744 matches found
Cisco Security Advisory: Cisco IOS Misformed BGP Packet Causes Reload
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Misformed BGP Packet Causes Reload Revision 1.0 For Public Release 2005 January 26 1600 UTC GMT - ----------------------------------------------------------------------- Contents ======== Summary Affected Products...
Cross Site Scripting holes found in Horde 3.0
Hyperdose Security Advisory Name: Cross Site Scripting holes found in Horde 3.0 Systems Affected: Horde 3.0 installations Severity: Moderate Author: Robert Fly - [email protected] Advisory URL: http://www.hyperdose.com/advisories/H2005-01.txt --Horde Description-- The Horde Application Framewo...
DSA-575-1 catdoc - insecure temporary file
Bulletin has no description...
Broadcast crash in Popmessenger 1.60 (before 20 Sep 2004)
Luigi Auriemma Application: PopMessenger http://www.leadmind.com Versions: = 1.60 before 20 Sep 2004 Platforms: Windows Bug: crash Risk: medium Exploitation: remote broadcast Date: 21 September 2004 Author: Luigi Auriemma e-mail: [email protected] web: http://aluigi.altervista.org 1...
DSA-533 courier - cross-site scripting
Bulletin has no description...
Apache-SSL security advisory - apache_1.3.28+ssl_1.52 and prior
Apache-SSL optional client certificate vulnerability ---------------------------------------------------- Synopsis -------- If configured with SSLVerifyClient set to 1 or 3 client certificates optional and SSLFakeBasicAuth, Apache-SSL 1.3.28+1.52 and all earlier versions would permit a client to...
[Full-Disclosure] Sylpheed-claws format string bug, yet still sylpheed much better than windows
Georgi Guninski security advisory 61, 2003 Sylpheed-claws format string bug, yet still sylpheed much better than windows Systems affected: Sylpheed-claws 0.9.6 - 0.9.4 Fixed in CVS Risk: Medium Date: 22 October 2003 Legal Notice: This Advisory is Copyright c 2003 Georgi Guninski. You may distribu...
DSA-341 liece - insecure temporary file
Bulletin has no description...
Buffer overflow in 3D-ftp
Product: 3D-ftp Client Version: 4.0x OffSite: http://www.sitegallery.net/ Problem: Remote buffer overflow ------------------------------------------ 3D-ftp - Quite good Windows FTP Client. FTP Client have many opportunities Remote buffer overflow will take place if server send long banner = 8192...
SIPS (PHP)
Product : SIPS Version : v0.2.2 WebSite : http://www.squishdot.org Problem : Viewing users account Description: ------------ You could easily look throught any user's account without any permissions. Each of them is in dir names after first letter of his login. For example foo will have url like...
Security hole in kpf - KDE personal fileserver.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SECURITY ADVISORY Author: Ajay R Ramjatan [email protected] Date: 11 October 2002 Software: kpf - KDE Personal File Server part of kdenetwork Vulnerable: kpf of any KDE release between KDE 3.0.1 and KDE 3.0.3a Fixed: kpf from kdenetwork 3.0.4...
DSA-152 l2tpd - missing random seed
Bulletin has no description...
Advisory for Vdns
Advisory for VdnsServer VdnsServer is sold by ZFC and Hughestech Site: http://www.zfc.com | www.hughesnet.net by nemesystm of the DHC http://dhcorp.cjb.net - [email protected] ADV-0121 /-|=explanation=|- Virtual DNS Vdns allows users with DSL & ADSL type connections to run their own web serve...
Netscreen: DMZ Network Receives Some "Denied" Traffic
Dear NetScreen Customer: This is an important NetScreen Security Advisory. ------------------------------------------------------------------------------- ------------------------------ DMZ Network Receives Some "Denied" Traffic...
Novell Groupwise Client Vulnerability
Novell GroupWise Client read file/view vulnerability gw5.5epsp2--file view problems-- OS Affected Win 95/98/NT/2000/ME all sp levels Programs Affected GroupWise 5.5ep sp1 other versions of GroupWise 5 are probably vulnerable Discussion with zen polices or NT Polices installed properly on a window...
Stunnel format bug
Macaroon Advisory Hi, ppl We have recently discovered a format bug in stunnel= 3.8 in which the log function calls directly the syslog with only two parameters: sysloglevel, text. It should be sysloglevel, "s", text. If a user can pass any string that is written to the log file, he can exploit th...
FireWall-1 Fastmode Vulnerability
Hi there, service pack 3 is available for FireWall-1 4.1 and in addition to the things listed in the release notes it fixes the following little... errrrm... idiosyncrasy. The HTML version of the advisory is available at http://www.dataprotect.com/fw1/ Merry Christmas and a happy New Year -Thomas...
Lyris List Manager Administration Hole
Versions 3 and 4 of the Lyris List Manager allow any mailing list subscriber to gain access to the administrative interface of that list. After a user has logged in, they may modify the generated web page as follows to gain access: Save the html to disk, and add the full path to the server into t...
FTP Serv-U 2.5e vulnerability.
================================================================= Blue Panda Vulnerability Announcement: FTP Serv-U 2.5e 04/08/2000 dd/mm/yyyy [email protected] http://bluepanda.box.sk/ ================================================================= Problem: Sending FTP Serv-U a string...
BluePanda Vulnerability Announcement: WFTPD/WFTPD Pro 2.41 RC11
================================================================ BluePanda Vulnerability Announcement: WFTPD/WFTPD Pro 2.41 RC11 21/07/2000 dd/mm/yyyy [email protected] http://bluepanda.box.sk/ ================================================================ Problem: STAT command devulges...