Section:  .. / 0410-advisories  /

Page 5 of 11
<< 1 2 3 4 5 6 7 8 9 10 11 >> Files 100 - 125 of 254
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: HEXVIEW_2004_10_12_1.txt
Description:
Insufficient data validation for incoming calendar data makes possible to cause buffer overflow condition leading to stack corruption. As a result, it is possible to reboot the device (all stored messages will be lost since RAM storage will be reinitialized). It is also possible to execute code embedded by the attacker. It should be mentioned that Blackberry developers tools are freely available.
Author:Hexview
Homepage:http://www.hexview.com
File Size:2802
Last Modified:Oct 24 23:35:55 2004
MD5 Checksum:0ab1d272979d28e35ab52f6a0eb5fac6

 ///  File Name: 3com3crwe754g72-a.txt
Description:
The 3COM 3crwe754g72-a products suffers from information disclosure, clear text information text storage, and bad authentication design.
Author:Cyrille Barthelemy
File Size:2752
Last Modified:Oct 26 05:15:40 2004
MD5 Checksum:965807fae934ba693c72a223294ab2a7

 ///  File Name: eEye.realplayerZIP.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a vulnerability in RealPlayer that allows a remote attacker to reliably overwrite the stack with arbitrary data and execute arbitrary code in the context of the user under which the player is running.
Author:Yuji Ukai
Homepage:http://www.eeye.com/
File Size:2749
Last Modified:Oct 28 16:48:12 2004
MD5 Checksum:7e9a80453c6a97a5b320f84fd618fc7f

 ///  File Name: eEye.realplayer.txt
Description:
eEye Security Advisory - eEye Digital Security has discovered a critical vulnerability in RealPlayer. The vulnerability allows a remote attacker to reliably overwrite heap memory with arbitrary data and execute arbitrary code in the context of the user who executed the player.
Author:Karl Lynn
Homepage:http://www.eeye.com/
File Size:2718
Last Modified:Oct 13 04:52:48 2004
MD5 Checksum:071fd4d275ab487e4588e42fdde219ee

 ///  File Name: htmlrender.txt
Description:
Addendum to previous post regarding browser inabilities to render HTML securely. It appears that problems thought not to also include MSIE do affect that product as well.
Author:Michal Zalewski
Homepage:http://lcamtuf.coredump.cx/
File Size:2680
Last Modified:Oct 27 05:34:17 2004
MD5 Checksum:6efa666bf95d1f9996a5d197c3e7d894

 ///  File Name: glsa-200410-05.txt
Description:
Gentoo Linux Security Advisory GLSA 200410-05 - Cyrus-SASL contains two vulnerabilities that might allow an attacker to completely compromise the vulnerable system.
Homepage:http://security.gentoo.org/
File Size:2677
Related CVE(s):CAN-2004-0884
Last Modified:Oct 13 08:01:03 2004
MD5 Checksum:acf0142f3ed0d9b045ef069c5cc93104

 ///  File Name: aolwebmail_advisory.txt
Description:
AOL Webmail suffers from cross site scripting flaws.
Author:Steven
Homepage:http://www.lovebug.org/
File Size:2667
Last Modified:Oct 27 04:17:48 2004
MD5 Checksum:9f0bdcc9129d7889bdfad4e7dbb5d11b

 ///  File Name: glsa-200410-27.txt
Description:
Gentoo Linux Security Advisory GLSA 200410-27 - Buffer overflow vulnerabilities have been found in mpg123 which could lead to execution of arbitrary code. The flaws in the getauthfromURL() and http_open() functions have been reported by Carlos Barros. Additionally, the Gentoo Linux Sound Team fixed additional boundary checks which were found to be lacking.
Homepage:http://security.gentoo.org/
File Size:2656
Last Modified:Oct 28 16:32:36 2004
MD5 Checksum:3aed7692680f5193ddc47e2dea420ee8

 ///  File Name: netscapewebmail_advisory.txt
Description:
Netscape.net Webmail is susceptible to a cross site scripting attack.
Author:Steven
Homepage:http://www.lovebug.org/
File Size:2644
Last Modified:Oct 27 04:18:51 2004
MD5 Checksum:80b7f34b2c05e4eb63aae8f232b64c25

 ///  File Name: glsa-200410-01.txt
Description:
Gentoo Linux Security Advisory GLSA 200410-01 - sharutils contains two buffer overflow vulnerabilities that could lead to arbitrary code execution.
Homepage:http://security.gentoo.org/
File Size:2607
Last Modified:Oct 13 04:50:05 2004
MD5 Checksum:13eb93f46a4fa12d3cc8ada0a6de5585

 ///  File Name: oldMonolith.txt
Description:
Some old games developed by Monolith, such as Alien versus Predator 2 versions 1.0.9.6 and below, Blood 2 versions 2.1 and below, No one lives forever 1.004 and below, etc, all suffer from a classical buffer-overflow which happens when an attacker sends a secure Gamespy query followed by at least 68 chars.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:lithsec.zip"
File Size:2605
Last Modified:Oct 13 09:00:54 2004
MD5 Checksum:5b420b5726ce75a01fb81218e7d38570

 ///  File Name: 2004-10-03.txt
Description:
A security weakness exists in renattach 1.2.0 and 1.2.1, although there does not appear to be a practical way to exploit the code for remote access, arbitrary execution, or other immediate damage. The weakness only applies to the --pipe facility. The problem has been fixed in beta version 1.2.1e (soon to become 1.2.2 release).
Author:Jem Berkes
Homepage:http://www.sysdesign.ca
File Size:2572
Last Modified:Oct 13 10:02:53 2004
MD5 Checksum:bb81671e8560cec43641518ff7db9314

 ///  File Name: StoreCart.txt
Description:
A vulnerability in the Yahoo! Store shopping cart allowed a remote user the ability to effectively alter the price of merchandise being placed into their shopping cart.
Author:Ben Efros
File Size:2571
Last Modified:Oct 1 18:04:40 2004
MD5 Checksum:88c3879070e3063c41feb3a723ca38f2

 ///  File Name: JavaPhone.txt
Description:
Two very serious security vulnerabilities in Java technology for mobile devices (Java 2 Micro Edition) affects about 250 million mobile phones coming from Nokia, Siemens, Panasonic, Samsung, Motorola and others. Sun has refused to release an alert regarding these issues. Information about these flaws has been published at Hack In the Box Security Conference earlier this month in Kuala Lumpur, Malaysia.
Author:Adam Gowdiak
Homepage:http://www.man.poznan.pl
Related File:hitb04-adam-gowdiak.pdf
File Size:2542
Last Modified:Oct 27 05:24:06 2004
MD5 Checksum:1578a24e5a23db54eead328b0631221f

 ///  File Name: aoljournals_advisory.txt
Description:
An information disclosure flaw in AOL Journals allows any remote attacker to increment BlogIDs in order to reveal other user email addresses.
Author:Steven
File Size:2541
Last Modified:Oct 27 05:37:51 2004
MD5 Checksum:6e073986f6cffe97de9d366059c8082e

 ///  File Name: glsa-200410-06.txt
Description:
Gentoo Linux Security Advisory GLSA 200410-06 - CUPS leaks information about user names and passwords when using remote printing to SMB-shared printers which require authentication.
Homepage:http://security.gentoo.org/
File Size:2532
Related CVE(s):CAN-2004-0923
Last Modified:Oct 13 09:15:20 2004
MD5 Checksum:edc45efe5f9cedf96b84d882ed243002

 ///  File Name: sa12793.txt
Description:
Secunia Security Advisory - A weakness has been reported in Windows XP, which can be exploited to bypass certain rules in the Internet Connection Firewall (ICF). The problem is caused due to the firewall by default accepting incoming connections to ports listened on by the "sessmgr.exe" process.
Homepage:http://secunia.com/advisories/12793/
File Size:2525
Last Modified:Oct 26 05:51:03 2004
MD5 Checksum:9f689300b46c200ccc976fc4b44c5ead

 ///  File Name: rsshFormat.txt
Description:
rssh versions below 2.2.2 suffer from a format string vulnerability that may allow for privilege escalation.
Author:Derek Martin
Homepage:http://www.pizzashack.org/
File Size:2475
Last Modified:Oct 27 05:42:07 2004
MD5 Checksum:66030e868f44a2848e1ae83843f52b6d

 ///  File Name: kitchenaid.txt
Description:
This one is serious.. smoothie makers beware. There's a race condition in KitchenAid blenders that can trigger a denial of service. The device will require a physical shutdown in order to work again. Full details of exploitation provided.
Author:Frank Denis
File Size:2474
Last Modified:Oct 13 09:39:04 2004
MD5 Checksum:b2ab637956d355d4e3444f0576c36615

 ///  File Name: megabbs.txt
Description:
MegaBBS is susceptible to HTTP Response splitting and SQL injection vulnerabilities.
Author:pigrelax
File Size:2462
Last Modified:Oct 1 16:15:31 2004
MD5 Checksum:fb3c66e4ed3e18435625a1130924f5cd

 ///  File Name: sambaCAN20040815.txt
Description:
Correction to an earlier Samba advisory stating that versions 3.0.0 through 3.0.5 were susceptible to a remote file access bug when only versions 3.0.x through 3.0.2a were susceptible.
File Size:2452
Last Modified:Oct 13 06:00:50 2004
MD5 Checksum:8e460aaeb70d83a3627e6e5503b3fee4

 ///  File Name: pscriptForum.txt
Description:
Powie's PSCRIPT Forum is susceptible to multiple SQL injection vulnerabilities.
Author:Christoph Jeschke
File Size:2447
Last Modified:Oct 26 04:49:50 2004
MD5 Checksum:1440ba6ea0c4b79e08fb07a0f48c63d1

 ///  File Name: sa12825.txt
Description:
Secunia Security Advisory - Multiple vulnerabilities have been reported in MediaWiki, which can be exploited by malicious people to conduct script insertion, cross-site scripting, and SQL injection attacks.
Homepage:http://secunia.com/advisories/12825/
File Size:2446
Last Modified:Oct 26 03:29:16 2004
MD5 Checksum:7850a3fb2635a695e622b2592ba82f7a

 ///  File Name: glsa-200410-13.txt
Description:
Gentoo Linux Security Advisory GLSA 200410-13 - BNC contains an input validation flaw which might allow a remote attacker to issue arbitrary IRC related commands.
Homepage:http://security.gentoo.org/
File Size:2432
Last Modified:Oct 26 04:16:19 2004
MD5 Checksum:9a4be30a8c4de96951a0236e6de59143

 ///  File Name: 1333htpasswd.txt
Description:
It appears that the new Apache release 1.3.33 still is susceptible to a local buffer overflow discovered in htpasswd under release 1.3.31.
Author:Larry Cashdollar
Homepage:http://vapid.ath.cx
File Size:2411
Last Modified:Oct 30 00:19:33 2004
MD5 Checksum:0dffea6c50d00010978b25dafae6accc