Twenty Year Anniversary
Showing 1 - 25 of 147 RSS Feed

Files

xoops2x.txt
Posted Sep 2, 2004
Site cyruxnet.org

XOOPS versions 2.x is susceptible to a cross site scripting flaw in the Dictionary module.

tags | advisory, xss
MD5 | f375214a1bc893f211d91e00f68cc006
Secunia Security Advisory 12397
Posted Aug 31, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Samba 2.x, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the handling of client printer change notification requests. This can be exploited to crash smbd by sending a FindNextPrintChangeNotify() request without first sending a FindFirstPrintChangeNotify() request.

tags | advisory, denial of service
MD5 | d5666c5e84b029db9b0ccfd7634259e9
Secunia Security Advisory 12401
Posted Aug 31, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in Smart Guest Book 2.x, which may allow malicious people to gain knowledge of sensitive information. The problem is that the database file SmartGuestBook.mdb by default is accessible by anyone. This may disclose various information including the administrative username and password by downloading the file from an affected web site.

tags | advisory, web
MD5 | 4f23137671107931fc773cadb6479342
wsFTP-DoS.txt
Posted Aug 31, 2004
Authored by Lion

A vulnerability has been found in WS_FTP Server version 5.0.2. The problem is in the module handling the file path parsing.

tags | advisory, denial of service
MD5 | 45f8ca017c4f17ceda928639cf45fc29
cutenews136.txt
Posted Aug 31, 2004
Authored by e0r

Cute news versions 1.3.6 and below have a world writable news.txt file that allows for site defacement.

tags | advisory
MD5 | b4cb4a9a78153ee63a1d36488fbaafdb
Gentoo Linux Security Advisory 200408-27
Posted Aug 31, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200408-27 - Gaim versions below 0.81-r5 contain several security issues that might allow an attacker to execute arbitrary code or commands.

tags | advisory, arbitrary
systems | linux, gentoo
MD5 | fa74b29e37b3399e3e34150e3011dd00
Secunia Security Advisory 12392
Posted Aug 31, 2004
Authored by Secunia, J. Courcoul | Site secunia.com

Secunia Security Advisory - A vulnerability in Netscape can be exploited by malicious people to conduct phishing attacks. The problem is caused due to errors in the displaying of Java applets in a window when multiple tabs are used. This can be exploited to spoof the content of a HTML document from another HTML document being in a different tab. The vulnerability has been confirmed in Netscape 7.2 on Mac OS X 10.3.5.

tags | advisory, java, spoof
systems | apple, osx
MD5 | a3d5839b567a1ced126ff50a8cb12dfb
Secunia Security Advisory 12393
Posted Aug 31, 2004
Authored by Secunia, Mathieu Lacroix | Site secunia.com

Secunia Security Advisory - A vulnerability in Network Everywhere Cable/DSL 4-Port Router NR041 allows malicious people to conduct script insertion attacks.

tags | advisory
MD5 | a16e7b695f21d5302d8f217bebf320d4
Gentoo Linux Security Advisory 200408-26
Posted Aug 31, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200408-26 - zlib versions 1.2.1-r2 and below contain a bug in the handling of errors for the inflate() and inflateBack() functions, allowing for a denial of service attack.

tags | advisory, denial of service
systems | linux, gentoo
MD5 | f39ed46944fcd99ccbcfb1a8ba460203
Secunia Security Advisory 12364
Posted Aug 31, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - An unspecified vulnerability with an unknown impact has been reported in SugarCRM versions below 1.1f.

tags | advisory
MD5 | 4bad8783ac506022448353648997112a
Secunia Security Advisory 12366
Posted Aug 31, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in iChain, which can be exploited by malicious people to bypass security restrictions and conduct cross-site scripting and DoS (Denial of Service) attacks.

tags | advisory, denial of service, vulnerability, xss
MD5 | a5351bd9bbf71b235213d1cf6f9d34a7
Cisco Security Advisory 20040827-telnet
Posted Aug 31, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A specifically crafted Transmission Control Protocol (TCP) connection to a telnet or reverse telnet port of a Cisco device running Internetwork Operating System (IOS) may block further telnet, reverse telnet, Remote Shell (RSH), Secure Shell (SSH), and in some cases Hypertext Transport Protocol (HTTP) access to the Cisco device. Telnet, reverse telnet, RSH and SSH sessions established prior to exploitation are not affected. This vulnerability affects all Cisco devices that permit access via telnet or reverse telnet and are running an unfixed version of IOS.

tags | advisory, remote, web, shell, tcp, protocol
systems | cisco
MD5 | 506177d4b5000333071ea77d07b93772
groundControl1007.txt
Posted Aug 31, 2004
Authored by Luigi Auriemma | Site aluigi.altervista.org

Ground Control II: Operation Exodus versions 1.0.0.7 and below is susceptible to a denial of service attack when a packet larger than the maximum size supported is received.

tags | advisory, denial of service
MD5 | 279e738eb258ca3d2460e9855d873859
Gentoo Linux Security Advisory 200408-25
Posted Aug 31, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200408-25 - MoinMoin contains a bug allowing anonymous users to bypass ACLs (Access Control Lists) and carry out operations that should be limited to authorized users. Versions 1.2.2 and below are affected.

tags | advisory
systems | linux, gentoo
MD5 | 42f551f6f0e22f94d33e4d2751e59828
kotikWinAmp.txt
Posted Aug 31, 2004
Site k-otik.com

Advisory addendum for the Winamp vulnerability where insufficient restrictions on Winamp skin zip files (.wsz) allow a malicious attacker to place and execute arbitrary programs.

tags | advisory, arbitrary
MD5 | a017f7187f410f1253d2dec3b040be47
Secunia Security Advisory 12375
Posted Aug 31, 2004
Authored by Secunia, Rudolf Polzer | Site secunia.com

Secunia Security Advisory - A vulnerability exists in GNU a2ps 4.x that allows local users to escalate privileges due to insufficient validation of shell escape characters in filenames.

tags | advisory, shell, local
MD5 | 390af2b49f5c43f1c0aa7f618c5738c1
openbsdDoS.txt
Posted Aug 30, 2004
Authored by Vafa Izadinia

OpenBSD 3.5 is susceptible to a remote denial of service attack via a single ICMP echo request when set up as a gateway. Patch from OpenBSD included.

tags | advisory, remote, denial of service
systems | openbsd
MD5 | daeff80712162785ed832644720c5da5
gaucho140.html
Posted Aug 26, 2004
Authored by Tan Chew Keong | Site security.org.sg

Gaucho version 1.4 Build 145 is vulnerable to a buffer overflow when receiving malformed emails from a POP3 server. This vulnerability is triggered if Gaucho receives from the POP3 server, a specially crafted email that has an abnormally long string in the Content-Type field of the email header. This string will overwrite EIP via SEH, and can be exploited to execute arbitrary code.

tags | advisory, overflow, arbitrary
MD5 | 3382c9b3cbaca0beaf6ed81da2bcec76
Cisco Security Advisory 20040825-acs.shtml
Posted Aug 26, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory: Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution Engine) provide authentication, authorization, and accounting (AAA) services to network devices such as a network access server, Cisco PIX and a router. This advisory documents multiple Denial of Service (DoS) and authentication related vulnerabilities for the ACS Windows and the ACS Solution Engine servers.

tags | advisory, denial of service, vulnerability
systems | cisco, windows
MD5 | f2858435ac4834d0979d5e35489c7479
iDEFENSE Security Advisory 2004-08-25.2
Posted Aug 26, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 08.25.04-2 - Exploitation of a buffer overflow in the libDtHelp library included with CDE can allow local attackers to gain root privileges. The vulnerability specifically exists due to a lack of bounds checking on the LOGNAME environment variable. Local attackers can specify a long LOGNAME to trigger a buffer overflow in any application linked with libDtHelp. The overflow is activated once the help subsystem is accessed by selecting any option under the Help menu.

tags | advisory, overflow, local, root
advisories | CVE-2003-0834
MD5 | 78f592957d67bd46e19e9549026d4408
iDEFENSE Security Advisory 2004-08-25.t
Posted Aug 26, 2004
Authored by iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 08.25.04 - Remote exploitation of a buffer overflow vulnerability in Ipswitch Inc.'s WhatsUp Gold allows attackers to execute arbitrary code under the privileges of the user that instantiated the application. The problem specifically exists in the _maincfgret.cgi script accessible through the web server installed by WhatsUp Gold. By posting a long string for the value of 'instancename', a buffer overflow occurs allowing an attacker to redirect the flow of control and eventually execute arbitrary code. Fixed in version 8.03 Hotfix 1.

tags | advisory, remote, web, overflow, arbitrary, cgi
advisories | CVE-2004-0798
MD5 | acc26795c70843096074444b58e4db2f
IRM Security Advisory 10
Posted Aug 26, 2004
Authored by IRM Research | Site irmplc.com

IRM Security Advisory 010 - A bug exists in the Top Layer Attack Mitigator IPS 5500 software. In versions below 3.11.014, it can cause the IPS 5500 device to incorrectly enter an overload protection mode and negatively impact network traffic. In extreme cases, this can cause a denial of service condition. More than 2,000 concurrent HTTP requests can cause this condition to occur.

tags | advisory, web, denial of service
MD5 | c0ca33ff2cb9e29de9783e1085968115
Secunia Security Advisory 12368
Posted Aug 26, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Sourvivor has reported a vulnerability in Plesk 7.x, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
MD5 | ed7544af4c14d68e5aea799d40b28585
Secunia Security Advisory 12379
Posted Aug 26, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ISS X-Force has reported a vulnerability in the NSS library included with various Netscape products, which can be exploited by malicious people to compromise a vulnerable system. Affected systems: Netscape Enterprise Server, Netscape Personalization Engine, Netscape Directory Server, Netscape Certificate Management System. Editor's Note: This advisory was posted because ISS refuses to grant Packet Storm permission to add their advisories.

tags | advisory
MD5 | f8c0a0e86f4f097676ba8767cf8b149e
Secunia Security Advisory 12378
Posted Aug 26, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - ISS X-Force has reported a vulnerability in the NSS library included with Sun Java System Web Server, which can be exploited by malicious people to compromise a vulnerable system. System affected: Sun Java System Web Server (Sun ONE/iPlanet) 6.x. Editor's Note: This advisory was posted because ISS refuses to grant Packet Storm permission to add their advisories.

tags | advisory, java, web
MD5 | 33c979db0b342f7b89e56a7a66244550
Page 1 of 6
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

Top Authors In Last 30 Days

Recent News

News RSS Feed
The SIM Hijackers
Posted Jul 19, 2018

tags | headline, hacker, phone, fraud, password
Thousands Of US Voters' Data Exposed By Robocall Firm
Posted Jul 19, 2018

tags | headline, hacker, government, privacy, usa, data loss
Password Stealing Spying Malware Targets Ukrainian Government
Posted Jul 19, 2018

tags | headline, government, malware, cyberwar, spyware
PayPal's Venmo Found Leaking Transaction Details
Posted Jul 19, 2018

tags | headline, privacy, bank, data loss, flaw, paypal
007 Code Helps Stop Spectre Exploits Before They Exist
Posted Jul 17, 2018

tags | headline, flaw, patch, intel
Trump Wants To Work With Russia On Infosec. Security Experts: Lol No.
Posted Jul 17, 2018

tags | headline, hacker, government, usa, russia, fraud, cyberwar, spyware
Thousands Of Mega Logins Dumped Online, Exposing User Files
Posted Jul 17, 2018

tags | headline, privacy, data loss, password
Early Warning System Hunts Election Hackers
Posted Jul 17, 2018

tags | headline, hacker, government, usa, russia, fraud, cyberwar
After Indictment, Russian Hackers' Lives Changed Forever, Ex-Ambassador Says
Posted Jul 16, 2018

tags | headline, hacker, government, usa, russia, fraud, cyberwar, spyware
Can Graphical Passwords Keep Us Secure Online?
Posted Jul 16, 2018

tags | headline, data loss, password
View More News →
packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close