exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 90 RSS Feed

Files

waraxe-2004-SA018.txt
Posted Apr 12, 2004
Authored by Janek Vind aka waraxe

PHP-Nuke versions 6.x through 7.2 have a flaw that allows for administrator level authentication bypass.

tags | advisory, php
SHA-256 | e506b19ed8619a63fd70561c25235584398ff9dd2637205db300cc42e775de9e
waraxe-2004-SA017.txt
Posted Apr 12, 2004
Authored by Janek Vind aka waraxe

PHP-Nuke versions 6.x through 7.2 have a flaw that allows for user level authentication bypass.

tags | advisory, php
SHA-256 | 24b939d8a82382eed2da1caaffa8502f8d77754e47102fee8be0407d1a625590
Adobe.Acrobat.txt
Posted Apr 11, 2004
Authored by Arman Nayyeri | Site 4rman.com

Adobe Acrobat versions 4 and 5 suffer from a denial of service vulnerability when too much memory gets allocated during file repair.

tags | advisory, denial of service
SHA-256 | ae5c07d771e63edb6f99d8fc14af107117cc067035f53d32dc45b613cd6612c0
MSOE.EML.txt
Posted Apr 11, 2004
Authored by Arman Nayyeri | Site 4rman.com

Microsoft Outlook Express 6.0 crashes when it attempts to open an EML file that contains a Sender: tag but does not have a From: tag.

tags | advisory
SHA-256 | 401226492dbcf372ba53324b71129d1a0638c59da040c0b64633814b86ffc654
MSIE.BMP.txt
Posted Apr 11, 2004
Authored by Arman Nayyeri | Site 4rman.com

Microsoft Internet Explorer versions 5.0 to 6.0 allocate memory for BMP files without verifying the actual size of them, allowing memory resources to be easily maxed, resulting in a denial of service.

tags | advisory, denial of service
SHA-256 | f138ac5cd2b69cba2ae88677e76ed4919082f5997dbe7d2c5d44f770f1d4c6df
rsniff.txt
Posted Apr 9, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

RSniff, the packet sniffer for Linux, is susceptible to a denial of service attack.

tags | advisory, denial of service
systems | linux
SHA-256 | 63e855d919cd019e79d1bb3e8434abfd0ecbdb2f5a5c18f5366896725207f863
GLSA20040412.txt
Posted Apr 9, 2004
Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200404-12 - Scorched 3D (build 36.2 and before) does not properly check the text entered in the Chat box (T key). Using format string characters, you can generate a heap overflow. This and several other unchecked buffers have been corrected in the build 37 release.

tags | advisory, overflow
systems | linux, gentoo
SHA-256 | 7cc0f27c7cfcf31aba5925849d764bba47c7530c06c0e539c47af1455f98b1a1
GLSA20040411.txt
Posted Apr 9, 2004
Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200404-11 - Multiple vulnerabilities have been found in the implementation of protocol H.323 contained in pwlib. Most of the vulnerabilities are in the parsing of ASN.1 elements which would allow an attacker to use a maliciously crafted ASN.1 element to cause unpredictable behavior in pwlib. Versions affected are 1.5.2-r2 and below.

tags | advisory, vulnerability, protocol
systems | linux, gentoo
advisories | CVE-2004-0097
SHA-256 | 658918b474c937ad91678732957c057690adb54ec7abe93ce910c34aef5c29d9
crackalaka.txt
Posted Apr 9, 2004
Authored by Donato Ferrante | Site autistici.org

Crackalaka version 1.0.8 is susceptible to a denial of service attack when it attempts to manage an unallocated sector of memory.

tags | advisory, denial of service
SHA-256 | 9dde802d0a2e809557045796e6a9e20512b83f9e5adb65b97c9b9917b77689ab
Technical Cyber Security Alert 2004-99A
Posted Apr 9, 2004
Authored by US-CERT, Art Manion | Site cert.org

CERT Advisory TA04-099A - A cross-domain scripting vulnerability in Microsoft Internet Explorer (IE) could allow an attacker to execute arbitrary code with the privileges of the user running IE. The attacker could also read and manipulate data on web sites in other domains or zones.

tags | advisory, web, arbitrary
advisories | CVE-2004-0380
SHA-256 | 45b5d0160e0525654903fd7af4653ab79ae3fdd6b7c8b72ed954e36b0b24feba
lcdproc.adv2
Posted Apr 9, 2004
Authored by Adriano Lima | Site priv8security.com

Priv8 Security Research Advisory #2004-002 - Versions 0.4.1 and below of LCDproc are vulnerable to multiple bugs that allow for arbitrary code execution.

tags | advisory, arbitrary, code execution
SHA-256 | 82092cf612491eeb7dec6e405e05b133230a3034908b558a3d4ebed584972c09
lcdproc.adv1
Posted Apr 9, 2004
Authored by Adriano Lima | Site priv8security.com

Priv8 Security Research Advisory #2004-001 - All versions of LCDproc are vulnerable to a remotely exploitable buffer overflow that allows attackers to execute arbitrary code. The problem appears in function parse_all_client_messages() of parse.c file where a loop does not check if MAXARGUMENTS were reached, causing the program to crash when lots of arguments are passed to the function.

tags | advisory, overflow, arbitrary
SHA-256 | e6a3e47f9d3eb96f5fee396fb74b7e9a707654dae6aef17892ce43f2ff5ebf5c
secadv01.txt
Posted Apr 9, 2004
Authored by Ioannis Migadakis | Site inaccessnetworks.com

InAccess Networks Security Advisory - A heap overflow vulnerability exists in Oracle 9iAS / 10g Application Server Web Cache that allows for arbitrary code execution.

tags | advisory, web, overflow, arbitrary, code execution
advisories | CVE-2004-0385
SHA-256 | 4e378c70e2ef00bc393079279435003c09bf5895c7e3812c496bd01f0d2d04f9
Cisco Security Advisory 20040407-username
Posted Apr 8, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 2004040 - A default username/password pair is present in all releases of the Wireless LAN Solution Engine (WLSE) and Hosting Solution Engine (HSE) software. A user who logs in using this username has complete control of the device. This username cannot be disabled. There is no workaround.

tags | advisory
systems | cisco
SHA-256 | 6a4be975d4201d649a7ffdf291e7929eaa6006a691c79fbabe79b61b888e910c
ie6crash.txt
Posted Apr 8, 2004
Authored by E. Kellinis

Internet Explorer 6 crashes when locally loading a page with a question mark in a SRC directive for an IFRAME.

tags | advisory
SHA-256 | db2729d2820dc69b04e1f7015ef4323602c2ea205588357e058d3c20a4af25c9
Cisco Security Advisory 20040408-vpnsm
Posted Apr 8, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20040408 - A malformed Internet Key Exchange (IKE) packet may cause the Cisco Catalyst 6500 Series Switch or the Cisco 7600 Series Internet Router hardware, with the VPNSM installed, to crash and reload.

tags | advisory
systems | cisco
SHA-256 | 0269ce725ef4e8d6cc8fa7275e00ab62e517f10e46ed46a4537532bfe38d0df9
waraxe-2004-SA014.txt
Posted Apr 8, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

AzDGDatingLite version 2.1.1 is susceptible to cross site scripting attacks.

tags | advisory, xss
SHA-256 | e325332f1004ce749d1d099b4a55c1d8ed2f024bc85f8b126169bb5fcd844b80
emule-0.42d.txt
Posted Apr 8, 2004
Authored by Kostya Kortchinsky

A vulnerability exists in eMule version 0.42d in the DecodeBase16() function.

tags | advisory
SHA-256 | d3e30ff715989d9e92860890797d21f465cf17dc44a3a328f0318d8843836dbd
mcfreescan.txt
Posted Apr 7, 2004
Authored by S G Masood

Further information regarding McAfee Freescan vulnerabilities that lead to information disclosure.

tags | advisory, vulnerability, info disclosure
SHA-256 | 0c933e94553d043a1ade2fa60200bacdbf752c331eeb9bcde070e7b8bcf06438
KAME-IKE.txt
Posted Apr 7, 2004
Authored by Ralf Spenneberg, Michal Ludvig, Hans Hacker

The KAME IKE Daemon Racoon does not verify RSA Signatures during Phase 1, allowing man-in-the-middle attacks and unauthorized connections.

tags | advisory
advisories | CVE-2004-0155
SHA-256 | 71543886817095206418704efa10659ef5beea8a3d20927b8bb9d160165178e0
keriofw4.txt
Posted Apr 7, 2004
Authored by E. Kellinis | Site cipher.org.uk

Kerio Personal Firewall version 4.0.13 is susceptible to a remote crash when using the web filter functionality.

tags | advisory, remote, web
SHA-256 | aa32e7e541c23dcecb86d058506f76e1a1c434d554050792b523589586bd9cbb
realr3t.txt
Posted Apr 7, 2004
Authored by Mark Litchfield | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR17042004 - By crafting malformed .R3T file it is possible to cause a stack based overruns in RealPlayer / RealOne Player. By forcing a browser to a website containing such a file, code could be executed on the target machine running in the context of the logged on user, alternatively the end user would be required to open the .R3T file as a mail attachment. Systems Affected: RealPlayer 8, RealOne Player, RealOne Player v2 for Windows only (all languages), RealPlayer 10 Beta (English only) and RealPlayer Enterprise (all versions, stand-alone and as configured by the RealPlayer Enterprise Manager).

tags | advisory, overflow
systems | windows
SHA-256 | 6d743136e2278e3913a2b15ed69ed2788f1f4b991aaed8aef0dce1951f4208cf
symantecVD.txt
Posted Apr 6, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

Symantec Virus Detection is susceptible to a buffer overflow.

tags | advisory, overflow, virus
SHA-256 | 31a857797e3983ace0f26dc8e18ec9b0bc7e387b4858a2de50c91d2630b74419
mcafeefreescan.txt
Posted Apr 6, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

Mcafee FreeScan is susceptible to buffer overflow and private information disclosure attacks.

tags | advisory, overflow, info disclosure
SHA-256 | 965b844a3cdf53e9218191c6a7f6de76daa2d357f51cad2f8a2e1a8cd4df2ca2
panda50.txt
Posted Apr 6, 2004
Authored by Rafel Ivgi | Site theinsider.deep-ice.com

Panda ActiveScan version 5.0 has a buffer overflow that allows for arbitrary code execution with SYSTEM level privileges.

tags | advisory, overflow, arbitrary, code execution
SHA-256 | bb4d99560509598cb4f1c03ef93898aab049201920dcb2e36a4f8e75db55b32f
Page 3 of 4
Back1234Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close