what you don't know can hurt you
Showing 1 - 25 of 114 RSS Feed

Files

asn1.html
Posted Jul 29, 2004
Site checkpoint.com

Checkpoint Security Advisory - An ASN.1 issue has been discovered affecting Check Point VPN-1 products during negotiations of a VPN tunnel which may cause a buffer overrun, potentially compromising the gateway. In certain circumstances, this compromise could allow further network compromise.

tags | advisory, overflow
MD5 | f4e9ac39212c97a4fcb082fede7a22ca
SSRT4782.txt
Posted Jul 28, 2004
Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with HP-UX running the CIFS Server. This buffer overflow could potentially be exploited to remotely gain access. HP-UX versions B.11.00, B.11.11, B.11.22, and B.11.23 are all affected.

tags | advisory, overflow
systems | hpux
MD5 | d61ad57ac28a5c887e36a94b552e508b
Secunia Security Advisory 12150
Posted Jul 28, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been discovered in Hitachi's Web Page Generator versions 1.x and 2.x and also Enterprise releases 3.x and 4.x. These include denial of service, cross site scripting, and content disclosure attacks.

tags | advisory, web, denial of service, vulnerability, xss
MD5 | 24a7ed4970aa66d8ac623a72ea68942c
Secunia Security Advisory 12107
Posted Jul 28, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Komrade has reported a vulnerability in FTP Surfer, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when handling filenames. This can be exploited to cause a buffer overflow, which is triggered when the application is closed, by tricking a user into opening a file with an overly long filename from a malicious FTP server. Successful exploitation may potentially allow execution of arbitrary code. The vulnerability has been reported in version 1.0.7. Other versions may also be affected.

tags | advisory, overflow, arbitrary
MD5 | ab12a4ac2315678b57a905607062c695
ASPRunner.txt
Posted Jul 28, 2004
Authored by Ferruh Mavituna | Site ferruh.mavituna.com

ASPRunner versions 2.x suffer from multiple vulnerabilities. Various SQL Injection, information disclosure, cross site scripting, and database download flaws exit.

tags | advisory, vulnerability, xss, sql injection, info disclosure
MD5 | 2c1676cc234b5d5adf1b6476c9578741
Secunia Security Advisory 12165
Posted Jul 28, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Ziv Kamir has reported a security issue in FTPGlide, which can be exploited by malicious, local users to view usernames and passwords. The problem is that the profiles used for connecting to FTP servers are stored in clear text and are readable by any local user. This has been reported to affect version 2.43.

tags | advisory, local
MD5 | a208647134ede8c415895cb655e65c76
phpMyFAQ Security Advisory 2004-07-27
Posted Jul 28, 2004
Authored by The phpMyFAQ Team | Site phpmyfaq.de

A flaw in phpMyFaq version 1.4.0 allows malicious users the ability to upload or delete arbitrary images.

tags | advisory, arbitrary
MD5 | 647c49671e5a96548308384ab76ec4ea
GLSA200407-19.txt
Posted Jul 27, 2004
Site gentoo.org

Gentoo Linux Security Advisory GLSA 200407-19 - Pavuk 0.x contains a bug that can allow an attacker to run arbitrary code via a buffer overflow in the Digest authentication code.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
MD5 | 8348347f9d1c6ccc27992306edea485d
leer_advisory.html
Posted Jul 27, 2004
Authored by Jordi Corrales | Site shellsec.net

An authentication error in Mensajeitor allows users to post messages with administrative privileges.

tags | advisory
MD5 | ef2ec2b7765f0b3472bfea52ca1aaa8c
mod_authz_svn-copy-advisory.txt
Posted Jul 26, 2004
Site subversion.tigris.org

Subversion versions up to and including 1.0.5 have a bug in mod_authz_svn that allows users with write access to read portions of the repository that they do not have read access to.

tags | advisory
MD5 | 2520a76f3d17802a2d29d13ad9b66794
Secunia Security Advisory 12153
Posted Jul 26, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Arne Bernin has reported a vulnerability in Dropbear SSH Server, potentially allowing malicious people to compromise a vulnerable system. The vulnerability is caused due freeing of uninitialised variables in the DSS verification code. Successful exploitation may allow execution of arbitrary code. This affects version 0.42 and earlier.

tags | advisory, arbitrary
MD5 | 2f7ef95acffd0ccdf437b4eb8fbb18fa
Secunia Security Advisory 12159
Posted Jul 26, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in OpenDocMan, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to a missing authentication check in commitchange.php when committing changes. This allows users to make unauthorised changes.

tags | advisory, php
MD5 | 67d98ae0e085c2487980452dee3d6511
helpboxSQL.txt
Posted Jul 24, 2004
Authored by Noam Rathaus | Site securiteam.com

HelpBox version 3.0.1 is susceptible to multiple SQL injection attacks, including ones that do not require the attack to be logged in.

tags | advisory, sql injection
MD5 | d68f83afc26cd2999955ce290775f133
57586.html
Posted Jul 24, 2004
Site sunsolve.sun.com

Sun Security Advisory - A security vulnerability in Sun Java System Portal Server Software 6.2 may allow a user to gain Calendar Server administrator credentials if the user changes the display options to select a non-default view. With these credentials, a user's session has unrestricted access to the calendar data and hence manipulation of that data. Such manipulation could include, but is not limited to: the deletion, creation, and modification of users, user information, calendar entries, and historical data.

tags | advisory, java
MD5 | bd214034800aca9d6908976ddf896100
Secunia Security Advisory 12127
Posted Jul 24, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Cyrille Barthelemy has reported a vulnerability in Nessus, potentially allowing malicious users to escalate their privileges. The problem is caused by a race condition in nessus-adduser if the user has not specified the environment variable TMPDIR. This has been reported to affect version 2.0.11. Prior versions may also be affected.

tags | advisory
MD5 | d96577b639dcfa77882c3e250348fc50
apc.PowerChute.txt
Posted Jul 24, 2004
Site nam-en.apc.com

APC PowerChute Business Editions 6.x and 7.x are susceptible to a denial of service attack.

tags | advisory, denial of service
MD5 | 93f8464f9ef461865346ed944d8f19ff
Vpop3.txt
Posted Jul 24, 2004
Authored by Dr. Insane, papabfs | Site members.lycos.co.uk

VPOP3 2.0.0k is susceptible to a denial of service attack due to a buffer overflow.

tags | advisory, denial of service, overflow
MD5 | 3f5c8f4d2d7aafaf6a7c2c10e020a448
Atstake Security Advisory 04-07-22.1
Posted Jul 23, 2004
Authored by Atstake, Jeremy Jethro | Site atstake.com

Atstake Security Advisory A072204-1 - A buffer overflow vulnerability was discovered in HP's implementation of the DCE endpoint mapper (epmap) which listens by default on TCP port 135. Successful exploitation of this vulnerability may allow an attacker to execute arbitrary commands on the targeted system with the privileges of the DCED process which is typically run as the root user.

tags | advisory, overflow, arbitrary, root, tcp
advisories | CVE-2004-0716
MD5 | fd8f19b877043fc9057dcf36fce043c2
cadslr1.txt
Posted Jul 23, 2004
Authored by Jordi Corrales | Site shellsec.net

A denial of service vulnerability exists in the Conceptronic CADSLR1 Router when a large Host: field is entered during an HTTP transaction.

tags | advisory, web, denial of service
MD5 | fcaa51be90b7b784b7de651b56876335
comcastWebmail.txt
Posted Jul 22, 2004
Authored by Michael Scheidell | Site secnap.com

Comcast Webmail AT+T Message Center version 1 had a flaw that allowed arbitrary code execution client-side due to the allowance of inbound HTML mail to be executed outside of the restricted zone.

tags | advisory, arbitrary, code execution
MD5 | 838bf54353bc557aa008fcdc02ce5d02
sambaOverruns.txt
Posted Jul 22, 2004
Site samba.org

Samba versions greater or equal to 2.2.29 and 3.0.0 have a buffer overrun located in the code used to support the mangling method = hash smb.conf option. Versions 3.0.2 suffer from buffer overrun in an internal routine used to decode base64 data during HTTP basic authentication.

tags | advisory, web, overflow
advisories | CVE-2004-0600, CVE-2004-0686
MD5 | 049c56c69520c4a0f2554e200f42aa58
whisperFTP.txt
Posted Jul 21, 2004
Authored by Komrade | Site unsecure.altervista.org

A buffer overflow in Whisper FTP Surfer 1.0.7 occurs when the client tries to delete a temporary file with an excessively long filename.

tags | advisory, overflow
MD5 | 753eef219f0cc2824040bb6d012d42d5
Cisco Security Advisory 20040721-ons
Posted Jul 21, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory: Several vulnerabilities have been reported in Cisco ONS 15000 based products, allowing malicious people to cause a denial of service or bypass authentication.

tags | advisory, denial of service, vulnerability
systems | cisco
MD5 | 39f21f48de0bd19fa062ca5674319404
lionmax.txt
Posted Jul 21, 2004
Authored by nekd0

LionMax Software WWW File Share Pro version 2.60 is susceptible to a denial of service attack.

tags | advisory, denial of service
MD5 | 98ee79a936abaee7ba101235880d8418
lexmarkDoS.txt
Posted Jul 21, 2004
Authored by Peter Kruse | Site csis.dk

Several Lexmark printers have HTTP servers embedded that are susceptible to a denial of service attacks via an overly long Host argument.

tags | advisory, web, denial of service
MD5 | 34ed0c9b60f28797846665ff792ae732
Page 1 of 5
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
New Magniber Ransomware Targets South Korea, Asia Pacific
Posted Oct 21, 2017

tags | headline, malware, china, fraud, korea
Hackers Race To Use Flash Exploit Before Vulnerable Systems Are Patched
Posted Oct 21, 2017

tags | headline, hacker, malware, flaw, cyberwar, adobe
Bitcoin Boom Prompts Growth Of Coin-Mining Malware
Posted Oct 21, 2017

tags | headline, malware, bank, fraud
How To Social Engineer Yourself Into High Security Facilities
Posted Oct 21, 2017

tags | headline, fraud, social
Phishers Getting Smarter By Making Use Of User Location
Posted Oct 20, 2017

tags | headline, malware, cybercrime, fraud, phish
OSX Malware Spread Via Compromised Software Downloads
Posted Oct 20, 2017

tags | headline, malware, apple
Canadian Spooks Release Their Own Malware Detection Tool
Posted Oct 20, 2017

tags | headline, government, malware, canada, spyware
Judge: MalwareTech Is No Longer Under Curfew, GPS Monitoring
Posted Oct 20, 2017

tags | headline, hacker, government, malware, usa, conference
Microsoft Mocks Google For Failed Security Fix Deployment Methodology
Posted Oct 19, 2017

tags | headline, microsoft, flaw, google, chrome
Malicious Mineraft Apps In Google Play Enslave Your Device To A Botnet
Posted Oct 19, 2017

tags | headline, malware, microsoft, phone, botnet, google
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close