.:[ packet storm ]:. - http://packetstormsecurity.org/

.:[ packet storm ]:.

about
- Contact
  Features
  RSS Feeds
  Site Directory Tree
mirrors
- North America East Coast
  Central
  West Coast 1
  West Coast 2
  
  South America Argentina
  Brazil
  Chile
  
  Global Main Site
  
  Europe Belgium
  France
  Netherlands
  Romania
  United Kingdom 1
  United Kingdom 2
  
  Asia South Korea
  
  Middle East Israel
search
- Storm Watch
assessment
- Exploits: By Month
  Unix Analysis
  Linux Analysis
  Windows Analysis
  Cisco Analysis
  Root Kits
  Cracking
defense
- Unix
  Windows
  MacIntosh
  Cryptography
  Packet Sniffers
advisories
- Advisories: By Month
papers
- White Papers
  Security Documentation
magazines
miscellaneous
- Group Releases
  Programming
  Viruses and Trojans
  Telephony
  Computer Humor
links

global security disclosure

global security disclosure

Section: .. / 0704-advisories /

Page 4 of 20
<< 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 >> Files 75 - 100 of 492

Currently sorted by: File Name Sort By: Last Modified, File Size

/// File Name:	glsa-200704-15.txt
Description:	Gentoo Linux Security Advisory GLSA 200704-15 - The driver does not properly process Channel Switch Announcement Information Elements, allowing for an abnormal channel change. The ieee80211_input() function does not properly handle AUTH frames and the driver sends unencrypted packets before WPA authentication succeeds. Versions less than 0.9.3 are affected.
Homepage:	http://security.gentoo.org
File Size:	3160
Related CVE(s):	CVE-2007-7178, CVE-2007-7179, CVE-2007-7180
Last Modified:	Apr 19 02:55:18 2007
MD5 Checksum:	127ed596013007509cc3053231c1f37e

/// File Name:	glsa-200704-16.txt
Description:	Gentoo Linux Security Advisory GLSA 200704-16 - Jonathan So reported that the airodump-ng module does not correctly check the size of 802.11 authentication packets before copying them into a buffer. Versions less than 0.7-r2 are affected.
Homepage:	http://security.gentoo.org
File Size:	2798
Related CVE(s):	CVE-2007-2057
Last Modified:	Apr 24 09:21:50 2007
MD5 Checksum:	c326424043a0760ed3280988c993ab79

/// File Name:	glsa-200704-17.txt
Description:	Gentoo Linux Security Advisory GLSA 200704-17 - The 3proxy development team reported a buffer overflow in the logurl() function when processing overly long requests. Versions less than 0.5.3h are affected.
Homepage:	http://security.gentoo.org
File Size:	2500
Related CVE(s):	CVE-2007-2031
Last Modified:	Apr 24 09:22:04 2007
MD5 Checksum:	1220026febf9dc1fc0bdfadb7a0423ae

/// File Name:	glsa-200704-18.txt
Description:	Gentoo Linux Security Advisory GLSA 200704-18 - CJ Kucera has discovered that some Courier-IMAP scripts don't properly handle the XMAILDIR variable, allowing for shell command injection. Versions less than 4.0.6-r2 are affected.
Homepage:	http://security.gentoo.org
File Size:	2479
Last Modified:	Apr 24 09:22:35 2007
MD5 Checksum:	3789b9f6c96e5616d26f6dcff9c098eb

/// File Name:	glsa-200704-19.txt
Description:	Gentoo Linux Security Advisory GLSA 200704-19 - Stefan Cornelius of Secunia Research discovered an insecure use of the eval() function in kmz_ImportWithMesh.py. Versions less than 2.43 are affected.
Homepage:	http://security.gentoo.org
File Size:	2540
Related CVE(s):	CVE-2007-1253
Last Modified:	Apr 24 09:41:48 2007
MD5 Checksum:	0499bdbd7236906765ebe893e2a9de74

/// File Name:	glsa-200704-20.txt
Description:	Gentoo Linux Security Advisory GLSA 200704-20 - Luigi Auriemma has discovered multiple vulnerabilities in NAS, some of which include a buffer overflow in the function accept_att_local(), an integer overflow in the function ProcAuWriteElement(), and a null pointer error in the function ReadRequestFromClient(). Versions less than 1.8b are affected.
Homepage:	http://security.gentoo.org
File Size:	3177
Related CVE(s):	CVE-2007-1543, CVE-2007-1544, CVE-2007-1545, CVE-2007-1546, CVE-2007-1547
Last Modified:	Apr 24 09:44:15 2007
MD5 Checksum:	6c8d940373b646fc47f6b47472c346af

/// File Name:	glsa-200704-21.txt
Description:	Gentoo Linux Security Advisory GLSA 200704-21 - iDefense Labs have reported a stack-based buffer overflow in the cab_unstore() function when processing negative values in .cab files. Multiple file descriptor leaks have also been reported in chmunpack.c, pdf.c and dblock.c when processing .chm files. Versions less than 0.90.2 are affected.
Homepage:	http://security.gentoo.org
File Size:	2714
Related CVE(s):	CVE-2007-1745, CVE-2007-1997
Last Modified:	Apr 25 07:20:52 2007
MD5 Checksum:	9ca85857020ac621149fa4c06bcc0e1c

/// File Name:	glsa-200704-22.txt
Description:	Gentoo Linux Security Advisory GLSA 200704-22 - BEAST, which is installed as setuid root, fails to properly check whether it can drop privileges accordingly if seteuid() fails due to a user exceeding assigned resource limits. Versions less than 0.7.1 are affected.
Homepage:	http://security.gentoo.org
File Size:	2776
Related CVE(s):	CVE-2006-2916, CVE-2006-4447
Last Modified:	May 3 03:47:51 2007
MD5 Checksum:	2b72440271eba9de7155d2f5d02c6e77

/// File Name:	glsa-200704-23.txt
Description:	Gentoo Linux Security Advisory GLSA 200704-23 - The bufprint() function in capi4k-utils fails to properly check boundaries of data coming from CAPI packets. Versions less than 20050718-r3 are affected.
Homepage:	http://security.gentoo.org
File Size:	2456
Related CVE(s):	CVE-2007-1217
Last Modified:	May 3 03:48:07 2007
MD5 Checksum:	46804317c725150a6bd1cf67b2c5130f

/// File Name:	iedos-issue.txt
Description:	Microsoft Internet Explorer contains a flaw that may allow a malicious user to cause IE7 to enter a loop in which IE7 become unresponsive resulting in a recoverable denial of service issue.
Author:	Lostmon
Homepage:	http://lostmon.blogspot.com/
File Size:	3651
Last Modified:	May 3 01:48:22 2007
MD5 Checksum:	57d7f19f626cd637a47ac4c467099cc9

/// File Name:	ieff-split.txt
Description:	Firefox and Internet Explorer are prone to HTTP request splitting when Digest Authentication occurs.
Author:	Stefano di Paola
Homepage:	http://www.wisec.it/
File Size:	7622
Last Modified:	May 3 01:44:15 2007
MD5 Checksum:	5426a639741037c2c3ecdb00815e92d0

/// File Name:	ietool-dos.txt
Description:	The Netsprint Toolbar version 1.1 suffers from a denial of service vulnerability.
Author:	sapheal
File Size:	1231
Last Modified:	Apr 19 02:56:51 2007
MD5 Checksum:	a41fce87276355eef152df7d0b58757d

/// File Name:	INFIGO-2007-08.txt
Description:	During an audit of Enterprise Security Analyzer, multiple remote buffer overflows have been discovered in the ESA server (TCP port 10616). There are various stack and heap overflows in multiple ESA requests. The vulnerability has been identified in the latest available Enterprise Security Analyzer v2.5. Previous versions are believed to be vulnerable as well.
Author:	Leon Juranic
Homepage:	http://www.infigo.hr/
File Size:	2444
Last Modified:	Apr 13 00:14:26 2007
MD5 Checksum:	ffc6bd13c8fa53d2bc030730ecd5d6b2

/// File Name:	major_rls37.txt
Description:	holaCMS version 1.4.10 suffers from cross site scripting issues.
Author:	David "Aesthetico" Vieira-Kurz
Homepage:	http://www.majorsecurity.de
File Size:	1537
Last Modified:	Apr 5 00:46:58 2007
MD5 Checksum:	9942e68ed2bd93b80e7d1114bd88d1aa

/// File Name:	major_rls38.txt
Description:	eXV2 CMS versions 2.0.4.3 and below suffer from cross site scripting and session fixation vulnerabilities.
Author:	David "Aesthetico" Vieira-Kurz
Homepage:	http://www.majorsecurity.de
File Size:	3214
Last Modified:	Apr 5 08:11:40 2007
MD5 Checksum:	d21f2b2c8336489c95b528c7129a1d48

/// File Name:	major_rls39.txt
Description:	The onelook onebyone CMS suffers from a session fixation issue.
Author:	David "Aesthetico" Vieira-Kurz
Homepage:	http://www.majorsecurity.de
File Size:	2695
Last Modified:	Apr 8 02:45:54 2007
MD5 Checksum:	418089f35e57f23c1563780cc6a5cb75

/// File Name:	major_rls40.txt
Description:	The oboShop e-commerce web shopping script suffers from a session fixation issue.
Author:	David "Aesthetico" Vieira-Kurz
Homepage:	http://www.majorsecurity.de
File Size:	2642
Last Modified:	Apr 8 02:46:43 2007
MD5 Checksum:	e1a37980ab400a85150eb7bdeb46008a

/// File Name:	major_rls41.txt
Description:	The online booking script called courts online suffers from a session fixation issue.
Author:	David "Aesthetico" Vieira-Kurz
Homepage:	http://www.majorsecurity.de
File Size:	2657
Last Modified:	Apr 8 02:47:30 2007
MD5 Checksum:	bb65ba5800bc0c99cd61eaa6d5e1062e

/// File Name:	major_rls42.txt
Description:	webblizzard CMS suffers from cross site scripting and session fixation vulnerabilities.
Author:	David "Aesthetico" Vieira-Kurz
Homepage:	http://www.majorsecurity.de
File Size:	2934
Last Modified:	Apr 8 02:58:14 2007
MD5 Checksum:	8ba46e85bb2b5ca69f9c215d518d5174

/// File Name:	major_rls43.txt
Description:	@Mail version 5.0 suffers from cross site scripting and cookie manipulation issues.
Author:	David "Aesthetico" Vieira-Kurz
Homepage:	http://www.majorsecurity.de
File Size:	1971
Last Modified:	Apr 12 23:52:52 2007
MD5 Checksum:	4d7bd61c4d9013b824d76a637a1b4810

/// File Name:	major_rls44.txt
Description:	MailBee WebMail Pro version 3.4 suffers from a cross site scripting vulnerability.
Author:	David "Aesthetico" Vieira-Kurz
Homepage:	http://www.majorsecurity.de
File Size:	1718
Last Modified:	Apr 17 05:35:23 2007
MD5 Checksum:	724448d356d6a77f7c367c1f1b4728f5

/// File Name:	major_rls45.txt
Description:	oe2edit CMS suffers from cross site scripting and cookie manipulation vulnerabilities.
Author:	David "Aesthetico" Vieira-Kurz
Homepage:	http://www.majorsecurity.de
File Size:	1821
Last Modified:	Apr 17 18:26:25 2007
MD5 Checksum:	15f09e8a2f7efe6e974bb9cc644005cb

/// File Name:	major_rls46.txt
Description:	Plogger suffers from a session fixation issue.
Author:	David "Aesthetico" Vieira-Kurz
Homepage:	http://www.majorsecurity.de
File Size:	1818
Last Modified:	Apr 25 07:25:46 2007
MD5 Checksum:	12b29a1da6f862ac4701f21ada06fbc7

/// File Name:	MDKSA-2007-074.txt
Description:	Mandriva Linux Security Advisory - Andreas Nolden discover a bug in qt3, where the UTF8 decoder does not reject overlong sequences, which can cause "/../" injection or (in the case of konqueror) a "