exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 167 RSS Feed

Files

Gentoo Linux Security Advisory 200411-18
Posted Nov 12, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-18 - Chintan Trivedi discovered a vulnerability in Apache httpd 2.0 that is caused by improper enforcing of the field length limit in the header-parsing code. Versions below 2.0.52 are affected.

tags | advisory
systems | linux, gentoo
SHA-256 | 76d1d2898fb7705175f98e96ff30e6079808022a4cae65af6ca975adad7473fa
Cisco Security Advisory 20041110-dhcp
Posted Nov 12, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco IOS devices running branches of Cisco IOS version 12.2S that have Dynamic Host Configuration Protocol (DHCP) server or relay agent enabled, even if not configured, are vulnerable to a denial of service where the input queue becomes blocked when receiving specifically crafted DHCP packets.

tags | advisory, denial of service, protocol
systems | cisco
SHA-256 | 89807afc17f23328aab35d1069b6eb558975a974913e0b9e6ca6b7d05ac7da8f
hotfoon.txt
Posted Nov 12, 2004
Authored by Saudi Linux

Hotfoon, an Internet telephony utility, is susceptible to automatically opening up malicious links.

tags | advisory
SHA-256 | ddc1e8ae83b7a0c9f1ed84cc9287c94d6a5020c9168bb9b740df9b2a9018e98c
LSS-2004-11-3.txt
Posted Nov 12, 2004
Authored by Leon Juranic | Site security.lss.hr

LSS Security Advisory #LSS-2004-11-3 - There is a buffer overflow vulnerability in getnickuserhost() function that is called when BNC 2.8.9 is processing responses from an IRC server.

tags | advisory, overflow
SHA-256 | 02fa0c273544d6c6d6ca526d37deda64a325e297648c1b5d576c8fe3f8f09317
nortelVPN.txt
Posted Nov 12, 2004
Authored by Network Intelligence (I) Pvt. Ltd.

The Nortel Networks Contivity VPN Client authentication error message provides more information than is necessary, thus allowing an attacker to discover existing users on the system.

tags | advisory
SHA-256 | 6576f41f0da4b9552072593807ebc01db35f906e9339e3d99c75ff808b443230
squirrelXSS.txt
Posted Nov 12, 2004
Authored by Joost Pol | Site squirrelmail.org

SquirrelMail versions 1.4.3a and below suffer from a cross site scripting issue in the decoding of encoded text in certain headers. It correctly decodes the specially crafted header, but does not sanitize the decoded strings.

tags | advisory, xss
SHA-256 | 7e8ba7c0955736c617724cfb48418a3e21a671ca561f31c735c783a6d3f15e45
758884.html
Posted Nov 10, 2004
Authored by Roy Arends, Jakob Schlyter | Site uniras.gov.uk

NISCC Vulnerability Advisory 758884/NISCC/DNS - Several vulnerabilities have been discovered within the Domain Name System (DNS) protocol by two DNS experts.

tags | advisory, vulnerability, protocol
SHA-256 | f5067cbeef82c7e9ebe4319e90b7534d271c600b27efa839a3fc53279645a68f
57665.html
Posted Nov 10, 2004
Site sunsolve.sun.com

Sun Security Advisory - A security vulnerability in iPlanet Messaging Server/Sun ONE Messaging web-based e-mail may allow a remote unprivileged user the ability to gain unauthorized access to a webmail user's e-mail using a specially crafted e-mail message.

tags | advisory, remote, web
SHA-256 | 9960b64c657d1f090674bbc783b9277a42f87da8827b7db07a02cdf095dd27bc
MS04-039.html
Posted Nov 10, 2004
Authored by Martijn de Vries, Thomas de Klerk | Site microsoft.com

Microsoft Security Advisory MS04-039 - A spoofing vulnerability exists that can enable an attacker to spoof trusted Internet content. Users could believe they are accessing trusted Internet content when in reality they are accessing malicious Internet content, for example a malicious Web site.

tags | advisory, web, spoof
advisories | CVE-2004-0892
SHA-256 | 064efe33186d9c48dd686d2d40f88f2be3bece822a8b4753e81a66b11827539c
Gentoo Linux Security Advisory 200411-17
Posted Nov 10, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-17 - mtink is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.

tags | advisory, arbitrary, local
systems | linux, gentoo
SHA-256 | 0cb52e0b8edaf71f97709c5e924fe329859a89bb0d5dfad80190af0c49686ec8
eEye.kerio.txt
Posted Nov 10, 2004
Authored by Karl Lynn | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a severe denial of service vulnerability in the Kerio Personal Firewall product for Windows. The vulnerability allows a remote attacker to reliably render a system inoperative with one single packet. Physical access is required in order to bring an affected system out of this "frozen" state. This specific flaw exists within the component that performs low level processing of TCP, UDP, and ICMP packets. Kerio Personal Firewall 4.1.1 and prior.

tags | advisory, remote, denial of service, udp, tcp
systems | windows
SHA-256 | fc6f56e7525fecf78e38a0422cab20e07b4c2aaa3e3c445f0184c3b32f6f9403
Gentoo Linux Security Advisory 200411-16
Posted Nov 10, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-16 - zip contains a buffer overflow when creating a ZIP archive of files with very long path names. This could lead to the execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
SHA-256 | 15b7427391c292b38aca553baa876a691747809daa18db5a46144518b0c17eb3
dsa-590.txt
Posted Nov 10, 2004
Site debian.org

Debian Security Advisory 590-1 - Khan Shirani discovered a format string vulnerability in gnats, the GNU problem report management system. This problem may be exploited to execute arbitrary code.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2004-0623
SHA-256 | 003edaa09e05f34991c3b13efb82a96a16b8b67162fd2a345235220b28eb9b6c
Secunia Security Advisory 13135
Posted Nov 10, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in SQLgrey Postfix greylisting service, which can be exploited by malicious people to conduct SQL injection attacks.

tags | advisory, sql injection
SHA-256 | 61841bdae0e827e307486597a0d94776db9d3d0d0f0d93f8e93978b9a496419d
Secunia Security Advisory 13137
Posted Nov 10, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Positive Technologies has reported some vulnerabilities in Infuseum ASP Message Board, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection, asp
SHA-256 | 9d564683d836a04b4f7739d2a82591711e258f736c3f0e228ebe3c6ea8d5dd02
Secunia Security Advisory 13130
Posted Nov 10, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Samhain, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to a boundary error in the database update code. This can be exploited to cause a buffer overflow when a malicious directory is checked with Samhain. The vulnerability has been reported in versions 1.8.9 through 2.0.1.

tags | advisory, overflow, local
SHA-256 | d3cbc48d883a21087ebecd4355fae7ab4303c6a2ad69919784fe94d2334cc6d9
Secunia Security Advisory 13136
Posted Nov 10, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Positive Technologies has reported some vulnerabilities in Nucleus, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks.

tags | advisory, vulnerability, xss, sql injection
SHA-256 | 00c5308514f15323bb450a8b79c4fd05accf5b06b3170cb826de444057fe790b
netgearDG384.txt
Posted Nov 10, 2004
Authored by Dr. Insane

Netgear DG834 is susceptible to a denial of service attack and URL filtering bypass vulnerabilities.

tags | advisory, denial of service, vulnerability
SHA-256 | 5a9f33401454c1dd2cd894c887ab4df056a377c097ac5e4c9d56c45c802d51de
iDEFENSE Security Advisory 2004-11-08.t
Posted Nov 10, 2004
Authored by Karol Wiesek, iDefense Labs | Site idefense.com

iDEFENSE Security Advisory 11.08.04 - Remote exploitation of an input validation error in Samba could allow an attacker to consume system resources and potentially cause the target system to crash.

tags | advisory, remote
advisories | CVE-2004-0930
SHA-256 | 131548f64663e091c700d9c86eed756350dffa82c05ce5da3dfe0dec012e41a5
trusteXSS.txt
Posted Nov 10, 2004
Authored by Andrew Smith

truste.org is susceptible to cross site scripting flaws.

tags | advisory, xss
SHA-256 | 76d0098145229faa2de84016e96ea7c0a415314736ee1baafb2ca0847c857008
Secunia Security Advisory 13104
Posted Nov 10, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in JAF CMS, which can be exploited by malicious people to disclose sensitive information.

tags | advisory
SHA-256 | 52eca8656b068c07e67ee83aebf6a55f4be17338eb0917b94569a2a8d4c2cd8b
Secunia Security Advisory 13111
Posted Nov 10, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Mantis, which can be exploited by malicious users to gain knowledge of potentially sensitive information.

tags | advisory, vulnerability
SHA-256 | c26acae6d4f5d4a2bb53bac2c9834814ab643d5c3f00629c9c6d87bf15808248
jreDoS.txt
Posted Nov 10, 2004
Authored by Kurt Huwig

Java Runtime Environment versions 1.4.2, 1.5.0, and possible others are susceptible to a remote denial of service attack.

tags | advisory, java, remote, denial of service
SHA-256 | 0834f0d8c97e493e37382431176c3e2b024f4b9c11cb1d4bb30104ea6d9bcaef
Gentoo Linux Security Advisory 200411-15
Posted Nov 10, 2004
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200411-15 - groffer, included in the Groff package, and the der_chop script, included in the OpenSSL package, are both vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files with the rights of the user running the utility.

tags | advisory, arbitrary, local
systems | linux, gentoo
SHA-256 | 5025e3a05de356f4a2bd6b79e20a9aeefb98a062e3e5bdcaac7dab2552bedf0f
dsa-586.txt
Posted Nov 10, 2004
Site debian.org

Debian Security Advisory 586-1 - The upstream developers of Ruby have corrected a problem in the CGI module for this language. Specially crafted requests could cause an infinite loop and thus cause the program to eat up cpu cycles.

tags | advisory, cgi, ruby
systems | linux, debian
advisories | CVE-2004-0983
SHA-256 | 2806acec54a192be97e35fa9729590802c0f92926e29bd6b5388f7a2a57ba55b
Page 5 of 7
Back34567Next

Top Authors In Last 30 Days

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close