the original cloud security
Showing 1 - 25 of 90 RSS Feed

Files

advisory-04.txt
Posted Apr 28, 2004
Authored by DarkBicho | Site darkbicho.tk

paFileDB version 3.1 suffers from path disclosure and cross site scripting flaws.

tags | advisory, xss
MD5 | cae8846cd34224d112651b525dbbc79d
digiwww.txt
Posted Apr 28, 2004
Authored by Donato Ferrante | Site autistici.org

DiGi WWW Server version Compieuw.1 suffers from a DoS vulnerability due to a malformed URL.

tags | advisory, denial of service
MD5 | 10aed3b00ae6eea78f8f8d5e157fb1ab
HP_Web_Jetadmin_advisory.txt
Posted Apr 28, 2004
Authored by FX | Site phenoelit.de

Phenoelit Advisory #0815 - Multiple vulnerabilities exist in the HP Web JetAdmin product. Version 6.5 is fully affect. Versions 7.0 and 6.2 and below are partially affected. A vulnerability summary list: Source disclosure of HTS and INC files, real path disclosure of critical files, critical files accessible through web server, user and administrator password disclosure and decryption, user and administrator password replay, and many, many others.

tags | advisory, web, vulnerability
MD5 | e3e5f8476c574e691368a1f5161fc720
waraxe-2004-SA024.txt
Posted Apr 28, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

Network Query Tool version 1.6 suffers from a cross site scripting and full path disclosure vulnerability.

tags | advisory, xss
MD5 | d1445060688487a6f6a63d4c18dc813c
eEye.symantec.txt
Posted Apr 28, 2004
Authored by Karl Lynn | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a severe denial of service vulnerability in the Symantec Client Firewall products for Windows. The vulnerability allows a remote attacker to reliably render a system inoperative with one single packet. Physical access is required in order to bring an affected system out of this "frozen" state. This specific flaw exists within the component that performs low level processing of TCP packets.

tags | advisory, remote, denial of service, tcp
systems | windows
advisories | CVE-2004-0375
MD5 | 1a8e0db404df2e472bc8537292e8ae07
openbb106.txt
Posted Apr 25, 2004
Authored by James Bercegay | Site gulftech.org

Open Bulletin Board versions 1.0.6 and below suffer from cross site scripting, SQL injection, and arbitrary command execution flaws.

tags | advisory, arbitrary, xss, sql injection
MD5 | d312d326fb6de5ac0f588ae4da200302
explorer-vuln.txt
Posted Apr 25, 2004
Authored by Rodrigo Gutierrez

Windows fails to handle long share names when accessing a remote file servers such as samba, allowing a malicious server to crash the clients explorer and the ability to execute arbitrary code in the machine as the current user (usually with Administrator rights on Windows machines). Verified to still work on IE 5.0.3700.1000 on Win2k SP4. The author originally notified Microsoft in early 2002.

tags | advisory, remote, arbitrary
systems | windows, 2k
MD5 | 893d27ad9ddf3bac6cbd8baf44e2d5b7
Atstake Security Advisory 04-04-22.1
Posted Apr 24, 2004
Authored by Atstake, Jeremy Jethro | Site atstake.com

Atstake Security Advisory A042204-1 - The SiteMinder Affiliate Agent plugin version 4.x is susceptible to a remotely exploitable heap overflow when the SMPROFILE cookie is passed a large value. This affect the Solaris, Windows, and HP-UX platforms.

tags | advisory, overflow
systems | windows, solaris, hpux
advisories | CVE-2004-0425
MD5 | 3e5b35e4323fe96cea4d9218a69b73c3
fusion.txt
Posted Apr 24, 2004
Authored by DarkBicho | Site darkbicho.tk

fusion news version 3.6.1 suffers from a cross site scripting vulnerability.

tags | advisory, xss
MD5 | 0d465d8cfbb48effc4006aecde0d7944
Technical Cyber Security Alert 2004-111A
Posted Apr 23, 2004
Authored by US-CERT | Site cert.org

Technical Cyber Security Alert TA04-111A - Most implementations of the Border Gateway Protocol (BGP) rely on the Transmission Control Protocol (TCP) to maintain persistent unauthenticated network sessions. There is a vulnerability in TCP which allows remote attackers to terminate network sessions. Sustained exploitation of this vulnerability could lead to a denial of service condition; in the case of BGP systems, portions of the Internet community may be affected. Routing operations would recover quickly after such attacks ended.

tags | advisory, remote, denial of service, tcp, protocol
advisories | CVE-2004-0230
MD5 | e962a745188ee0ebe20c6eccbac1bdc1
Secunia Security Advisory 11464
Posted Apr 23, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory SA11464 - Brad Spengler has reported a vulnerability in the Linux kernel, which can be exploited by malicious, local users to gain knowledge of sensitive information. The vulnerability is caused due to a signedness error within the cpufreq proc handler, which allows arbitrary kernel memory regions to be read.

tags | advisory, arbitrary, kernel, local
systems | linux
MD5 | 2a4aed641bfb4ac94c89c1c2ff46037f
fastream.txt
Posted Apr 23, 2004
Authored by Donato Ferrante | Site autistici.org

Fastream NETFile FTP / HTTP server version 6.5.1.980 is susceptible to a denial of service attack due to an inability to handle nonexistent user names.

tags | advisory, web, denial of service
MD5 | 7f21738e0c24a152b2f4a0e018a1b3f9
iDEFENSE Security Advisory 2004-04-15.t
Posted Apr 22, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 04.15.04: Remote exploitation of a denial of service (DoS) vulnerability in RealNetworks, Inc.'s Helix Universal Server could allow an attacker to restart and potentially disable the server.

tags | advisory, remote, denial of service
advisories | CVE-2004-0389
MD5 | a6c52904a921ea898733b7cbc6af9a5a
unrealEngine2.txt
Posted Apr 22, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

The Unreal engine developed by EpicGames has a flaw with UMOD where it handles information from files without properly filtering for dangerous characters. Using a standard directory traversal attack, an attacker is able to go outside of the game's directory to overwrite any file in the partition on which the game is installed.

tags | advisory
MD5 | c092f526fd969a6b6506cbf489792308
eEye.yahoo.txt
Posted Apr 22, 2004
Authored by Drew Copley | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a security hole in Yahoo! Mail which allows a remote attacker to take over an account remotely by sending a specially crafted email.

tags | advisory, remote
MD5 | 1f6c099136596df156de1d37e887fc3b
advguest.txt
Posted Apr 22, 2004
Authored by JQ

Advanced Guestbook web application version 2.2 is susceptible to a SQL injection attack.

tags | advisory, web, sql injection
MD5 | 601545f561f0a1de4ae46a1bbc7a06af
Cisco Security Advisory 20040420-tcp-ios
Posted Apr 22, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory: Multiple IOS based Cisco products are susceptible to the TCP vulnerability that allows an attacker easier exploitation of reseting an established connection. All Cisco products which contain a TCP stack are susceptible to this vulnerability. Huge list included.

tags | advisory, tcp
systems | cisco
advisories | CVE-2004-0230
MD5 | 663728941831d9d63a38198a2d659230
Cisco Security Advisory 20040420-tcp-nonios
Posted Apr 22, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory: Multiple non-IOS based Cisco products are susceptible to the TCP vulnerability that allows an attacker easier exploitation of reseting an established connection. All Cisco products which contain a TCP stack are susceptible to this vulnerability. Huge list included.

tags | advisory, tcp
systems | cisco
advisories | CVE-2004-0230
MD5 | ab5fb916f6cb82da579a4d6ff70daf27
ncFTP317.txt
Posted Apr 22, 2004
Authored by Konstantin V. Gavrilenko | Site arhont.com

ncftp versions 3.1.6/120 and 3.1.7/120 do not hash passwords under certain conditions allowing for their leakage via simple utilities like ps.

tags | advisory
MD5 | a9d97a6c6a7af07892e74439d07e8ea5
246929.html
Posted Apr 22, 2004
Site uniras.gov.uk

NISCC Vulnerability Advisory 236929 - Vulnerability Issues in TCP. The vulnerability described in this advisory affects implementations of the Transmission Control Protocol (TCP) that comply with the Internet Engineering Task Force's

tags | advisory, denial of service, tcp, protocol
advisories | CVE-2004-0230
MD5 | cff2aaba6bb7c03aa105c4ed0ce9e768
XSA-2004-1and2.html
Posted Apr 21, 2004
Site xinehq.de

When opening a malicious MRL in any xine-lib or xine-ui based media player, an attacker can write arbitrary content to an arbitrary file, only restricted by the permissions of the user running the application.

tags | advisory, arbitrary
MD5 | 35b1987cd627eb2eda88919e59e11d08
Secunia Security Advisory 11431
Posted Apr 21, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory SA11431 - Journalness versions below 3.0.8 suffer from a vulnerability that can be exploited by invalid users to create and edit posts.

tags | advisory
MD5 | 0a47d70f911fb6cc463c31f2530b266e
Technical Cyber Security Alert 2004-111B
Posted Apr 20, 2004
Authored by US-CERT | Site cert.org

Technical Cyber Security Alert TA04-111B - There is a vulnerability in Cisco's Internetwork Operating System (IOS) SNMP service. When vulnerable Cisco routers or switches process specific SNMP requests, the system may reboot. If repeatedly exploited, this vulnerability could result in a sustained denial of service (DoS).

tags | advisory, denial of service
systems | cisco
MD5 | df16f791ed8703fbc22092e035e8b3a5
isec-0015-msfilter.txt
Posted Apr 20, 2004
Authored by Wojciech Purczynski, Paul Starzetz | Site isec.pl

Linux kernel versions 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 have an integer overflow in setsockopt MCAST_MSFILTER. Proper exploitation of this vulnerability can lead to privilege escalation.

tags | advisory, overflow, kernel
systems | linux
MD5 | fe315a954750890589fd4ce37cdce068
MDKSA-2004:031.txt
Posted Apr 19, 2004
Authored by Steve Grubb | Site mandrakesecure.net

Mandrake Linux Security Update Advisory - Problems lie in the utempter program versions 10.0, 9.2, 9.1, Corporate Server 2.1, and Multi Network Firewall 8.2 that allow for arbitrary file overwrites and denial of service attacks.

tags | advisory, denial of service, arbitrary
systems | linux, mandrake
advisories | CVE-2004-0233
MD5 | 5cccf5c233164f75ee1005a187215e83
Page 1 of 4
Back1234Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close