Section:  .. / 0403-advisories  /

Page 2 of 4
<< 1 2 3 4 >> Files 25 - 50 of 90
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: dameware4100.txt
Description:
Dameware Mini Remote Control version 4.1.0.0 passes its Blowfish encryption key on the wire in the clear. It also uses a poor random bit generator to create the key.
Author:ax09001h
File Size:1378
Last Modified:Mar 24 05:22:00 2004
MD5 Checksum:bb8347a1595e5a0e7b01a6872944a841

 ///  File Name: 032004.txt
Description:
Ethereal versions 0.8.14 through 0.10.2 were found to be vulnerable to thirteen remote stack overflows during a code audit. The vulnerable dissectors in question are namely: BGP, EIGRP, IGAP, IRDA, ISUP, NetFlow, PGM, TCAP and UCP. Ten of the overflows allow for arbitrary code execution.
Author:Stefan Esser
Homepage:http://security.e-matters.de/
File Size:11315
Related CVE(s):CAN-2004-0176
Last Modified:Mar 24 05:07:00 2004
MD5 Checksum:68b1a8f4d3a89c77a5ba179a4b799202

 ///  File Name: therage101.txt
Description:
The Rage game versions 1.01 and below are vulnerable to a remote denial of service. The packet used by the client to join the match hosted on the server contains a sockaddr_in structure inside the data that is composed by the AF_INET family, the source port and the IP address of the client. This structure is used by the server to send the next packets to the client. If an attacker fills it with a port and an IP equal to zero the server will enter in an infinite loop.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:ragefreeze.zip
File Size:1820
Last Modified:Mar 24 03:48:00 2004
MD5 Checksum:ed247d4aa5cacdbb878c9181d22ecc49

 ///  File Name: cpanelXSS910.txt
Description:
Cpanel version 9.1.0-STABLE 93 is susceptible to cross site scripting attacks.
Author:Fable
File Size:1164
Last Modified:Mar 23 21:01:00 2004
MD5 Checksum:d5a8c26bad7d2eae4c19369403edc9df

 ///  File Name: gm005-mc.txt
Description:
GreyMagic Security Advisory GM#005-MC - Both Yahoo and Hotmail are susceptible to cross site scripting attacks.
Homepage:http://security.greymagic.com/adv/gm005-mc/
File Size:4527
Last Modified:Mar 23 20:49:00 2004
MD5 Checksum:d92616a623403f44dcc8abe3ff567f06

 ///  File Name: wsftp402eval4.txt
Description:
Ipswitch WS_FTP server version 4.0.2.EVAL has a flaw that allows a remote attacker that ability to read any memory address. With the right address, the user can cause a buffer overflow and execute arbitrary code as SYSTEM.
Author:Hugh Mann
Related Exploit:xp_ws_ftp_server2.zip
File Size:1320
Last Modified:Mar 23 17:08:00 2004
MD5 Checksum:4a498c09d40073c1dd726cfac06a70fa

 ///  File Name: wsftp402eval2.txt
Description:
Ipswitch WS_FTP server version 4.0.2.EVAL allows a remote attacker to fill up the hard disk of the server via the REST command, resulting in a denial of service.
Author:Hugh Mann
File Size:1951
Last Modified:Mar 23 16:41:00 2004
MD5 Checksum:dfa540d6de41d78f9d74ef23367a7390

 ///  File Name: wsftp402eval.txt
Description:
Ipswitch WS_FTP server version 4.0.2.EVAL allows for a remote user with write access to a directory the ability to execute arbitrary code due to a buffer overflow in WS_FTP Server's STAT command when downloading a file the user created.
Author:Hugh Mann
Related Exploit:xp_ws_ftp_server.zip
File Size:2499
Last Modified:Mar 23 16:22:00 2004
MD5 Checksum:584b2040c538e3d89da88f206f59d717

 ///  File Name: waraxe-2004-SA008.txt
Description:
PHP-Nuke versions 6.x through 7.1.0 allow for link inclusions that can force an administrator to unknowingly add a superuser.
Author:Janek Vind aka waraxe
File Size:3004
Last Modified:Mar 23 01:57:00 2004
MD5 Checksum:16ed4cb0b4664693cee520faf21ab541

 ///  File Name: waraxe-2004-SA011.txt
Description:
MS Analysis module version 2.0 for PHP-Nuke has full path disclosure, cross site scripting, and SQL injection vulnerabilities.
Author:Janek Vind aka waraxe
File Size:6600
Last Modified:Mar 23 01:54:00 2004
MD5 Checksum:7bd49123ef6d14a8d1036985619167ff

 ///  File Name: modsurvey0321.txt
Description:
The mod_survey module versions 3.0.16-pre1 and below for Apache are susceptible to a script injection attack.
Author:Niklas Deutschman
File Size:4706
Last Modified:Mar 22 21:34:00 2004
MD5 Checksum:f206233ec99f76b47d3854937d0b91c2

 ///  File Name: phpBB207a.txt
Description:
phpBB versions 2.0.7a and below are susceptible to cross site scripting, SQL injection, and remote command execution attacks.
Author:JeiAr
Homepage:http://www.gulftech.org
File Size:7322
Last Modified:Mar 20 18:23:00 2004
MD5 Checksum:8c1c502b91197f96ecae43347d872b74

 ///  File Name: phpbbprofile.txt
Description:
phpBB 2.0.6d suffers from a cross site scripting vulnerability.
Author:Cheng Peng Su
File Size:1404
Last Modified:Mar 20 18:12:00 2004
MD5 Checksum:8a96d182867bd1bae916a3b61e995dca

 ///  File Name: moddiskcache.txt
Description:
mod_disk_cache, for versions of Apache 2.0.49 and below, stores all client authentication credentials for cached objects on disk. This means proxy authentication credentials and possibly in certain RFC2616 defined cases, standard authentication credentials.
Author:Andreas Steinmetz
File Size:4541
Last Modified:Mar 20 17:44:00 2004
MD5 Checksum:35f35aab82f5ee3c24bcf057d2067fee

 ///  File Name: apache2049.txt
Description:
Apache 2.0.49 has been released to address three security vulnerabilities. A race condition that allows for a denial of service attack, a condition that allow arbitrary strings to get written to the error log, and a memory leak in mod_ssl have all been addressed.
Homepage:http://www.apache.org/
File Size:15352
Related CVE(s):CAN-2004-0174, CAN-2003-0020, CAN-2004-0113
Last Modified:Mar 19 20:45:00 2004
MD5 Checksum:7d171df8390cd2316cd0e7b98fc2cdab

 ///  File Name: 03.19.04.txt
Description:
iDEFENSE Security Advisory 03.19.04: Exploitation of default file permissions in Borland Interbase can allow local attackers to gain database administrative privileges. The vulnerability specifically exists due to insecure permissions on the admin.ib user database file. Local attackers can add or modify existing accounts to gain administrative privileges.
Author:Larry Cashdollar
Homepage:http://www.idefense.com/
File Size:3324
Last Modified:Mar 19 20:42:00 2004
MD5 Checksum:08bc0ef21f02718f607d01cd1cc3ffc9

 ///  File Name: expcrashnp.txt
Description:
Internet Explorer and Explorer.exe can be crashed when a null pointer exception occurs during a shell: call with a double backslash for a filename.
Author:Rafel Ivgi aka The-Insider
Homepage:http://theinsider.deep-ice.com
File Size:2414
Last Modified:Mar 19 20:32:00 2004
MD5 Checksum:6d4bc179453917274d5cf3f9973eeeeb

 ///  File Name: nisrce.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR19042004b - Symantec's Norton Internet Security 2004 Professional makes use of an ActiveX component that is marked safe for scripting, particularly WrapUM.dll. Using the LaunchURL method an attacker has the ability to force the browser to run arbitrary executables on the target.
Author:Mark Litchfield
Homepage:http://www.ngssoftware.com/advisories/nisrce.txt
File Size:2559
Last Modified:Mar 19 19:23:00 2004
MD5 Checksum:463931f265ad4a0daff86e14957d6f76

 ///  File Name: antispam.txt
Description:
NGSSoftware Insight Security Research Advisory #NISR19042004a - Installed with Symantec's Norton AntiSpam 2004 product is an ActiveX component that is marked safe for scripting, particularly symspam.dll. However, when the method LaunchCustomRuleWizard is called with an overly long parameter, an attacker can cause a stack based overflow allowing for arbitrary code execution.
Author:Mark Litchfield
Homepage:http://www.ngssoftware.com/advisories/antispam.txt
File Size:2345
Last Modified:Mar 19 19:13:00 2004
MD5 Checksum:a351a8120d24537eb9f59f6ae9e60f6c

 ///  File Name: eEye.iss.txt
Description:
eEye Security Advisory - A critical vulnerability has been discovered in the PAM component used in all current ISS host, server, and network device solutions. A routine within the Protocol Analysis Module (PAM) that monitors ICQ server responses contains a series of stack based buffer overflow vulnerabilities. If the source port of an incoming UDP packet is 4000, it is assumed to be an ICQ v5 server response. Any incoming packet matching this criterion will be forwarded to the vulnerable routine.
Author:delivering a carefully crafted response packet to the broadcast address of a network operating RealSecure/BlackICE agents an attacker can achieve anonymous, remote SYSTEM access across all vulnerable nodes. Homepage: http://www.eEye.com.
File Size:4537
Last Modified:Mar 19 18:12:00 2004
MD5 Checksum:89bb0e2f36e4df086c28ec3597fcec82

 ///  File Name: macadmin.txt
Description:
The admin service on Mac OS-X, which runs on port 660, has a buffer overflow vulnerability.
Author:crEp
Homepage:http://www.crepinc.com
File Size:652
Last Modified:Mar 19 17:55:00 2004
MD5 Checksum:6e0b20cea6a04031757e096e76b4fb42

 ///  File Name: chrome1200.txt
Description:
Chrome versions 1.2.0.0 and below allow for reading and writing into allocated memory resulting in a server crash.
Author:Luigi Auriemma
Homepage:http://aluigi.altervista.org
Related Exploit:chromeboom.zip
File Size:2335
Last Modified:Mar 19 17:44:00 2004
MD5 Checksum:956615d9d99be41fe1be79fe590c0a2c

 ///  File Name: hotmailfun.txt
Description:
Some amusing flaws in Hotmail.com allows for credential theft.
Author:http-equiv@excite.com
Homepage:http://www.malware.com
File Size:2649
Last Modified:Mar 19 17:00:00 2004
MD5 Checksum:fe20ef3354aa143ca18df7704983ee22

 ///  File Name: realHelix9.txt
Description:
Pentest Limited Security Advisory - The RealNetworks Helix 9 Server allows for an authenticated attacker to submit malformed HTTP POST requests against the Administration server to trigger a buffer overflow and execute arbitrary code. Affected versions: Helix Universal Mobile Server and Gateway 10, version 10.1.1.120 and prior; Helix Universal Server and Gateway 9, version 9.0.2.881 and prior.
Homepage:http://www.pentest.co.uk/
File Size:2607
Related CVE(s):CAN-2004-0049
Last Modified:Mar 18 18:25:29 2004
MD5 Checksum:66d23f86209a9b83426d2f5cba1e4e4b

 ///  File Name: cisco-sa-20040317-openssl.txt
Description:
Cisco Security Advisory 20040317 - A new vulnerability in the OpenSSL implementation for SSL has been announced. An affected network device running an SSL server based on an affected OpenSSL implementation may be vulnerable to a Denial of Service (DoS) attack.
Homepage:http://www.cisco.com/go/psirt
Related File:secadv_20040317.txt
File Size:17262
Related CVE(s):CAN-2004-0079, CAN-2004-0112
Last Modified:Mar 17 16:44:08 2004
MD5 Checksum:3cb01c70770abc69086b0bdd50e675bf