Section: .. / 0412-advisories /
| /// File Name: |
meshviewer.txt |
Description:
|
MeshViewer 0.2.2 is susceptible to a buffer overflow vulnerability in the Mesh::type() function.
| | Author: | Mohammed Khan, Danny Lungstrom | | File Size: | 1759 | | Last Modified: | Dec 30 21:51:22 2004 |
| MD5 Checksum: | 41b28ab911efe4335b17fc5f62641333 |
|
| /// File Name: |
mpg123.txt |
Description:
|
A boundary error condition in mpg123 version 0.59r allows for remote compromise.
| | Author: | Bartlomiej Sieka | | Homepage: | http://tigger.uic.edu/~jlongs2/holes/mpg123.txt | | File Size: | 2011 | | Last Modified: | Dec 30 10:23:47 2004 |
| MD5 Checksum: | 15ba7341715ed64b72f881b11018077d |
|
| /// File Name: |
msieDHTML.txt |
Description:
|
The MSIE DHTML Edit Control code is susceptible to a cross site scripting vulnerability.
| | Author: | Paul | | File Size: | 1964 | | Last Modified: | Dec 30 09:00:05 2004 |
| MD5 Checksum: | 9c3baf704ca21a29a37a183efed45be2 |
|
| /// File Name: |
mtroff-by-one.txt |
Description:
|
mtr is susceptible to raw socket hijacking, allowing for the spoofing of ICMP packets.
| | Author: | Przemyslaw Frasunek | | File Size: | 7781 | | Last Modified: | Dec 30 07:15:17 2004 |
| MD5 Checksum: | 3cba2beb8ae7f282ff09a6215b7d27fb |
|
| /// File Name: |
mwmp9.txt |
Description:
|
Microsoft Windows Media Player 9 allows for writing to audio files from Internet Explorer, which may allow for code execution in a trusted zone. It also suffers from a file existence determination flaw.
| | Author: | Arman Nayyeri | | Homepage: | http://www.4rman.com | | File Size: | 4514 | | Last Modified: | Dec 30 11:13:33 2004 |
| MD5 Checksum: | 417ed1ab5f95ea5851bcda7df494d55e |
|
| /// File Name: |
napshare.txt |
Description:
|
NapShare version 1.2 is susceptible to a buffer overflow in the auto_filter_extern() function.
| | Author: | Bartlomiej Sieka | | File Size: | 1516 | | Last Modified: | Dec 30 21:49:57 2004 |
| MD5 Checksum: | 8d807ed6b769988f8dbf85ee70b49017 |
|
| /// File Name: |
nasm.txt |
Description:
|
A boundary error condition in NASM version 0.98.38 allows for local system compromise.
| | Author: | Jonathan Rockway | | Homepage: | http://tigger.uic.edu/~jlongs2/holes/nasm.txt | | File Size: | 1949 | | Last Modified: | Dec 30 10:38:04 2004 |
| MD5 Checksum: | 43a8545b814a79e23cdb1e28d400355f |
|
| /// File Name: |
NetBSD-2004-010.txt |
Description:
|
NetBSD Security Advisory 2004-010 - Some of the functions in /usr/src/sys/compat/ which implement execution of foreign binaries (such as Linux, FreeBSD, IRIX, OSF1, SVR4, HPUX, and ULTRIX) use argument data in unsafe ways prior to calling the kernel syscall.
| | Author: | Evgeny Demidov | | Homepage: | http://www.netbsd.org/ | | File Size: | 4659 | | Last Modified: | Dec 30 10:10:46 2004 |
| MD5 Checksum: | 1caeb75665bcbb5ebf85d997096369d2 |
|
| /// File Name: |
NGS-Sybase.txt |
Description:
|
NGSSoftware has discovered three high risk security vulnerabilities in Sybase Adaptive Server Enterprise 12.5.2. Sybase ASE versions 12.5.2 and older are vulnerable to these issues.
| | Author: | Sherief Hammad | | Homepage: | http://www.ngssoftware.com/ | | File Size: | 913 | | Last Modified: | Dec 31 21:06:06 2004 |
| MD5 Checksum: | 6decb69cda61100c4ff7dfaf55853875 |
|
| /// File Name: |
novacoast.txt |
Description:
|
Novacoast Security Advisory - Novacoast has discovered a vulnerability in the Novell NetWare Operating System screen saver software. The vulnerability allows a local attacker to bypass authentication and access the system console. Novell Netware 5/5.1/6.0/6.5 are affected.
| | Author: | Adam Gray | | Homepage: | http://www.novacoast.com | | File Size: | 2184 | | Last Modified: | Dec 30 07:18:42 2004 |
| MD5 Checksum: | 87c0028baf896cdeed12a666af521342 |
|
| /// File Name: |
nsg-advisory-09.txt |
Description:
|
No System Group Advisory #09 - Citadel/UX versions 6.27 and below suffer from a format string vulnerability that allows for remote root exploitation.
| | Author: | CoKi | | Homepage: | http://www.nosystem.com.ar/ | | Related Exploit: | citadel_fsexp.c | | File Size: | 4909 | | Last Modified: | Dec 12 20:55:57 2004 |
| MD5 Checksum: | 60a10815d6eeddb0e3c5e76d0b7b19c6 |
|
| /// File Name: |
o3read.txt |
Description:
|
o3read version 0.0.3 suffers from a buffer overflow condition in the parse_html() function used when parsing HTML content.
| | Author: | Wiktor Kopec | | File Size: | 1731 | | Last Modified: | Dec 30 21:13:19 2004 |
| MD5 Checksum: | f97b5e158bf526756b06630df1c83f47 |
|
| /// File Name: |
oracle23122004.txt |
Description:
|
NGSSoftware Insight Security Research Advisory #NISR2122004A - The Oracle database server supports PL/SQL, a programming language. PL/SQL can execute external procedures via extproc. Extproc has been found to suffer from another buffer overflow vulnerability. Systems Affected: Oracle 10g on all operating systems.
| | Author: | David Litchfield | | Homepage: | http://www.ngssoftware.com/advisories/oracle23122004.txt | | File Size: | 2309 | | Last Modified: | Dec 31 22:34:52 2004 |
| MD5 Checksum: | 8ff3f6a4a456615d65a9263bafbdd8f2 |
|
| /// File Name: |
oracle23122004B.txt |
Description:
|
NGSSoftware Insight Security Research Advisory #NISR23122004B - The Oracle database server supports PL/SQL, a programming language. PL/SQL can execute external procedures via extproc. Extproc has been found to suffer from a directory traversal problem that allows attackers access to arbitrary libraries. Systems Affected: Oracle 10g/9i on all operating systems.
| | Author: | David Litchfield | | Homepage: | http://www.ngssoftware.com/advisories/oracle23122004B.txt | | File Size: | 2181 | | Last Modified: | Dec 31 22:37:23 2004 |
| MD5 Checksum: | ed02212351daf65fa9d5c70b6f46cee1 |
|
| /// File Name: |
oracle23122004C.txt |
Description:
|
NGSSoftware Insight Security Research Advisory #NISR23122004C - The Oracle database server supports PL/SQL, a programming language. PL/SQL can execute external procedures via extproc. Extproc is intended only to accept requests from the Oracle database server but local users can still execute commands bypassing this restriction. Systems Affected: Oracle 10g/9i on all operating systems.
| | Author: | David Litchfield | | Homepage: | http://www.ngssoftware.com/advisories/oracle23122004C.txt | | File Size: | 2153 | | Last Modified: | Dec 31 22:39:21 2004 |
| MD5 Checksum: | dae273bf1612c10c3afe4b3514192b16 |
|
| /// File Name: |
oracle23122004E.txt |
Description:
|
NGSSoftware Insight Security Research Advisory #NISR2122004E - The 10g Oracle Application Server installs ISQL*Plus. Once logged in, an attacker can use load.uix to read files on the server. Systems Affected: Oracle 10g AS on all operating systems.
| | Author: | David Litchfield | | Homepage: | http://www.ngssoftware.com/advisories/oracle23122004E.txt | | File Size: | 1895 | | Last Modified: | Dec 31 22:43:37 2004 |
| MD5 Checksum: | adfe20bd74a120aa085285fa65b8aa91 |
|
| /// File Name: |
oracle23122004G.txt |
Description:
|
NGSSoftware Insight Security Research Advisory #NISR2122004G - Due to character conversion problems in Oracle 10g with Oracle's Application server it is possible to bypass pl/sql exclusions and gain access to the database server as SYS. Systems Affected: Oracle 10g/AS on all operating systems.
| | Author: | David Litchfield | | Homepage: | http://www.ngssoftware.com/advisories/oracle23122004G.txt | | File Size: | 3075 | | Last Modified: | Dec 31 22:32:49 2004 |
| MD5 Checksum: | fb210b21300c07dcfb7d455421482490 |
|
| /// File Name: |
oracle23122004I.txt |
Description:
|
NGSSoftware Insight Security Research Advisory #NISR2122004I - Database triggers exist to help maintain data integrity and perform certain actions when a table's data is modified. Many of the default triggers in Oracle can be abused to gain elevated privileges. Systems Affected: Oracle 10g/9i on all operating systems.
| | Homepage: | http://www.ngssoftware.com/advisories/oracle23122004I.txt | | File Size: | 4595 | | Last Modified: | Dec 31 22:31:07 2004 |
| MD5 Checksum: | 64970b9686acb7b8e503c2a9f727350d |
|
| /// File Name: |
oracle23122004J.txt |
Description:
|
NGSSoftware Insight Security Research Advisory #NISR2122004J - The code for PL/SQL procedures can be encrypted or wrapped to use the Oracle term. When a wrapped procedure is created a buffer overflow vulnerability can be triggered. Systems Affected: Oracle 10g/9i on all operating systems.
| | Author: | David Litchfield | | Homepage: | http://www.ngssoftware.com/advisories/oracle23122004J.txt | | File Size: | 1761 | | Last Modified: | Dec 31 22:51:14 2004 |
| MD5 Checksum: | d97ff3e3a1a5717cb97dfbedcec74635 |
|
| /// File Name: |
pcal.txt |
Description:
|
Buffer overflow vulnerabilities in the getline() and get_holiday() functions of Pcal version 4.7.1 may allow for system compromise.
| | Author: | Danny Lungstrom | | File Size: | 2085 | | Last Modified: | Dec 30 21:55:22 2004 |
| MD5 Checksum: | cb6b2d027816ca5bd3dd0f51705f9c80 |
|
| /// File Name: |
pgn2web.txt |
Description:
|
A buffer overflow vulnerability in pgn2web version 0.3 may allow for system compromise.
| | Author: | Tom Palarz, Kris Kubicki | | Homepage: | http://tigger.uic.edu/~jlongs2/holes/pgn2web.txt | | File Size: | 1918 | | Last Modified: | Dec 30 11:02:20 2004 |
| MD5 Checksum: | 7bb496cbf59dcc5351d022810d272169 |
|
| /// File Name: |
php-shmop.txt |
Description:
|
PHP shmop shared memory module has a leak that can lead to Safe Mode bypass. PHP versions 5.0.2 and below and 4.3.9 and below are susceptible.
| | Author: | Stefano Di Paola | | File Size: | 1232 | | Last Modified: | Dec 30 11:18:53 2004 |
| MD5 Checksum: | 99a70050f72c34784b76a9665223213f |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
