what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 253 RSS Feed

Files

2004-advisories.tgz
Posted Jan 2, 2005

Packet Storm new advisories for all of 2004.

tags | advisory
SHA-256 | a78833f12adaa17febcf862ccf36be61b496ba7243db1e22d6a85f2c0ec4091e
jackformail.txt
Posted Jan 2, 2005
Authored by Hack Hawk

Jacks FormMail.php script can be manipulated into sending arbitrary files from the server. Version 5.0 is affected.

tags | advisory, arbitrary, php
SHA-256 | f0b8e6608716da6296ab9be0b7e223adf0c401e1180e46a5525bf1484d5f0f76
IbProfArcade.txt
Posted Jan 2, 2005
Authored by Mike Bailey

A flaw exists in the high scores module of IbProArcade which allows for malicious SQL injection.

tags | advisory, sql injection
SHA-256 | cb57b1789765acc2260049eac8f3fda899d21004e3880d382e1410c230cf0e82
argosoft_advisory.txt
Posted Jan 2, 2005
Authored by Steven | Site lovebug.org

Versions prior to 1.4.2.1 of the ArGoSoft FTP server will disclose whether or not a supplied username is valid or not. A login name supplied with the USER command will not be accepted unless it is valid.

tags | advisory
SHA-256 | 89ccfd2a196725b8e9084c125c42f0d20b43c9aa550dedd42679aa8a4121ac54
Gentoo Linux Security Advisory 200412-27
Posted Jan 2, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200412-27 - cYon discovered that the authform.inc.php script allows a remote user to define the global variable path_pre.

tags | advisory, remote, php
systems | linux, gentoo
SHA-256 | 302e083956c4e9d535211a0e087ff8cf7771ae87b9c57c44fb4ba802744efdc3
Gentoo Linux Security Advisory 200412-24
Posted Jan 2, 2005
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory GLSA 200412-24 - New integer overflows were discovered in Xpdf, potentially resulting in the execution of arbitrary code. GPdf includes Xpdf code and therefore is vulnerable to the same issues.

tags | advisory, overflow, arbitrary
systems | linux, gentoo
SHA-256 | 99c92e9ed327bdf61cd14458d9ffcd70882b4eb6cd7ff444abbdff35a5d37d3e
7a69-17.txt
Posted Jan 2, 2005
Authored by Albert Puigsech Galicia

7a69ezine Advisories #17 - Internet Explorer version 6.0.3790.0 suffers from an FTP download path disclosure flaw.

tags | advisory
SHA-256 | f829843a3f2ac0a1644d494c0cb49e25bfb90a61e50ec58f66cc5fa74a8bc87a
Secunia Security Advisory 13696
Posted Jan 2, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - The vendor has acknowledged a vulnerability in kio_ftp, which can be exploited by malicious people to conduct FTP command injection attacks.

tags | advisory
SHA-256 | 02bbae4dec3af0b17cf926532f1af258386feb7c54e1e34527e6bab214605fab
Secunia Security Advisory 13677
Posted Jan 2, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - sullo has reported multiple vulnerabilities in Eventum, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks and potentially bypass certain security restrictions.

tags | advisory, vulnerability, xss
SHA-256 | c61ffc1ad7861cd0cbd55a27081cb9061eaa04e134a4d6b0afb8b7adeda89fc7
Secunia Security Advisory 13671
Posted Jan 2, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Symantec has acknowledged three vulnerabilities in the Nexland Firewall Appliances, which can be exploited by malicious people to cause a DoS (Denial of Service), identify active services, and manipulate the firewall configuration.

tags | advisory, denial of service, vulnerability
SHA-256 | 4803087c1aa3833fb14343e12dda8b3921d0e4b3b4444fe122440c1e47937c9f
Secunia Security Advisory 13679
Posted Jan 2, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability in aStats can be exploited by malicious, local users to perform certain actions on a vulnerable system to gain escalated privileges.

tags | advisory, local
SHA-256 | 4a056c61472a25f3ace36cc3af8feebb7a5ec8667bcfebc83265477fa501d893
RLSA_06-2004.txt
Posted Jan 2, 2005
Authored by Julio Cesar Fort

QNX crttrap has a -c flag to specify where trap file will be written. Combined with the trap flag it is possible to read or write any file in the disk. QNX RTOS 2.4, 4.25, 6.1.0, 6.2.0 are all affected.

tags | advisory
SHA-256 | fb4f56b2ec2fdf473fcce500ead2b39f939a04c5e82ccc3ef3ae44701188dac7
Secunia Security Advisory 13660
Posted Jan 2, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - cYon has reported a vulnerability in PHProjekt, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the path_pre parameter in authform.inc.php is not properly verified, before it is used to include files. This can be exploited to include arbitrary files from external and local resources.

tags | advisory, arbitrary, local, php
SHA-256 | 3a4e8b42424d86f7dd2dee41e21bdc34aac2390ca46119e1916592e16c90faad
Secunia Security Advisory 13670
Posted Jan 2, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Atari800, which can be exploited by malicious, local users to gain escalated privileges. The vulnerabilities are caused due to unspecified boundary errors and can be exploited to cause buffer overflows. Successful exploitation may allow execution of arbitrary code with escalated privileges, if the SVGAlib version is used in a setuid binary.

tags | advisory, overflow, arbitrary, local, vulnerability
SHA-256 | f425061da3ff2f3a02803e874d7a858673a584d5495b3ccfc963a7f8f930dedf
htmltitle.txt
Posted Jan 2, 2005
Authored by Bipin Gautam

There is a weird denial of service issue with Internet Explorer and Mozilla Firefox when they attempt to render html files with long titles.

tags | advisory, denial of service
SHA-256 | 467ede60a3da75e8f2ac6f25e17f8df7f77c680e4ec8c35364740aab6868374e
Secunia Security Advisory 13630
Posted Jan 2, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - First Last has reported a weakness in CleanCache, which can be exploited by malicious people to disclose securely deleted data on a disk.

tags | advisory
SHA-256 | b99577a39fe927646b34fa6678ce0e1a18717ccf2172f1731ac28074be951e4d
Secunia Security Advisory 13654
Posted Jan 2, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Martin Schwidefsky has reported a vulnerability in the Linux Kernel, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the SACF (Set Address Space Control Fast) control instruction being handled insecurely on the S/390 platform.

tags | advisory, kernel, local
systems | linux
SHA-256 | 8b43d7433241fe27ceeaf1b3f2f7fe475019976deb36d7e4fbee958c0f04a910
Secunia Security Advisory 13644
Posted Jan 2, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Crystal Enterprise, which can be exploited by malicious people to conduct cross-site scripting attacks.

tags | advisory, xss
SHA-256 | 55af96ffe7cf39ecfd7aa163ca43125ab6e890b94ac8f9599a6b12ab27822df0
SantyB.php.txt
Posted Jan 2, 2005

Santy.b phpBB worm that affects versions 2.0.10 and below and installs a bot. Uses AOL/Yahoo search.

tags | advisory, worm
SHA-256 | 25273610beb305e25f97564d200388d022753613cacaf2fd823a114c466cb115
Secunia Security Advisory 13665
Posted Jan 1, 2005
Authored by Secunia | Site secunia.com

Secunia Security Advisory - snilabs has reported a security issue in PHP-Blogger, which can be exploited by malicious people to disclose sensitive information. The problem is that database files (.db) by default are stored inside the web root and are not correctly protected against being accessed directly on some server configurations. This can e.g. be exploited to disclose the admin password.

tags | advisory, web, root, php
SHA-256 | a2b423512bb9baaab9a5c77fda37cb63e046ecc304547b00c7276921758a0496
Secunia Security Advisory 13634
Posted Dec 31, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Nicolae Mihalache has reported a security issue in avelsieve, which potentially can be exploited by malicious users to cause a DoS (Denial of Service).

tags | advisory, denial of service
SHA-256 | e6099b09429b5723bc67aa32914de8949b1f76b3cb0e3e7fdffaae0813df7fb8
ieTrick.txt
Posted Dec 31, 2004
Authored by Albert Puigsech Galicia

Internet Explorer will accept %0a and %0d in URLs. In FTP URLs, it will accept them in the username part of the URL. Due to the similarity between the FTP and SMTP protocols, this can be used to send mail.

tags | advisory, protocol
SHA-256 | e2e71c2a7f12cac58fb231beaf48bf5b486852f8767f80078d2102127d129720
plesk700.txt
Posted Dec 31, 2004
Authored by Andrew Smith

Plesk, a popular server administration tool used by many web hosting companies, is susceptible to cross site scripting flaws.

tags | advisory, web, xss
SHA-256 | 561ab831ef114785159c21d59981cca959a4a7af271cbe8bf055ab77f58d6fb2
SSRT4699.txt
Posted Dec 31, 2004
Site hp.com

HP Security Bulletin - A potential security vulnerability has been identified with System Administration Manager (SAM) running on HP-UX that may allow local unauthorized privileges. Affected Versions: HP-UX B.11.00, B.11.11, B.11.22, and B.11.23.

tags | advisory, local
systems | hpux
SHA-256 | 319afe43d1b320a755cd24871491338f3e486749a9432161423cb91beaa6d5ca
Secunia Security Advisory 13635
Posted Dec 31, 2004
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Two vulnerabilities have been reported in Rpm Finder, which can be exploited by malicious people to compromise a user's system and by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local, vulnerability
SHA-256 | 235e6abaff83d84e633690fa2b9e2648da4e8b729ea43505e4774ecdebf54457
Page 1 of 11
Back12345Next

Top Authors In Last 30 Days

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close