4609 matches found
Security Bulletin (MS00-076)
Microsoft Security Bulletin MS00-076 - -------------------------------------- Patch Available for "Cached Web Credentials" Vulnerability Originally posted: October 12, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Internet Explorer. Und...
boa.server.txt
ID: S21SEC-005-en Title: Vulnerability in BOA web server v0.94.8.2 Date: 03/10/2000 Status: Vendor contacted, patch available Scope: Arbitrary file access Platforms: Unix Author: llmora Location: http://www.s21sec.com/en/avisos/s21sec-005-en.txt Release: Public S 2 1 S E C http://www.s21sec.com...
Vulnerability in BOA web server v0.94.8.2
ID: S21SEC-005-en Title: Vulnerability in BOA web server v0.94.8.2 Date: 03/10/2000 Status: Vendor contacted, patch available Scope: Arbitrary file access Platforms: Unix Author: llmora Location: http://www.s21sec.com/en/avisos/s21sec-005-en.txt Release: Public S 2 1 S E C http://www.s21sec.com...
@stake Advisory: Windows Still Image Privilege Elevation (A090700 -1)
@stake Inc. www.atstake.com Security Advisory Advisory Name: Windows Still Image Privilege Elevation A090700-1 Release Date: 09/07/2000 Application: Still Image Service Platform: Windows 2000 Severity: A local user can elevate privileges to SYSTEM. Author: DilDog [email protected] Vendor Status:...
Security Bulletin (MS00-060)
Microsoft Security Bulletin MS00-060 - -------------------------------------- Patch Available for "IIS Cross-Site Scripting" Vulnerabilities Originally posted: August 25, 2000 Summary ======= Microsoft has released a patch that eliminates security vulnerabilities in Microsoftr Internet Informatio...
Security Bulletin (MS00-061)
Microsoft Security Bulletin MS00-061 - -------------------------------------- Patch Available for "Money Password" Vulnerability Originally posted: August 25, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Money. The vulnerability could...
php-nuke.txt
php-nuke bug by StarmanJones 22/08/00 Disclaimer: I am not responsible for whatever you do with the knowledge you get from reading this advisorie. I am not telling you to go and post messages on sites that use PHP-nuke. Recently there was an advisory on bugtraq about An access validation error th...
Account Manager CGI Vulnerability
Product: Account Manager Versions: ALL including LITE and PRO haven't been able to test ENTERPRISE OS: Unix and Winnt Vendor: Notified, http://www.cgiscriptcenter.com/ The Problem: The Script allows any remote user access to the Administration Control Panel through overwriting the Admin Password...
VIGILANTE-2000005.txt
Watchguard Firebox Authentication DoS Advisory Code: VIGILANTE-2000005 Release Date: August 15, 2000 Systems Affected: Tested on the newest version of the Watchguard Firebox II that was on the 22nd of June, but it is very likely that this bug exists in all prior versions that include the...
Advisory CA-2000-16
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CERT Advisory CA-2000-16 Microsoft 'IE Script'/Access/OBJECT Tag Vulnerability Original release date: August 11, 2000 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected Internet Explorer 4.x, 5.x...
Security Bulletin (MS00-057)
Microsoft Security Bulletin MS00-057 - -------------------------------------- Patch Available for "File Permission Canonicalization" Vulnerability Originally posted: August 10, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Internet...
Security Bulletin (MS00-055)
Microsoft Security Bulletin MS00-055 - -------------------------------------- Patch Available for "Scriptlet Rendering" Vulnerability Originally Posted: August 09, 2000 Summary ======= Microsoft has released a patch that eliminates two security vulnerabilities in Microsoftr Internet Explorer. The...
[COVERT-2000-09] Windows NetBIOS Name Conflicts
Microsoft Security Bulletin MS00-047 - -------------------------------------- Patch Available for "NetBIOS Name Server Protocol Spoofing" Vulnerability Originally Posted: July 27, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in a protocol implemente...
AnalogX Proxy DoS
Foundstone, Inc. http://www.foundstone.com "Securing the Dot Com World" Security Advisory AnalogX Proxy DoS ---------------------------------------------------------------------- FS Advisory ID: FS-072500-7-ANA.txt Release Date: July 25, 2000 Product: Proxy Vendor: AnalogX http://www.analogx.com...
AnalogX Proxy 4.0 4 - Denial of Service
// source: https://www.securityfocus.com/bid/1504/info AnalogX Proxy is a simple proxy server that allows a user to connect a network of computers to the internet through the proxy gateway. Many of the services provided contain buffer overrun vulnerabilities that can allow an attacker to crash th...
Roxen security alert: Problems with URLs containing null characters.
Roxen 2.0 up to version 2.0.68 has a vulnerability where using URLs containing null characters can gain the browser access to information he is not authorized to: Directory listings in directories with index files In normal filesystems: the sourcecode for RXML files, Pike scripts, CGIs etc...
Security Bulletin (MS00-045)
Microsoft Security Bulletin MS00-045 - -------------------------------------- Patch Available for "Persistent Mail-Browser Link" Vulnerability Originally Posted: July 20, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability affecting Microsoftr Outlook...
[email protected]
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Network Associates, Inc. COVERT Labs Security Advisory July 17, 2000 LISTSERV Web Archive Remote Overflow COVERT-2000-07 o Synopsis The L-Soft LISTSERV web archive wa,wa.exe component contains an unchecked buffer allowing remote execution of arbitrary...
Security Bulletin (MS00-043)
Microsoft Security Bulletin MS00-043 - -------------------------------------- Patch Available for "Malformed E-mail Header" Vulnerability Originally posted: July 18, 2000 Summary ======= Microsoft has released a patch that eliminates a security vulnerability in Microsoftr Outlookr and Outlook...
cvsweb: remote shell for cvs committers
Cvsweb 1.80 contains a hole that provides attackers who have write access to a cvs repository with shell access. Thus, attackers who have write access to a cvs repository but not shell access can obtain a shell. In addition, anyone with write access to a cvs repository that is viewable with cvswe...