.:[ packet storm ]:.
                           
all things security
all things security

 Section:  .. / 0211-advisories  /

Page 1 of 1
<< 1 >> Files 1 - 8 of 8
Currently sorted by: Last ModifiedSort By: File Name, File Size

 ///  File Name: 11.19.02c.txt
Description:
 iDEFENSE Security Advisory 11.19.02c - Users of Netscape Communicator 4.x's web browser and e-mail client who can be tricked into clicking on a malicious link can return the contents of the targeted user's preferences file often including e-mail password and URL history back to a remote attacker who redefines user_pref(), a javascript function.
Author:Bennett Haselton
Homepage:http://www.idefense.com
File Size:2146
Related CVE(s):CAN-2002-1204
Last Modified:Nov 20 08:21:56 2002
MD5 Checksum:395e9cf673b9914f64dad12d34178c04

 ///  File Name: 11.19.02b.txt
Description:
 iDEFENSE Security Advisory 11.19.02b - Remote exploitation of a weakness in Eudora v5.2 and below allows for the retrieval of sensitive information from a targeted Eudora users computer. Attackers send an e-mail to a Eudora user that directs him to a specific URL; the e-mail also contains an HTML-enabled e-mail attachment that contains scripting code.
Author:Bennett Haselton
Homepage:http://www.idefense.com
File Size:3561
Related CVE(s):CAN-2002-1210
Last Modified:Nov 20 08:16:46 2002
MD5 Checksum:bfe60240d292949b370be55a2a3d2261

 ///  File Name: 11.19.02a.txt
Description:
 iDEFENSE Security Advisory 11.19.02a - Linksys Cable/DSL Routers models BEFW11S4, BEFSR11, BEFSR41 and BEFSRU31 can be crashed when several thousand characters are passed in the password field of the device's web management interface. Exploitation simply requires the use of a web browser that can send long Basic Authentication fields to the affected router's interface. Fix available here.
Author:Alex S. Harasic
Homepage:http://www.idefense.com
File Size:2384
Related CVE(s):CAN-2002-1312
Last Modified:Nov 20 08:10:08 2002
MD5 Checksum:6d9464f8c33b0e6a0c6614a5dbca1e47

 ///  File Name: 6D00B005PU.html
Description:
 Outlook Express version 5.50 and 6.0 contains a security vulnerability in the handling of S/MIME certificates which allows arbitrary code execution when inspecting a S/MIME signed message.
Author:Noam Rathaus
Homepage:http://www.securiteam.com/windowsntfocus
File Size:9870
Last Modified:Nov 19 17:19:26 2002
MD5 Checksum:d4804b301083bcfe204c77883993e390

 ///  File Name: NGSEC-2002-4.txt
Description:
 The iPlanet WebServer v4.x up to SP11 contains vulnerabilities which allow remote root command execution by using a cross site scripting vulnerability to redirect the Administrator's browser to a URL in a vulnerable perl script that will cause the open() command injection.
Author:Fermín J. Serna
Homepage:http://www.ngsec.com
File Size:3213
Last Modified:Nov 19 09:12:55 2002
MD5 Checksum:d4f6a4c950dcbce4f1a86c95db657557

 ///  File Name: lagsa-com21.txt
Description:
 Lag Security Advisory - Com21 cable modem configuration file feeding vulnerability. All Com21 DOXport 1110 cable modems with software version 2.1.1.106 are vulnerable to being fed a configuration file that will allow a user to have access to features that are not paid for by spoofing an ISP-side TFTP server to feed the data.
Author:David Laganičre
Homepage:http://lag.securinet.qc.ca/papers.html
File Size:2517
Last Modified:Nov 2 23:21:27 2002
MD5 Checksum:93b75a2bb541c3f857c15239803ce791

 ///  File Name: idefense.abuse.txt
Description:
 iDEFENSE Security Advisory 11.01.02 - Abuse is a popular side-scrolling video game that has a locally exploitable parsing error in the -net command line option allowing an attackers to gain root privileges.
Author:David Endler.
Homepage:http://www.idefense.com
File Size:3728
Last Modified:Nov 2 22:41:04 2002
MD5 Checksum:1ef3b53955def8f8b71f79bbbe2932db

 ///  File Name: netscreen25.txt
Description:
 Netscreen VPN solutions ship with an SSH daemon that is vulnerable to the SSH1 CRC32 bug. In the default configuration, SSH is not enabled on their devices and when enabled, it is expected that any CRC32 exploits used to attack said device will cause a crash and require a reboot. Original bug discovered by Michal Zalewski.
Author:HD Moore.
File Size:1363
Last Modified:Nov 2 22:30:51 2002
MD5 Checksum:5fed7ff8aace600e4148fcf25365f4e1
 

 ///  Last 10 Files
  1. :· MDVSA-2008-188.txt
  2. :· glsa-200809-05.txt
  3. :· freebsd-revcon.txt
  4. :· webcmsportal-blindsql.txt
  5. :· esfaq-sql.txt
  6. :· vastal-itechcosmetics.txt
  7. :· vastal-itechfreelance.txt
  8. :· vastal-itechmag.txt
  9. :· vastal-itechmmorpg.txt
  10. :· vastal-itechjobs.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Advisories
  1. :· MDVSA-2008-188.txt
  2. :· glsa-200809-05.txt
  3. :· PLSA-2008-36.txt
  4. :· microworld-insecure.txt
  5. :· SSRT080119.txt
  6. :· MDVSA-2008-186.txt
  7. :· glsa-200809-04.txt
  8. :· glsa-200809-03.txt
  9. :· glsa-200809-02.txt
  10. :· glsa-200809-01.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Exploits
  1. :· webcmsportal-blindsql.txt
  2. :· esfaq-sql.txt
  3. :· vastal-itechcosmetics.txt
  4. :· vastal-itechfreelance.txt
  5. :· vastal-itechmag.txt
  6. :· vastal-itechmmorpg.txt
  7. :· vastal-itechjobs.txt
  8. :· vastal-itechdvd.txt
  9. :· vastal-itechshare.txt
  10. :· vastal-itechtoner.txt
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Tools
  1. :· clamav-0.94.tar.gz
  2. :· distack-1.1.0-dev.tar.gz
  3. :· samhain-2.4.6.tar.gz
  4. :· sqlmap-0.6.tar.gz
  5. :· psbot.py.txt
  6. :· mimedefang-2.65.tar.gz
  7. :· advchk-2.11.tar.bz2
  8. :· kisgearth-0.01f.tar.bz2
  9. :· lynis-1.2.0.tar.gz
  10. :· fwknop-1.9.7.tar.gz
[ Last 20 | Last 50 | Last 100 ]

 ///  Last 10 Misc
  1. :· freebsd-revcon.txt
  2. :· insecurityoverview-samsung.pdf
  3. :· xcon2008-cfp.txt
  4. :· aslr-bypass.txt
  5. :· alphanumeric-shellcode.txt
  6. :· imagebase-shellcode.txt
  7. :· mysql-injection-newbies.txt
  8. :· draft-gont-opsec-ip-security-01.txt
  9. :· draft-ietf-tsvwg-port-randomization-02.txt
  10. :· evilshell.c
[ Last 20 | Last 50 | Last 100 ]


 .:. TopPrivacy Statement | Copyright Notice