerability in super has been discovered that allows specified users to execute commands with root privileges. This vulnerability could potentially be exploited by a local user to execute arbitrary code with root privileges.
Author:Matt Zimmerman, Max Vozeler
Homepage:http://www.debian.org/security/
File Size:4664
Related CVE(s):CAN-2004-0579
Last Modified:Jun 22 10:07:06 2004
MD5 Checksum:31ed2b5523f6c725de48978b62dfb03f

 ///  File Name: APPLE-SA-2004-06-07.txt
Description:
APPLE-SA-2004-06-07 Security Update 2004-06-07 - This update delivers a number of security enhancements and is recommended for all Macintosh users. Components affected are LaunchServices, DiskImageMounter, Safari, and Terminal.
Homepage:http://www.apple.com/support/security/security_updates.html
File Size:4462
Related CVE(s):CAN-2004-0538, CAN-2004-0539
Last Modified:Jun 9 07:58:22 2004
MD5 Checksum:e3eeb77e793fa486482555a4ada5d3e9

 ///  File Name: 06.23.04.txt
Description:
iDEFENSE Security Advisory 06.23.04: Remote exploitation of a parameter filtering vulnerability in IBM Corp.'s Lotus Notes application allows remote attackers to execute arbitrary code.
Homepage:http://www.idefense.com/
File Size:4443
Last Modified:Jun 25 12:29:00 2004
MD5 Checksum:a9fa891c5283563f433af1bf1b033ebf

 ///  File Name: eEye.acpRunner.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a security vulnerability in IBM's signed acpRunner activex. Because this application is signed, it might be presented to users on the web for execution in the name of IBM. If users trust IBM, they will run this, and their systems will be compromised. This activex was designed by IBM to be used for an automated support solution for their PC's. An unknown number of systems already have this activex on their systems. Version affected is 1.2.5.0.
Author:http-equiv, Drew Copley
Homepage:http://www.eeye.com/
File Size:4424
Last Modified:Jun 18 02:44:00 2004
MD5 Checksum:4c22845f70366becd0e2e3101582bfc9

 ///  File Name: 102004.txt
Description:
A vulnerability within Chora version 1.2.1 and below allows remote shell command injection.
Author:Stefan Esser
Homepage:http://security.e-matters.de/advisories/102004.html
File Size:4384
Last Modified:Jun 18 02:07:56 2004
MD5 Checksum:3aab4d75b9247695736206b05711ca82

 ///  File Name: domainWhoops.txt
Description:
A big gaping hole has been found where users who have expired passwords can unexpectedly log on to a Microsoft Windows 2000 domain if their fully qualified domain name (FQDN) is exactly eight characters long. Platforms affected: Microsoft Windows 2000 Advanced Server, Microsoft Windows 2000 Professional, Microsoft Windows 2000 Server.
Author:albatross
File Size:4262
Last Modified:Jun 2 09:32:51 2004
MD5 Checksum:9d9e4d57f82da663506455b7b91657c4

 ///  File Name: linux.5820.txt
Description:
There exists an integer overflow in the Broadcom 5820 Cryptonet driver. A user supplied value is used to size a dynamic buffer, and this buffer is subsequently filled with user supplied data. This allows for a local denial of service attack with possible code execution.
Author:sean
File Size:4043
Last Modified:Jun 25 12:03:00 2004
MD5 Checksum:6cbe3f856adde2daa4badebe27af44af

 ///  File Name: IntegrigySQL.txt
Description:
Integrigy Security Alert - Multiple SQL injection vulnerabilities exist in the Oracle E-Business Suite 11i and Oracle Applications 11.0. These vulnerabilities can be remotely exploited simply using a browser and sending a specially crafted URL to the web server. A mandatory patch from Oracle is required to solve these security issues.
Author:Stephen Kost
Homepage:http://www.integrigy.com/
File Size:3981
Last Modified:Jun 8 01:58:57 2004
MD5 Checksum:91e31dfcc3aa6cf9516e65c4691bbbd7

 ///  File Name: FreeBSD-SA-04-12.jailroute.asc
Description:
FreeBSD Security Advisory FreeBSD-SA-04:12.jailroute - A programming error has allowed local users the ability to manipulate host routing tables if superuser privileges are achieved within jailed process.
Author:Pawel Malachowski
Homepage:http://www.freebsd.org/security/
File Size:3919
Related CVE(s):CAN-2004-0125
Last Modified:Jun 9 07:24:50 2004
MD5 Checksum:39b2d5fd29a996169508ac2e40b924f0

 ///  File Name: advisory-07.txt
Description:
PowerPortal version 1.x suffers from full path disclosure, cross site scripting, and arbitrary directory browsing flaws.
Author:DarkBicho
Homepage:http://www.darkbicho.tk
File Size:3796
Last Modified:Jun 28 02:31:00 2004
MD5 Checksum:ae390ffaf8d537a7f21d85cc8c896a5e