the original cloud security
Showing 1 - 14 of 14 RSS Feed

Files

core.realplayer.txt
Posted Mar 29, 2003
Site coresecurity.com

CORE Security Technologies Advisory - RealPlayer versions 8, v2, v1, OS X, and others have a heap corruption vulnerability in the way RealPlayer deflates PNG images allowing remote attackers to gain access and execution rights of the user running the player.

tags | advisory, remote
systems | apple, osx
MD5 | a4c00fd16d7f06df504c6516a2b2199b
SymantecFW.txt
Posted Mar 29, 2003
Authored by Martin O'Neal

Corsaire Security Advisory - The Symantec Enterprise Firewall (SEF) 7.0 allows URLs to be blocked based on predefined regular expression patterns. Utilizing URL encoding techniques this functionality can be evaded.

tags | advisory
MD5 | 5eb98e7c10752b61879185ed61a1ddeb
MITKRB5-SA-2003-004-krb4.txt
Posted Mar 18, 2003
Site web.mit.edu

MIT KRB5 Security Advisory 2003-004 - A cryptographic weakness in version 4 of the Kerberos protocol allows an attacker to use a chosen-plaintext attack to impersonate any principal in a realm. Additional cryptographic weaknesses in the krb4 implementation included in the MIT krb5 distribution permit the use of cut-and-paste attacks to fabricate krb4 tickets for unauthorized client principals, effectively subverting a site's entire Kerberos authentication infrastructure. Patch available here.

tags | advisory, protocol
MD5 | 8e2e2cc517bb63a7eaa5be31838e0730
samba-2.2.8.txt
Posted Mar 17, 2003
Authored by Sebastian Krahmer | Site samba.org

A flaw has been detected in the Samba main smbd code which could allow an external attacker to remotely and anonymously gain Super User privileges on a server running a Samba server. This flaw exists in previous versions of Samba from 2.0.x to 2.2.7a inclusive.

tags | advisory
MD5 | 49274bb71b8cb19def5a90acc39ac026
Rapid7 Security Advisory 12
Posted Mar 14, 2003
Authored by Rapid7 | Site rapid7.com

Rapid 7 Security Advisory - In July 2001, the PROTOS protocol testing group at the University of Oulu in Finland released an LDAP protocol test suite that exposed flaws in LDAP implementations from multiple vendors. Lotus Domino R5.0.7a addressed these issues but regression testing on the R6 Beta release shows that it is still vulnerable to the issues PROTOS discovered. Vulnerable Versions: Lotus Notes/Domino R6 pre-release and beta versions, Lotus Domino R5.0.7 and earlier versions.

tags | advisory, protocol
MD5 | 2e6c90a821e779c3dbda59b76d33489f
Rapid7 Security Advisory 11
Posted Mar 14, 2003
Authored by Rapid7 | Site rapid7.com

Rapid 7 Security Advisory - The Lotus Notes/Domino Web Retriever functionality has an HTTP Status buffer overflow. By issuing an overly long status message in its HTTP response, a remote server can crash the Web Retriever process. The response line consists of the standard HTTP version and code followed by an overly long (~6000 bytes) status message, followed by two carriage return/linefeed pairs. Vulnerable Versions: Lotus Notes/Domino R4.5/4.6/5/6Beta servers and clients.

tags | advisory, remote, web, overflow
MD5 | 40e53ba17d34ef8d1c8b05473bbd76b6
pgp4pine.txt
Posted Mar 13, 2003
Authored by Eric AUGE

pgp4pine version 1.76 (and possibly below) has a vulnerability to a buffer overflow which allows specially crafted emails the ability to execute arbitrary code on the recipient box when the mail is opened.

tags | advisory, overflow, arbitrary
MD5 | 54d826392cd93239db67e924355d8ba7
iss.peoplesoft.txt
Posted Mar 11, 2003

ISS Security Advisory - ISS X-Force has discovered a flaw in the PeopleSoft PeopleTools application framework. Attackers could exploit a vulnerability to write arbitrary files with attacker-defined data under the permissions of the Web server via the "SchedulerTransfer" servlet.

tags | advisory, web, arbitrary
MD5 | 74ecd2ae8697481aa6239ec5f7560538
iemht.txt
Posted Mar 11, 2003
Authored by Tom Tanaka

Microsoft's Internet Explorer 5 introduced the new 'Web Archive' format for storing web pages; this has a potential security breach found when used with encoded executables along with a malformed MIME header.

tags | advisory, web
MD5 | e26989c0002971e2196aa5ce1d02ebe9
iss.sendmail.txt
Posted Mar 10, 2003
Site xforce.iss.net

ISS Security Advisory - A remote root vulnerability has been discovered in Sendmail v5.79 to 8.12.7 in the crackaddr() function which is used to parse headers. This vulnerability is especially dangerous because the exploit can be delivered within an email message and the attacker doesn't need any specific knowledge of the target to launch a successful attack.

tags | advisory, remote, root
MD5 | 7feba4bae3d64770d5a9ffb6eed360c7
iDEFENSE Security Advisory 2003-03-04.t
Posted Mar 7, 2003
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 03.04.03 - file(1) contains a buffer overflow vulnerability that can be leveraged by an attacker to execute arbitrary code under the privileges of another user.

tags | advisory, overflow, arbitrary
MD5 | 769f9499c5acf60f1eb7f5760569d0db
shopfactory.txt
Posted Mar 7, 2003
Authored by Maarten Hartsuijker

Shopfactory e-commerce application, which is used by over 40,000 Internet sites, allows alteration of order details. Data relational to end user input is stored in cookies, including the price of the items someone may be buying, which in turn allows them to alter the prices they pay. Versions affected: 5.8 and below.

tags | advisory
MD5 | 4ceb6b32839e2c64e025fd3be8b53561
SCSA008.txt
Posted Mar 4, 2003
Authored by Gregory Le Bras | Site security-corp.org

Security Corporation Security Advisory [SCSA-008]: PY-Livredor, an easy to use guestboot script using PHP4 and MySQL, has a Cross-Site Scripting vulnerability which allows attackers to inject script codes into the guestbook and use them on clients browser as if they were provided by the website.

tags | advisory, xss
MD5 | bb75a9b6af56af10f43d493f9021e60c
iDEFENSE Security Advisory 2003-02-27.t
Posted Mar 3, 2003
Authored by Andrew Griffiths, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 02.27.03 - Tcpdump v3.6 to 3.7.1 contains a remote denial of service vulnerability in the parsing of ISAKMP packets which allows malformed packets on TCP or UDP port 500 to cause tcpdump to stop processing packets.

tags | advisory, remote, denial of service, udp, tcp
MD5 | 25ca191ae9b34a0955bc9f5651c4abaf
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close