Section:  .. / 0405-advisories  /

Page 3 of 5
<< 1 2 3 4 5 >> Files 50 - 75 of 105
Currently sorted by: File SizeSort By: File Name, Last Modified

 ///  File Name: iephish.txt
Description:
Internet Explorer version 6.0.2800 (and possibly others) suffers from a certificate theft bug that can be used against victims for phishing scams.
Author:Emmanouel Kellinis
Homepage:http://www.cipher.org.uk
File Size:2962
Last Modified:May 4 04:36:52 2004
MD5 Checksum:d54552efc93210c23a9b6940f487cfb7

 ///  File Name: 57560.txt
Description:
Sun has released an advisory regarding Java Secure Socket Extension. Versions 1.0.3, 1.0.3_01, and 1.0.3_02 of JSEE allow malicious web sites to impersonate trusted web sites.
Homepage:http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert/57560
File Size:2879
Last Modified:May 19 23:16:17 2004
MD5 Checksum:444343f673aa630825f8c790d085b52c

 ///  File Name: msaspCookie.txt
Description:
The Microsoft Active Server Pages (ASP) engine does not properly handle special cookie values when they are retrieved. Because of this, an unhandled error is returned to the client. This behavior can be used maliciously to gather sensitive information from web applications. All Microsoft Internet Information Server (IIS) web applications using Active Server Pages (ASP) are affected.
Author:Cesar Cerrudo
File Size:2837
Last Modified:May 7 23:19:51 2004
MD5 Checksum:75c0cc47922f883dd028dd0ea48ef8d9

 ///  File Name: sa11590.txt
Description:
Unavailable.
File Size:2785
Last Modified:May 12 07:43:07 2004
MD5 Checksum:6efe94c50541f6f691e1db88c8908a4d

 ///  File Name: MACOSX.SSHURI.txt
Description:
Mac OS X versions 10.3.3 and greater along with various browsers suffer from yet another URI silent code execution flaw using the SSH handler.
Author:kang
Homepage:http://www.insecure.ws/article.php?story=200405222251133
Related File:021829.html
File Size:2771
Last Modified:May 26 00:34:05 2004
MD5 Checksum:43c14820da5ad7432988ed2bc8ec7c7d

 ///  File Name: cpanelApache.txt
Description:
The options used by cPanel software to compile Apache 1.3.29 and PHP using the mod_phpsuexec option are flawed and allow any local user to execute arbitrary code as any other user owning a web accessible php file.
Author:Rob Brown
Homepage:http://A-Squad.Com
File Size:2680
Last Modified:May 26 00:30:29 2004
MD5 Checksum:7b88b68b4fa4d957d1bd9e593e8fb0ce

 ///  File Name: wildtangent.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR27052004 - It is possible to cause a number of buffer overruns within the WildTangent WTHoster and Web Driver modules via any method that takes a filename as a parameter. Version 4.0 tested and others are possibly affected.
Author:Peter Winter-Smith
Homepage:http://www.ngssoftware.com/advisories/wildtangent.txt
File Size:2453
Last Modified:May 28 03:38:16 2004
MD5 Checksum:f074d3174ebc046ce09221657b72178a

 ///  File Name: sa11724.txt
Description:
Apple has issued an updated version of Mac OS X, which fixes many unspecified vulnerabilities. An unspecified error reportedly exists within the NFS logging functionality when tracing system calls. Another unspecified error reportedly exists within LoginWindow when handling directory services lookups and console log files. Yet still another unspecified error exists within Packaging during package installation. Not to mention another unspecified error exists within the TCP/IP stack implementation when handling out-of-sequence TCP packets. Two more unspecified errors exist within AppleFileServer when using SSH and reporting errors and within Terminal when handling URLs.
Author:David Brown, Aaron, Ren Puls
File Size:2436
Last Modified:May 30 22:07:45 2004
MD5 Checksum:7a043a061f9b9080e31cb3e101ae7ebe

 ///  File Name: iemem.txt
Description:
Internet Explorer version 6.0.2800 and MSN Messenger suffer from a memory access violation bug that can result in a denial of service.
Author:Emmanouel Kellinis
Homepage:http://www.cipher.org.uk
File Size:2398
Last Modified:May 9 20:12:31 2004
MD5 Checksum:95e7bdf3821559d44bdf1117775399ec

 ///  File Name: sunjavaapp.txt
Description:
Sun-Java-App-Server PE version 8.0 suffers from a path disclosure vulnerability when returning server error 500 pages.
Author:Marc Schoenefeld
File Size:2386
Last Modified:May 28 03:31:49 2004
MD5 Checksum:a1340be73e5fa96fb10be66e55cb2789

 ///  File Name: outlooksilent.txt
Description:
Microsoft Outlook 2003 allows for a security zone bypass when an embedded OLE object with a reference to a Windows media file in a Rich Text Format (RTF) message is received.
Author:http-equiv
File Size:2373
Last Modified:May 19 01:53:33 2004
MD5 Checksum:418f4bf45bb6bfd608761d865ff267d5

 ///  File Name: msIPSec.txt
Description:
Write up noting how Microsoft's Windows IPSec implementation fails to properly authenticate an IPSec gateway and in return will accept client certificates as gateway certificates.
Author:Steffen Pfendtner
File Size:2367
Last Modified:May 9 20:30:58 2004
MD5 Checksum:491aea36a63f1eac59a430e9cdce7f0b

 ///  File Name: phpshop_29-04-04.txt
Description:
phpShop versions 0.7.1 and below have a flaw where it is possible for an attacker to execute arbitrary code as the server.
Author:Calum Power
File Size:2330
Last Modified:May 11 06:40:58 2004
MD5 Checksum:8133d93ec81c68a6dcb324f7ed7013a6

 ///  File Name: netgearURI.txt
Description:
Netgear RP114 devices, and possibly other related Netgear hardware, have a URI filtering bypass vulnerability when the URI being evaluated is larger than 220 bytes long.
Author:Marc Ruef
Homepage:http://www.computec.ch/mruef/advisories/
File Size:2249
Last Modified:May 25 23:46:10 2004
MD5 Checksum:ce323745796bf51d574d7ce28c0c46e4

 ///  File Name: Mollensoft36.txt
Description:
Mollensoft Hyperion FTP Server version 3.6 is vulnerable to a buffer overflow attack via the CD command.
Author:Chintan Trivedi
Homepage:http://www.eos-india.net
File Size:2229
Last Modified:May 30 21:49:37 2004
MD5 Checksum:ed4a30926065c28a2f1212c3b73cff46

 ///  File Name: smfsize.txt
Description:
SMF version 1.0 Beta 5 public is susceptible to a script injection vulnerability. This company used to produce YaBB SE.
Author:Cheng Peng Su
File Size:2204
Last Modified:May 7 23:08:54 2004
MD5 Checksum:5c7ea5f73c2bb240c36c5545e9223a66

 ///  File Name: sa11534.txt
Description:
Georgi Guninski has discovered a vulnerability in mod_ssl versions below 2.8.17, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Successful exploitation requires that the FakeBasicAuth option is enabled and that the malicious client certificate is issued from a trusted CA (Certificate Authority).
Author:Georgi Guninski
Homepage:http://www.guninski.com
File Size:2176
Last Modified:May 29 19:59:36 2004
MD5 Checksum:09b467d0d9a367dc251aaae6316a88c5

 ///  File Name: efFingerD.txt
Description:
A buffer overflow has been identified in efFingerD version 0.2.12.
Author:Dr Insane
Homepage:http://members.lycos.co.uk/r34ct/
File Size:2143
Last Modified:May 9 21:18:12 2004
MD5 Checksum:ae9c4ad933b2c7d88a1ce442f5d61cae

 ///  File Name: snmpdadv.txt
Description:
ucd-snmp versions 4.2.6 and below suffer from a buffer overflow on the command line when the daemon is spawned.
Author:priestmaster
Homepage:http://www.priestmaster.org
File Size:2096
Last Modified:May 21 20:44:25 2004
MD5 Checksum:be122a288bab3da10ef20d0d72f77d32

 ///  File Name: sa11525.txt
Description:
Alexander Antipov has reported some vulnerabilities in Web Wiz Forum, allowing malicious people to conduct SQL injection attacks and perform certain administrative functions.
Author:Alexander Antipov
Homepage:http://secunia.com/advisories/11525/
File Size:2050
Last Modified:May 4 06:15:05 2004
MD5 Checksum:f7a1fdd1a23ef0ca570ca46ec64a3de5

 ///  File Name: sa11632.txt
Description:
Secure Computing has reported multiple denial of service vulnerabilities in their Sidewinder G2 firewall.
Related File:SW61002Rel_Notes_0512.pdf
File Size:2023
Last Modified:May 19 01:48:35 2004
MD5 Checksum:d2cf35493bd23c4bd77ecbdb4a11dc84

 ///  File Name: sa11532.txt
Description:
Secunia Advisory SA11532 - Secunia has discovered a vulnerability in the Opera browser, which can be exploited by malicious people to fake (spoof) information displayed in the address bar. The vulnerability has been confirmed in version 7.23 for Windows and Linux. Prior versions may also be affected.
Author:Jakob Balle
Homepage:http://secunia.com/secunia_research/2004-2/advisory/
File Size:2008
Last Modified:May 13 21:52:29 2004
MD5 Checksum:e1d02241499399bc0dffa07448f5451a

 ///  File Name: fuse40.txt
Description:
Fuse Talk version 4.0 has various flaws that would enable a remote attacker to ban users and the possibility of tricking an administrator into adding accounts for them. It is also susceptible to various cross site scripting issues.
Author:Stuart Jamieson
File Size:2006
Last Modified:May 7 23:07:23 2004
MD5 Checksum:936ee940234bce6ec5bfcf6db8c93176

 ///  File Name: netchat73.txt
Description:
NetChat, an application intended to allow users on the same subnet to chat with one another, is susceptible to a stack-based buffer overflow. Versions 7.3 and below are affected. The overflow allows for arbitrary code execution under the user running the application.
Author:Marius Huse Jacobsen
File Size:1992
Last Modified:May 18 05:53:43 2004
MD5 Checksum:43ac9c127208900025e4d35d23a4c6d8

 ///  File Name: minishare132.txt
Description:
MiniShare HTTP server version 1.3.2 is susceptible to a denial of service attack due to mismanagement of requests. If a HEAD or GET request is sent with only one line following it, the server will crash.
Author:Donato Ferrante
Homepage:http://www.autistici.org/fdonato
File Size:1979
Last Modified:May 28 03:17:23 2004
MD5 Checksum:b9408a34ff51863488b63616ccf25e42