exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 105 RSS Feed

Files

adv77-K-159-2007.txt
Posted Mar 24, 2007
Authored by M.Hasran Addahroni | Site advisories.echo.or.id

Study Planner versions 0.15 and below suffer from a remote file inclusion vulnerability.

tags | advisory, remote, file inclusion
SHA-256 | 388e9f1ca8959efd2f10582c9a993dffe0de7f844e38ba572a05081033a1272d
Secunia Security Advisory 11724
Posted May 30, 2004
Authored by Secunia, David Brown, Aaron, Ren Puls

Apple has issued an updated version of Mac OS X, which fixes many unspecified vulnerabilities. An unspecified error reportedly exists within the NFS logging functionality when tracing system calls. Another unspecified error reportedly exists within LoginWindow when handling directory services lookups and console log files. Yet still another unspecified error exists within Packaging during package installation. Not to mention another unspecified error exists within the TCP/IP stack implementation when handling out-of-sequence TCP packets. Two more unspecified errors exist within AppleFileServer when using SSH and reporting errors and within Terminal when handling URLs.

tags | advisory, tcp, vulnerability
systems | apple, osx
SHA-256 | b46294fcf891e166c1351e0f4c3af5105060325db5d31033b1620b4ca1e2bde8
Secunia Security Advisory 11723
Posted May 30, 2004
Authored by Secunia, Steve Rumble

OpenBSD has issued an update for xdm. This fixes a security issue, which potentially may allow malicious users to gain unintended access to a system. A CVS version of XFree86 xdm, which is included in some versions of OpenBSD, has an error that causes it to listen for queries on a random TCP socket, even though requestPort is set to 0 in the configuration file.

tags | advisory, tcp
systems | openbsd
SHA-256 | c82f31032c3a636e7f95a92cb1b1e6670b590120dc40af3b103d4cf8b2e8d341
dsa-510.txt
Posted May 30, 2004
Authored by Matt Zimmerman | Site debian.org

Debian Security Advisory DSA 510-1 - jaguar discovered a format string vulnerability in jftpgw, an FTP proxy program, whereby a remote user could potentially cause arbitrary code to be executed with the privileges of the jftpgw server process, which runs as user nobody by default.

tags | advisory, remote, arbitrary
systems | linux, debian
advisories | CVE-2004-0448
SHA-256 | f55238d5fd6e9e9d981a76a2e1dc889b92861edfce10fd634692ef07f9ada8e8
dsa-509.txt
Posted May 30, 2004
Authored by Matt Zimmerman | Site debian.org

Debian Security Advisory DSA 509-1 - Steve Kemp discovered a vulnerability in xatitv, one of the programs in the gatos package. If an administrator removes the default configuration file, a local attacker can escalate to root privileges.

tags | advisory, local, root
systems | linux, debian
advisories | CVE-2004-0395
SHA-256 | 3ce34d6d1e5e9badae4bd01e62d08cce72041031812e1163569eaca982b69ca5
lduXSS.txt
Posted May 30, 2004
Authored by crypt0 | Site cyber-war.org

A cross site scripting vulnerability exist in the BBcodes of the LDU forum.

tags | advisory, xss
SHA-256 | 4a3e65669a7cee6e80864864c994010c9a21cbf66af3198951616a455f45c9e1
Mollensoft36.txt
Posted May 30, 2004
Authored by Chintan Trivedi | Site eos-india.net

Mollensoft Hyperion FTP Server version 3.6 is vulnerable to a buffer overflow attack via the CD command.

tags | advisory, overflow
SHA-256 | d3a915968b3a808a8aab52a590f6e69f951b643bc6a5e43b19d531415b94bfe3
Secunia Security Advisory 11534
Posted May 29, 2004
Authored by Georgi Guninski, Secunia | Site guninski.com

Georgi Guninski has discovered a vulnerability in mod_ssl versions below 2.8.17, which potentially can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a vulnerable system. Successful exploitation requires that the FakeBasicAuth option is enabled and that the malicious client certificate is issued from a trusted CA (Certificate Authority).

tags | advisory, denial of service
SHA-256 | 9510c3cbe496d79d6ba299e4a9cfefccde6cd32836986fc9c388bc98a38277d8
wildtangent.txt
Posted May 28, 2004
Authored by Peter Winter-Smith | Site ngssoftware.com

NGSSoftware Insight Security Research Advisory #NISR27052004 - It is possible to cause a number of buffer overruns within the WildTangent WTHoster and Web Driver modules via any method that takes a filename as a parameter. Version 4.0 tested and others are possibly affected.

tags | advisory, web, overflow
SHA-256 | 1fd4a6d0da967ff355c42ac21d6118964e275521cf330235468cd3d7fe398cc5
sunjavaapp.txt
Posted May 28, 2004
Authored by Marc Schoenefeld

Sun-Java-App-Server PE version 8.0 suffers from a path disclosure vulnerability when returning server error 500 pages.

tags | advisory, java
SHA-256 | 80f7cd44aca210a567313a3abe3eec919dc378cf120eb973210189e875ca9082
Technical Cyber Security Alert 2004-147A
Posted May 28, 2004
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert TA04-147A - A heap overflow vulnerability in the Concurrent Versions System (CVS) could allow a remote attacker to execute arbitrary code on a vulnerable system. Systems affected: Concurrent Versions System (CVS) versions prior to 1.11.16. CVS Features versions prior to 1.12.8.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2004-0396
SHA-256 | eb076a8b5b46b1ff5cdb1e09fb7058dfaf0b977564279a22443f627e735d5bc8
SSRT4724.txt
Posted May 28, 2004
Site support.openview.hp.com

Use Of TCP/IP Reserved Port Zero Causes Integrated Lights-Out (iLO) To Stop Responding. LAN management products that use port zero when accessing an Integrated Lights-Out (iLO) in a ProLiant server will cause iLO to become unresponsive. Port zero is specified as a reserved port by the Internet Engineering Task Force (IETF) and should not be used.

tags | advisory, tcp
SHA-256 | 89bf8595009c96fdcd64a1994970dee44c3b8ddbf57df3ebd1eaf1ce3c2b6205
minishare132.txt
Posted May 28, 2004
Authored by Donato Ferrante | Site autistici.org

MiniShare HTTP server version 1.3.2 is susceptible to a denial of service attack due to mismanagement of requests. If a HEAD or GET request is sent with only one line following it, the server will crash.

tags | advisory, web, denial of service
SHA-256 | 5c8714016e397698c8a92f9d1d06a4284a4966ce9ff23ddb246c6e039dd72d94
fsc-2004-1.shtml
Posted May 26, 2004
Site f-secure.com

F-Secure Security Bulletin FSC-2004-1 - Certain malformed LHA archives cause a buffer overflow when scanning them for viruses. The error typically causes a restart of one of the modules in the product. This leads to performance degradation and makes denial of service attacks possible. Product lines affected: F-Secure Internet Security 2004, F-Secure Anti-Virus 2004, Solutions based on F-Secure Personal Express 4.6x and 4.7x.

tags | advisory, denial of service, overflow, virus
SHA-256 | 8f08c9186c7fae40800fd260c2cd4a2448c15fac280f4b24f294d90a8c5af12f
HexView Security Advisory 2004-05-07.01
Posted May 26, 2004
Authored by HexView | Site support.sgi.com

SGI Security Advisory 20040507-01-P - Adam Gowdiak from the Poznan Supercomputing and Networking Center has reported that under certain conditions the /usr/sbin/cpr binary can be forced to load a user provided library while restarting the checkpointed process which can then be used to obtain root user privileges. All versions of IRIX prior to 6.5.25 are affected.

tags | advisory, root
systems | irix
advisories | CVE-2004-0134
SHA-256 | 7d950166788412a4f59d5667daca8545e4ae1aefd11cc0225a8adfe941090883
iDEFENSE Security Advisory 2004-05-26.t
Posted May 26, 2004
Authored by iDefense Labs, Rafel Ivgi | Site idefense.com

iDEFENSE Security Advisory 05.26.04: Remote exploitation of a buffer overflow in firmware release 1.1.9.4 of 3Com's OfficeConnect Remote 812 ADSL Router could allow a denial of service. By sending a specially formed long string to the telnet port of a vulnerable device containing Telnet escape sequences, it is possible to get it to either reboot or stop handling packets. If the device does not reboot spontaneously, it will require a manual reboot before continuing normal operation.

tags | advisory, remote, denial of service, overflow
advisories | CVE-2004-0476
SHA-256 | 02eabd38499d8724a5f09a1c30c54ba23979a167fff06c240818836ce07ce693
FreeBSD Security Advisory 2004.11
Posted May 26, 2004
Authored by The FreeBSD Project, Stephan Uphoff, Matt Dillon | Site freebsd.org

FreeBSD Security Advisory FreeBSD-SA-04:11.msync - Programming errors in the implementation of the msync(2) system call involving the MS_INVALIDATE operation lead to cache consistency problems between the virtual memory system and on-disk contents. In some situations, a user with read access to a file may be able to prevent changes to that file from being committed to disk.

tags | advisory
systems | freebsd
advisories | CVE-2004-0435
SHA-256 | 9b6d668eb3cd0d98e3221d430ab661e7250fbb287c53beec7fe79cda74993a1f
SSRT4719.txt
Posted May 26, 2004
Site support.openview.hp.com

A potential vulnerability has been identified with HP OpenView Select Access which could be exploited to allow a remote user unauthorized access. Versions affected: HP OpenView Select Access 5.0 Patch 4, 5.1 Patch 1, 5.2, and 6.0.

tags | advisory, remote
SHA-256 | 44fbd83f2d2bc48cdc0c9d5aa8124076fc2d4fb7caa1b872fab93589c56816f0
000072.html
Posted May 26, 2004

An unspecified vulnerability in Mailman versions 2.1.4 and below allow for malicious attackers to retrieve members' passwords.

tags | advisory
SHA-256 | d93d0fd773be8e5e62c7acbccec1ae4f85da4d7dd8ac94bd2a34545fc912a747
MACOSX.SSHURI.txt
Posted May 25, 2004
Authored by kang | Site insecure.ws

Mac OS X versions 10.3.3 and greater along with various browsers suffer from yet another URI silent code execution flaw using the SSH handler.

tags | advisory, code execution
systems | apple, osx
SHA-256 | c173dc60dc3dcd0f29d58c95ff45eb288a767853fda654b6a75c8906df2a304a
cpanelApache.txt
Posted May 25, 2004
Authored by Rob Brown

The options used by cPanel software to compile Apache 1.3.29 and PHP using the mod_phpsuexec option are flawed and allow any local user to execute arbitrary code as any other user owning a web accessible php file.

tags | advisory, web, arbitrary, local, php
SHA-256 | 958b7c3d603a8a91d715903c8001ca9e73ed468d5964833442f8c7b9303ec0a8
dsa-508.txt
Posted May 25, 2004
Authored by Matt Zimmerman | Site debian.org

Debian Security Advisory DSA 508-1 - Jaguar discovered a vulnerability in one component of xpcd, a PhotoCD viewer. xpcd-svga, part of xpcd which uses svgalib to display graphics on the console, would copy user-supplied data of arbitrary length into a fixed-size buffer in the pcd_open function.

tags | advisory, arbitrary
systems | linux, debian
advisories | CVE-2004-0402
SHA-256 | 933ad9aa3641a27d6c66de69c8de545087b7ec673c070c7da435f57c70450c89
e107.ramsa.txt
Posted May 25, 2004
Site ramsecurity.us

R.A.M. Security Advisory - All versions of e107 have a vulnerability in the user.php file that allows malicious attackers the ability to post cross site scripting or html tags to a website for a member.

tags | advisory, php, xss
SHA-256 | 267412fb6220a6406d117ae380c4a7d40de18ece7e3727e1c5c19947ef2675c2
netgearURI.txt
Posted May 25, 2004
Authored by Marc Ruef | Site computec.ch

Netgear RP114 devices, and possibly other related Netgear hardware, have a URI filtering bypass vulnerability when the URI being evaluated is larger than 220 bytes long.

tags | advisory, bypass
SHA-256 | 7c2791d42f4fe25ac35ea87b471ff12f43f5d2022deaf13d5ef51f4d2621d65f
021829.html
Posted May 24, 2004
Authored by Rosalina Hamar

Variant vulnerabilities have been disclosed regarding the flaw in Mac OS X where code can be silently delivered via the disk URI handler vulnerability.

tags | advisory, vulnerability
systems | apple, osx
SHA-256 | 7f4de2005e09f74eb0be7ac3e2f6d7f05ddc88c8a54064407622cfebe1b4a6ca
Page 1 of 5
Back12345Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
US Senators Propose Law To Require Bare Minimum Security Standards
Posted Nov 27, 2024

tags | headline, government, usa, password
Telco Engineer Who Spied On Employer For Beijing Gets 4 Years
Posted Nov 27, 2024

tags | headline, government, privacy, usa, phone, china, cyberwar, spyware, voip
New York Fines GEICO And Travelers $11.3 Million In Data Breach Cases
Posted Nov 27, 2024

tags | headline, hacker, government, privacy, usa, data loss
ProjectSend Vulnerability Exploited In The Wild
Posted Nov 27, 2024

tags | headline, hacker, flaw
CyberVolk Analysis Explores Ransomware, Hacktivism Connections
Posted Nov 27, 2024

tags | headline, hacker, malware, russia, cybercrime, cryptography
Russian Cyberspies Hacked Building Across Street From Target For W-Fi Attack
Posted Nov 25, 2024

tags | headline, hacker, government, russia, wireless, spyware
Cyberattacks Cost British Businesses $55 Billion In Past 5 Years
Posted Nov 25, 2024

tags | headline, malware, britain, cybercrime, fraud, cryptography
How The ZX Spectrum Became A 1980s Icon
Posted Nov 25, 2024

tags | headline, science
China Has Pwned Thousands And Thousands Of Telco Devices
Posted Nov 25, 2024

tags | headline, government, privacy, usa, china, cyberwar, spyware
Here's What Happens If You Don't Layer Network Security Or Remove Unused Web Shells
Posted Nov 22, 2024

tags | headline, government, privacy, cybercrime, data loss, japan
View More News →
packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close