accept no compromises
Showing 1 - 8 of 8 RSS Feed

Files

11.19.02c.txt
Posted Nov 20, 2002
Authored by Bennett Haselton | Site idefense.com

iDEFENSE Security Advisory 11.19.02c - Users of Netscape Communicator 4.x's web browser and e-mail client who can be tricked into clicking on a malicious link can return the contents of the targeted user's preferences file often including e-mail password and URL history back to a remote attacker who redefines user_pref(), a javascript function.

tags | advisory, remote, web, javascript
MD5 | 395e9cf673b9914f64dad12d34178c04
11.19.02b.txt
Posted Nov 20, 2002
Authored by Bennett Haselton | Site idefense.com

iDEFENSE Security Advisory 11.19.02b - Remote exploitation of a weakness in Eudora v5.2 and below allows for the retrieval of sensitive information from a targeted Eudora users computer. Attackers send an e-mail to a Eudora user that directs him to a specific URL; the e-mail also contains an HTML-enabled e-mail attachment that contains scripting code.

tags | advisory, remote
MD5 | bfe60240d292949b370be55a2a3d2261
11.19.02a.txt
Posted Nov 20, 2002
Authored by Alex S. Harasic | Site idefense.com

iDEFENSE Security Advisory 11.19.02a - Linksys Cable/DSL Routers models BEFW11S4, BEFSR11, BEFSR41 and BEFSRU31 can be crashed when several thousand characters are passed in the password field of the device's web management interface. Exploitation simply requires the use of a web browser that can send long Basic Authentication fields to the affected router's interface. Fix available here.

tags | advisory, web
MD5 | 6d9464f8c33b0e6a0c6614a5dbca1e47
6D00B005PU.html
Posted Nov 19, 2002
Authored by Noam Rathaus | Site securiteam.com

Outlook Express version 5.50 and 6.0 contains a security vulnerability in the handling of S/MIME certificates which allows arbitrary code execution when inspecting a S/MIME signed message.

tags | advisory, arbitrary, code execution
MD5 | d4804b301083bcfe204c77883993e390
Next Generation Security Advisory 2002.4
Posted Nov 19, 2002
Authored by FJ Serna, NGSSoftware | Site ngsec.com

The iPlanet WebServer v4.x up to SP11 contains vulnerabilities which allow remote root command execution by using a cross site scripting vulnerability to redirect the Administrator's browser to a URL in a vulnerable perl script that will cause the open() command injection.

tags | advisory, remote, root, perl, vulnerability, xss
MD5 | d4f6a4c950dcbce4f1a86c95db657557
lagsa-com21.txt
Posted Nov 2, 2002
Authored by David | Site lag.securinet.qc.ca

Lag Security Advisory - Com21 cable modem configuration file feeding vulnerability. All Com21 DOXport 1110 cable modems with software version 2.1.1.106 are vulnerable to being fed a configuration file that will allow a user to have access to features that are not paid for by spoofing an ISP-side TFTP server to feed the data.

tags | advisory, spoof
MD5 | 93b75a2bb541c3f857c15239803ce791
idefense.abuse.txt
Posted Nov 2, 2002
Authored by David Endler | Site idefense.com

iDEFENSE Security Advisory 11.01.02 - Abuse is a popular side-scrolling video game that has a locally exploitable parsing error in the -net command line option allowing an attackers to gain root privileges.

tags | advisory, root
MD5 | 1ef3b53955def8f8b71f79bbbe2932db
netscreen25.txt
Posted Nov 2, 2002
Authored by H D Moore

Netscreen VPN solutions ship with an SSH daemon that is vulnerable to the SSH1 CRC32 bug. In the default configuration, SSH is not enabled on their devices and when enabled, it is expected that any CRC32 exploits used to attack said device will cause a crash and require a reboot. Original bug discovered by Michal Zalewski.

tags | advisory
MD5 | 5fed7ff8aace600e4148fcf25365f4e1
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Even Pokemon Go Was Used By Russia To Meddle In The Election
Posted Oct 13, 2017

tags | headline, government, usa, russia, cyberwar
US Voices Frustration With Warrant-Proof Encryption
Posted Oct 13, 2017

tags | headline, government, privacy, usa, cryptography
An Unknown Hacker Stole Sensitive Data On Australia's War Planes
Posted Oct 13, 2017

tags | headline, hacker, government, australia, data loss, cyberwar
Legacy Office Feature Used In Novel Document Attacks
Posted Oct 13, 2017

tags | headline, hacker, malware, microsoft, flaw
Equifax Rival TransUnion Also Sends Site Visitors To Malicious Pages
Posted Oct 12, 2017

tags | headline, malware
The Myth Of Responsible Encryption: Experts Say It Can't Work
Posted Oct 12, 2017

tags | headline, government, backdoor, cryptography
Equifax Removes Webpage After Malware Issue
Posted Oct 12, 2017

tags | headline, malware, fraud, flaw, adobe
Malware Checks Into Hyatt Hotels Again
Posted Oct 12, 2017

tags | headline, privacy, malware, bank, cybercrime, data loss, fraud
Rick And Morty Episode? Nope, Another CoinMiner
Posted Oct 12, 2017

tags | headline, fraud, cryptography
Judge Says US Government Has No Right To Rummage Through Anti-Trump Protest Website Logs
Posted Oct 12, 2017

tags | headline, government, privacy, usa, fraud
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close