the original cloud security
Showing 1 - 25 of 105 RSS Feed

Files

adv77-K-159-2007.txt
Posted Mar 24, 2007
Authored by M.Hasran Addahroni | Site advisories.echo.or.id

Study Planner versions 0.15 and below suffer from a remote file inclusion vulnerability.

tags | advisory, remote, file inclusion
MD5 | ddce209cddfcd082c8f2635b0beec66c
Secunia Security Advisory 11724
Posted May 30, 2004
Authored by Secunia, David Brown, Aaron, Ren Puls

Apple has issued an updated version of Mac OS X, which fixes many unspecified vulnerabilities. An unspecified error reportedly exists within the NFS logging functionality when tracing system calls. Another unspecified error reportedly exists within LoginWindow when handling directory services lookups and console log files. Yet still another unspecified error exists within Packaging during package installation. Not to mention another unspecified error exists within the TCP/IP stack implementation when handling out-of-sequence TCP packets. Two more unspecified errors exist within AppleFileServer when using SSH and reporting errors and within Terminal when handling URLs.

tags | advisory, tcp, vulnerability
systems | apple, osx
MD5 | 7a043a061f9b9080e31cb3e101ae7ebe
Secunia Security Advisory 11723
Posted May 30, 2004
Authored by Secunia, Steve Rumble

OpenBSD has issued an update for xdm. This fixes a security issue, which potentially may allow malicious users to gain unintended access to a system. A CVS version of XFree86 xdm, which is included in some versions of OpenBSD, has an error that causes it to listen for queries on a random TCP socket, even though requestPort is set to 0 in the configuration file.

tags | advisory, tcp
systems | openbsd
MD5 | 14b9c747284af8f4286f2b266ebb0c4a
dsa-510.txt
Posted May 30, 2004
Authored by Matt Zimmerman | Site debian.org

Debian Security Advisory DSA 510-1 - jaguar discovered a format string vulnerability in jftpgw, an FTP proxy program, whereby a remote user could potentially cause arbitrary code to be executed with the privileges of the jftpgw server process, which runs as user nobody by default.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2004-0448
MD5 | abeaaf252e7640c0ef709f46ea2e206f
dsa-509.txt
Posted May 30, 2004
Authored by Matt Zimmerman | Site debian.org

Debian Security Advisory DSA 509-1 - Steve Kemp discovered a vulnerability in xatitv, one of the programs in the gatos package. If an administrator removes the default configuration file, a local attacker can escalate to root privileges.

tags | advisory, local, root
systems | linux, debian
advisories | CVE-2004-0395
MD5 | 8e513db87dd560ae68c5ed832e87a45f
lduXSS.txt
Posted May 30, 2004
Authored by crypt0 | Site cyber-war.org

A cross site scripting vulnerability exist in the BBcodes of the LDU forum.

tags | advisory, xss
MD5 | 924907310ffd3709f6b835eadee11418
Mollensoft36.txt
Posted May 30, 2004
Authored by Chintan Trivedi | Site eos-india.net

Mollensoft Hyperion FTP Server version 3.6 is vulnerable to a buffer overflow attack via the CD command.

tags | advisory, overflow
MD5 | ed4a30926065c28a2f1212c3b73cff46
Secunia Security Advisory 11534
Posted May 29, 2004
Authored by Georgi Guninski, Secunia | Site guninski.com

Georgi Guninski has discovered a vulnerability in mod_ssl versions below 2.8.17, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Successful exploitation requires that the FakeBasicAuth option is enabled and that the malicious client certificate is issued from a trusted CA (Certificate Authority).

tags | advisory, denial of service
MD5 | 09b467d0d9a367dc251aaae6316a88c5
wildtangent.txt
Posted May 28, 2004
Authored by Peter Winter-Smith | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR27052004 - It is possible to cause a number of buffer overruns within the WildTangent WTHoster and Web Driver modules via any method that takes a filename as a parameter. Version 4.0 tested and others are possibly affected.

tags | advisory, web, overflow
MD5 | f074d3174ebc046ce09221657b72178a
sunjavaapp.txt
Posted May 28, 2004
Authored by Marc Schoenefeld

Sun-Java-App-Server PE version 8.0 suffers from a path disclosure vulnerability when returning server error 500 pages.

tags | advisory, java
MD5 | a1340be73e5fa96fb10be66e55cb2789
Technical Cyber Security Alert 2004-147A
Posted May 28, 2004
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA04-147A - A heap overflow vulnerability in the Concurrent Versions System (CVS) could allow a remote attacker to execute arbitrary code on a vulnerable system. Systems affected: Concurrent Versions System (CVS) versions prior to 1.11.16. CVS Features versions prior to 1.12.8.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2004-0396
MD5 | 2e0d84d03979a45b15c596936a0fa348
SSRT4724.txt
Posted May 28, 2004
Site support.openview.hp.com

Use Of TCP/IP Reserved Port Zero Causes Integrated Lights-Out (iLO) To Stop Responding. LAN management products that use port zero when accessing an Integrated Lights-Out (iLO) in a ProLiant server will cause iLO to become unresponsive. Port zero is specified as a reserved port by the Internet Engineering Task Force (IETF) and should not be used.

tags | advisory, tcp
MD5 | b5714e865abdbd6b17af261216dbb94c
minishare132.txt
Posted May 28, 2004
Authored by Donato Ferrante | Site autistici.org

MiniShare HTTP server version 1.3.2 is susceptible to a denial of service attack due to mismanagement of requests. If a HEAD or GET request is sent with only one line following it, the server will crash.

tags | advisory, web, denial of service
MD5 | b9408a34ff51863488b63616ccf25e42
fsc-2004-1.shtml
Posted May 26, 2004
Site f-secure.com

F-Secure Security Bulletin FSC-2004-1 - Certain malformed LHA archives cause a buffer overflow when scanning them for viruses. The error typically causes a restart of one of the modules in the product. This leads to performance degradation and makes denial of service attacks possible. Product lines affected: F-Secure Internet Security 2004, F-Secure Anti-Virus 2004, Solutions based on F-Secure Personal Express 4.6x and 4.7x.

tags | advisory, denial of service, overflow, virus
MD5 | 853fa2a7a72dbfb7afae1b4645b4c8ee
HexView Security Advisory 2004-05-07.01
Posted May 26, 2004
Authored by HexView | Site support.sgi.com

SGI Security Advisory 20040507-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions the /usr/sbin/cpr binary can be forced to load a user provided library while restarting the checkpointed process which can then be used to obtain root user privileges. All versions of IRIX prior to 6.5.25 are affected.

tags | advisory, root
systems | irix
advisories | CVE-2004-0134
MD5 | bca7813ef568a2aec8061ef1c2246dda
iDEFENSE Security Advisory 2004-05-26.t
Posted May 26, 2004
Authored by iDefense Labs, Rafel Ivgi | Site idefense.com

iDEFENSE Security Advisory 05.26.04: Remote exploitation of a buffer overflow in firmware release 1.1.9.4 of 3Com's OfficeConnect Remote 812 ADSL Router could allow a denial of service. By sending a specially formed long string to the telnet port of a vulnerable device containing Telnet escape sequences, it is possible to get it to either reboot or stop handling packets. If the device does not reboot spontaneously, it will require a manual reboot before continuing normal operation.

tags | advisory, remote, denial of service, overflow
advisories | CVE-2004-0476
MD5 | 41f1bb435f4e51da48d20824ab7a99a3
FreeBSD Security Advisory 2004.11
Posted May 26, 2004
Authored by The FreeBSD Project, Stephan Uphoff, Matt Dillon | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:11.msync - Programming errors in the implementation of the msync(2) system call involving the MS_INVALIDATE operation lead to cache consistency problems between the virtual memory system and on-disk contents. In some situations, a user with read access to a file may be able to prevent changes to that file from being committed to disk.

tags | advisory
systems | freebsd
advisories | CVE-2004-0435
MD5 | cb50bc11528130a72e93716778e80844
SSRT4719.txt
Posted May 26, 2004
Site support.openview.hp.com

A potential vulnerability has been identified with HP OpenView Select Access which could be exploited to allow a remote user unauthorized access. Versions affected: HP OpenView Select Access 5.0 Patch 4, 5.1 Patch 1, 5.2, and 6.0.

tags | advisory, remote
MD5 | 55c73c31c850f50aa4aceac74b1a4350
000072.html
Posted May 26, 2004

An unspecified vulnerability in Mailman versions 2.1.4 and below allow for malicious attackers to retrieve members' passwords.

tags | advisory
MD5 | b5cdde1e853645218fbe8b481ee482d7
MACOSX.SSHURI.txt
Posted May 25, 2004
Authored by kang | Site insecure.ws

Mac OS X versions 10.3.3 and greater along with various browsers suffer from yet another URI silent code execution flaw using the SSH handler.

tags | advisory, code execution
systems | apple, osx
MD5 | 43c14820da5ad7432988ed2bc8ec7c7d
cpanelApache.txt
Posted May 25, 2004
Authored by Rob Brown

The options used by cPanel software to compile Apache 1.3.29 and PHP using the mod_phpsuexec option are flawed and allow any local user to execute arbitrary code as any other user owning a web accessible php file.

tags | advisory, web, arbitrary, local, php
MD5 | 7b88b68b4fa4d957d1bd9e593e8fb0ce
dsa-508.txt
Posted May 25, 2004
Authored by Matt Zimmerman | Site debian.org

Debian Security Advisory DSA 508-1 - Jaguar discovered a vulnerability in one component of xpcd, a PhotoCD viewer. xpcd-svga, part of xpcd which uses svgalib to display graphics on the console, would copy user-supplied data of arbitrary length into a fixed-size buffer in the pcd_open function.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2004-0402
MD5 | 230dc02db9771dfbfeb854cb7f69cf59
e107.ramsa.txt
Posted May 25, 2004
Site ramsecurity.us

R.A.M. Security Advisory - All versions of e107 have a vulnerability in the user.php file that allows malicious attackers the ability to post cross site scripting or html tags to a website for a member.

tags | advisory, php, xss
MD5 | 54e918b831480f28fe959ad7a1a46a85
netgearURI.txt
Posted May 25, 2004
Authored by Marc Ruef | Site computec.ch

Netgear RP114 devices, and possibly other related Netgear hardware, have a URI filtering bypass vulnerability when the URI being evaluated is larger than 220 bytes long.

tags | advisory, bypass
MD5 | ce323745796bf51d574d7ce28c0c46e4
021829.html
Posted May 24, 2004
Authored by Rosalina Hamar

Variant vulnerabilities have been disclosed regarding the flaw in Mac OS X where code can be silently delivered via the disk URI handler vulnerability.

tags | advisory, vulnerability
systems | apple, osx
MD5 | d2862999845ac4b29764dced862fcb3c
Page 1 of 5
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
OAIC Received 114 Voluntary Data Breach Notifications In Two Years
Posted Oct 19, 2017

tags | headline, hacker, privacy, australia, data loss
US-CERT Predicts Machine Learning To Become Security Risk
Posted Oct 19, 2017

tags | headline, flaw
ATM Malware Available Online For Online $5,000
Posted Oct 18, 2017

tags | headline, malware, bank, cybercrime, fraud
Oracle Swats 252 Bugs In Patch Update
Posted Oct 18, 2017

tags | headline, flaw, patch, oracle
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close