exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 105 RSS Feed

Files

liferayxss.txt
Posted May 24, 2004
Authored by Sandeep Giri

Liferay Enterprise Portal is said to be subject to multiple cross site scripting flaws.

tags | advisory, xss
SHA-256 | 6a406562d84aca76726075d51e3b23200851d5566a3bce7dbf86b4d418ad6b38
Secunia Security Advisory 11678
Posted May 21, 2004
Authored by Secunia

A vulnerability, caused due to an unspecified error within Xconfig, has been discovered in Exceed versions 9.x. When exploited, local users can bypass certain restrictions.

tags | advisory, local
SHA-256 | ed2ff2c4f566f565d33db59092d739c063a6c615a912c4ac303918b0f624d4d2
snsadv72.txt
Posted May 21, 2004
Authored by Yuu Arai

An ActiveX Control provided by Symantec Norton Antivirus 2004 contains a remotely exploitable DoS condition. In order to trigger this vulnerability, malicious website administrators must induce Internet Explorer users to view a specially crafted web site, which will consequently consume a lot of system resources.

tags | advisory, web, activex
SHA-256 | b8d95ab82a67ea2b5d834503696acb10b2db9577517d8d464b4f51e4ac230bb8
snmpdadv.txt
Posted May 21, 2004
Authored by priestmaster | Site priestmaster.org

ucd-snmp versions 4.2.6 and below suffer from a buffer overflow on the command line when the daemon is spawned.

tags | advisory, overflow
SHA-256 | 24514b893dcbc9255cf0b3b4192324d7c0f00059646711e8fb3fc0a35111ed7c
e107flaw.txt
Posted May 21, 2004
Authored by Chinchilla

All versions of e107 have a vulnerability that allows html tags and content to be posted to the stats page and to be listed under Referers. This allows an attacker to put any site link or code they want on the list of Referers.

tags | advisory
SHA-256 | 3d071845699b3f18e1a62591cd0f475ad46e2ef07f146eec7372ff10fd3ab1a3
clsid.txt
Posted May 21, 2004
Authored by Roozbeh Afrasiabi

Microsoft Windows Explorer suffers from a flaw where it will execute underlying files when they are linked in html pages.

tags | advisory
systems | windows
SHA-256 | fa8e114e14244e1f93821759c64b4ffa1f4446012b15d9869310e70a1b766d32
062004.txt
Posted May 19, 2004
Authored by Stefan Esser | Site security.e-matters.de

libneon versions 0.24.5 and below have a date parsing vulnerability that can cause a heap overflow leading to remote code execution.

tags | advisory, remote, overflow, code execution
SHA-256 | fd7e17bedc1598a0830757530b0b9b4afe6450f6c87086efb576758a8d95fde2
082004.txt
Posted May 19, 2004
Authored by Stefan Esser | Site security.e-matters.de

Subversion versions 1.0.2 and below suffer from a date parsing vulnerability that can be abused to allow remote code execution server-side.

tags | advisory, remote, code execution
SHA-256 | f76bddd9ae508f184655ae5c58ceb47a83f29a5ca92d28792bf23c723330af88
57560.txt
Posted May 19, 2004
Site sunsolve.sun.com

Sun has released an advisory regarding Java Secure Socket Extension. Versions 1.0.3, 1.0.3_01, and 1.0.3_02 of JSEE allow malicious web sites to impersonate trusted web sites.

tags | advisory, java, web
SHA-256 | 851e00d7595e3609cd0d8cb1108c79639bd8caa83fc7bef870c762fbbbc6dff7
zencart112d.txt
Posted May 19, 2004
Authored by Oliver Minack

Zen Cart version 1.1.2d fails to properly validate user-supplied input and in turn allows remote attackers the ability to perform SQL injection attacks.

tags | advisory, remote, sql injection
SHA-256 | 00045589f8f2e0543da948284faffdb7fa5dc401045ef97d927d197cb023d1bd
052004.txt
Posted May 19, 2004
Authored by Stefan Esser | Site security.e-matters.de

Within phpMyFAQ an input validation problem exists which allows an attacker to include arbitrary local files. With known tricks to inject PHP code into log or session files this could lead to remote PHP code execution. Versions affected are 1.3.12 and below for the stable releases, and 1.4.0-alpha1 and below for the developer releases.

tags | advisory, remote, arbitrary, local, php, code execution
SHA-256 | cc512101e9d54c9eba31343dacb2a44138d5ce10c2a326dca09787990a61a49c
adv-desktopini.txt
Posted May 19, 2004
Authored by Roozbeh Afrasiabi

Certain system folders on Microsoft Windows XP are created referencing the shellclassinfo in desktop.ini, allowing for executables to be masked as elsewise.

tags | advisory
systems | windows
SHA-256 | a4456c08095c611bdcec5b288f26f62db8ddb5844e28427b806218b0eb3b2218
072004.txt
Posted May 19, 2004
Authored by Stefan Esser | Site security.e-matters.de

Stable CVS releases up to 1.11.15 and CVS feature releases up to 1.12.7 both contain a flaw when deciding if a CVS entry line should get a modified or unchanged flag attached. This results in a heap overflow which can be exploited to execute arbitrary code on the CVS server. This could allow a repository compromise.

tags | advisory, overflow, arbitrary
advisories | CVE-2004-0396
SHA-256 | 00c2f250dd0b9f331e85b739415381b86f0e2189bb6869f8fc74364b3f7c03d1
advisory_private_key_compromise.html
Posted May 18, 2004
Site bluecoat.com

Blue Coat Security Gateway OS (SGOS) 3.x releases suffer from a private key disclosure vulnerability where the key and passphrase are stored in clear text when being imported via the web-based management console.

tags | advisory, web
SHA-256 | 618fc697e20741645614005f71356499b25ff5da2c4770eaab63019f287b71c3
outlooksilent.txt
Posted May 18, 2004
Authored by http-equiv

Microsoft Outlook 2003 allows for a security zone bypass when an embedded OLE object with a reference to a Windows media file in a Rich Text Format (RTF) message is received.

tags | advisory
systems | windows
SHA-256 | 5bf5bc65e12021c3781270decf58bd776d636f05498f59327d50d8ef47731e58
Secunia Security Advisory 11632
Posted May 18, 2004
Authored by Secunia

Secure Computing has reported multiple denial of service vulnerabilities in their Sidewinder G2 firewall.

tags | advisory, denial of service, vulnerability
SHA-256 | 174e7ee25f3feb9fddbfa8a1396ac9d3eb41c7891c1870711074ce1e244ed73f
HexView Security Advisory 2004-05-03.01
Posted May 18, 2004
Authored by HexView | Site sgi.com

SGI Security Advisory 20040503-01-P - Under certain conditions, rpc.mountd goes into an infinite loop while processing some RPC requests, causing a denial of service. Affected releases: SGI IRIX 6.5.x.

tags | advisory, denial of service
systems | irix
SHA-256 | 60b6fab3dcc07e154a22aa2c18072a5e408070846522782d959a9681d25da497
ActivePerlSystemBOF.txt
Posted May 18, 2004
Authored by Oliver

ActiveState's ActivePerl version 5.8.0 and 5.8.3 on the Win32 platform seems to have a buffer overflow that allows for the crashing of Perl.exe.

tags | advisory, overflow, perl
systems | windows
SHA-256 | cb74262362d1bc8c25961c0aed2a211fdd10c5d0201a54eb37c69c18a3cff6b0
waraxe-2004-SA029.txt
Posted May 18, 2004
Authored by Janek Vind aka waraxe | Site waraxe.us

PHP-Nuke versions 6.x to 7.3 allow for possible file inclusion.

tags | advisory, php, file inclusion
SHA-256 | 4d43d506de22ba54c5b3d72da244b7c2d217bc83ffb12200388c179db7006a74
ieImageMap.txt
Posted May 18, 2004
Authored by Paul Kurczaba | Site kurczaba.com

A vulnerability has been found in Microsoft Internet Explorer that allows an attacker to use a specially coded ImageMap to spoof the URL displayed in the lower, left hand corner of the browser.

tags | advisory, spoof
SHA-256 | 8c3fdeaa071f14ee81765c1b6df9a48ff1f40f432e665e83159d54309433249d
safari12.txt
Posted May 18, 2004
Authored by kang

Safari versions 1.2 and below suffer from a vulnerability that can lead to remote arbitrary code execution via the runscript aspect of the HTML rendering functionality.

tags | advisory, remote, arbitrary, code execution
SHA-256 | 9e44db693ef039ea12ac05b37053e283a17b3e84e0532483b7f21b85bf1753f8
webctxss.txt
Posted May 18, 2004
Authored by spiffomatic64

WebCT is susceptible to cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
SHA-256 | 773b3e54431153fe94a1a32d6773c83940f16f7a00f8f405d5b7c3f5865313e0
tttc.txt
Posted May 18, 2004
Authored by Kaloyan Olegov Georgiev

TTT-C is susceptible to multiple cross site scripting attacks due to the fact that it does not sanitize variables.

tags | advisory, xss
SHA-256 | c91bdc0933621f5763fcee66756f8fc9671ef644afef3cba1e18de848a62e167
netchat73.txt
Posted May 18, 2004
Authored by Marius Huse Jacobsen

NetChat, an application intended to allow users on the same subnet to chat with one another, is susceptible to a stack-based buffer overflow. Versions 7.3 and below are affected. The overflow allows for arbitrary code execution under the user running the application.

tags | advisory, overflow, arbitrary, code execution
SHA-256 | 0b23d03452960631df48fd8aceeddd1515e1df9580a7a65525607ba2e60e0f00
802.11vuln.txt
Posted May 18, 2004
Site auscert.org.au

AUSCERT Advisory - A vulnerability exists in hardware implementations of the IEEE 802.11 wireless protocol that allows for a trivial but effective attack against the availability of wireless local area network (WLAN) devices.

tags | advisory, local, protocol
SHA-256 | a46c2a37097c474213beefb0ef777f388574dfbff75a232f91c1838edbf91fe4
Page 2 of 5
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Life Imitates xkcd Comic As Florida Gang Beats Crypto Password From Retiree
Posted Sep 20, 2024

tags | headline, cybercrime, data loss, cryptography
1 In 10 Orgs Dumping Their Security Vendors After CrowdStrike Outage
Posted Sep 20, 2024

tags | headline, denial of service
Cyber Crooks Strut Away With Haute Couture Harvey Nichols Data
Posted Sep 20, 2024

tags | headline, hacker, privacy, britain, cybercrime, data loss, fraud
Noise Storms: Massive Amounts Of Spoofed Web Traffic Linked To China
Posted Sep 20, 2024

tags | headline, china
Tor Network Denies Report That Anonymity Is Completely Canceled
Posted Sep 20, 2024

tags | headline, government, privacy, cryptography
Marko Polo Hackers Found To Be Running Dozens Of Scams
Posted Sep 20, 2024

tags | headline, hacker, cybercrime, fraud, phish, cryptography
Re-Opened Three Mile Island Will Power AI Datacenters Under New Deal
Posted Sep 20, 2024

tags | headline, microsoft, botnet
Social Media Users Lack Control Over Data Used By AI, US FTC Says
Posted Sep 19, 2024

tags | headline, government, privacy, usa, data loss, botnet
Hackers Demand $6 Million From Seattle Airport Operators
Posted Sep 19, 2024

tags | headline, hacker, cybercrime, data loss, fraud, cryptography
Recent WhatsUp Gold Vulnerabilities Possibly Exploited In Ransomware Attacks
Posted Sep 19, 2024

tags | headline, malware, cybercrime, flaw, cryptography
View More News →
packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close