Section: .. / 0603-advisories /
| /// File Name: |
monalbum087.txt |
Description:
|
Mon Album version 0.8.7 is susceptible to SQL injection attacks.
| | Author: | undefined1_ | | File Size: | 912 | | Last Modified: | Apr 1 09:03:09 2006 |
| MD5 Checksum: | a274df1c56798cefb25cf464e20e0c6f |
|
| /// File Name: |
movilnetCaptcha.txt |
Description:
|
Movilnet's Web SMS Captcha implementation is weak and it is possible to recognize its patterns 100% of the time.
| | Author: | Ruben Recabarren, Leandro Leoncini | | File Size: | 4325 | | Last Modified: | Apr 1 07:42:32 2006 |
| MD5 Checksum: | f89768546edd75f89b610b4b2f473852 |
|
| /// File Name: |
MS-Commerce.txt |
Description:
|
It is possible to bypass authentication in Microsoft Commerce Server pre SP2
| | Author: | Dimitri van de Giessen | | File Size: | 2116 | | Last Modified: | Mar 23 22:10:04 2006 |
| MD5 Checksum: | 0646f520a4145a70eff7fec380cfec1a |
|
| /// File Name: |
MS06-012.txt |
Description:
|
Peter Winter-Smith of NGSSoftware has discovered a high risk vulnerability in Microsoft Excel which may allow an remote attacker to execute arbitrary code on a user's system via the Internet Explorer Excel plugin.
| | Author: | NGSSoftware Insight Security Research | | Homepage: | http://www.ngssoftware.com | | File Size: | 864 | | Last Modified: | Mar 14 23:44:35 2006 |
| MD5 Checksum: | 74e04a355de6fa3a5a7846efe3064f28 |
|
| /// File Name: |
MTSPro.txt |
Description:
|
Mail Transport System Professional is susceptible to an open relay vulnerability.
| | Author: | Craig Morrison | | File Size: | 805 | | Last Modified: | Mar 2 10:12:10 2006 |
| MD5 Checksum: | 5e1739292b19965bca022cad6a0b3efe |
|
| /// File Name: |
MU-200603-01.txt |
Description:
|
MailEnable POP3 Pre-Authentication Buffer Overflow [MU-200603-01] - A remote buffer overflow condition in MailEnable's POP3 service could allow for arbitrary code execution. The vulnerable code can be exercised remotely without authentication.
| | Homepage: | http://labs.musecurity.com | | File Size: | 3056 | | Last Modified: | Mar 22 02:13:18 2006 |
| MD5 Checksum: | 7db6cfd35722383477d5e3763166b3fe |
|
| /// File Name: |
mysql5018.txt |
Description:
|
MySQL versions 5.0.18 and below suffer from a query logging bypass flaw.
| | Author: | 1dt.w0lf | | Homepage: | http://rst.void.ru | | File Size: | 724 | | Last Modified: | Mar 2 10:13:40 2006 |
| MD5 Checksum: | 53e7b898fb6ae40e7e5e43a62cb675f6 |
|
| /// File Name: |
nCipher12.txt |
Description:
|
nCipher Security Advisory No. 12 - In some circumstances, Diffie-Hellman keys generated by an HSM may be less secure than previously thought. An attack which recovers a vulnerable private key is (for typical parameters), expensive but possible.
| | Homepage: | http://www.ncipher.com/ | | File Size: | 8480 | | Last Modified: | Mar 10 01:20:01 2006 |
| MD5 Checksum: | 63cb4a58e3b6e0f6f4a52a8e1d68fdc2 |
|
| /// File Name: |
nCipher13.txt |
Description:
|
nCipher Security Advisory No. 13 - Application programmers using the nCore API to calculate and verify CBC MACs may have accidentally implemented a MAC protocol which fails to detect certain modifications to messages it is supposed to protect.
| | Homepage: | http://www.ncipher.com/ | | File Size: | 12727 | | Last Modified: | Mar 10 01:20:39 2006 |
| MD5 Checksum: | 0aa4ad3331d28e689d50b2109f68a692 |
|
| /// File Name: |
nCipher14.txt |
Description:
|
nCipher Security Advisory No. 14 - During a major code review carried out for a recent release, nCipher discovered some undesirable features in the nCore code base.
| | Homepage: | http://www.ncipher.com/ | | File Size: | 11044 | | Last Modified: | Mar 10 01:21:11 2006 |
| MD5 Checksum: | 4b59279633529c99b631997833b7cb7d |
|
| /// File Name: |
ncpVPNPKI.txt |
Description:
|
The NCP VPN/PKI client version 8.11 Build 146 is susceptible to local privilege escalation and denial of service attacks.
| | Author: | Ramon Kukla | | File Size: | 3728 | | Last Modified: | Mar 3 04:41:28 2006 |
| MD5 Checksum: | 7b36afd10ec1824c97de7072867633ff |
|
| /// File Name: |
netcoolLeak.txt |
Description:
|
Another credential leak was found in the Netcool/NeuSecure Security Information Management platform which allows for remote backend database access with administrative privileges by an unauthenticated remote user.
| | Author: | Dimitry Snezhkov | | File Size: | 5887 | | Last Modified: | Mar 9 05:36:07 2006 |
| MD5 Checksum: | 7abf0cff0bf78afdc44b2ddf1fdf2bb2 |
|
| /// File Name: |
passwordsafe30.txt |
Description:
|
PasswordSafe 3.0 has a weak random number generator.
| | Homepage: | http://www.elcomsoft.com/ | | File Size: | 4230 | | Last Modified: | Apr 1 05:46:52 2006 |
| MD5 Checksum: | f9268d272cd48746fde2b144d543db6f |
|
| /// File Name: |
php_live-3.0.txt |
Description:
|
PHP Live! 3.0 suffers from XSS in status_image.php.
| | Author: | kspecial | | File Size: | 315 | | Last Modified: | Mar 24 00:11:53 2006 |
| MD5 Checksum: | 8030838d7c8a6e9014d9a236f24736f6 |
|
| /// File Name: |
PHPADSNEW-SA-2006-001.txt |
Description:
|
phpAdsNew and phpPgAds versions 2.0.7 and below suffer from multiple html injection and cross site scripting flaws.
| | Author: | Matteo Beccati | | Homepage: | http://phpadsnew.com/ | | File Size: | 1846 | | Last Modified: | Apr 1 07:37:36 2006 |
| MD5 Checksum: | 5998f02c4c8ce7823491642ca8e3ebcf |
|
| /// File Name: |
phpNukeXSS.txt |
Description:
|
A cross site scripting vulnerability exists in PHP-NUKE Submit-News.
| | Author: | 0o_zeus_o0 | | Homepage: | http://www.elitemexico.org | | File Size: | 5699 | | Last Modified: | Mar 3 09:11:55 2006 |
| MD5 Checksum: | 081329f54ad57971720188b76e7aeee2 |
|
| /// File Name: |
phpRPC07.txt |
Description:
|
phpRPC versions 0.7 and below suffer from a remote code execution flaw.
| | Author: | James Bercegay | | Homepage: | http://www.gulftech.org/ | | File Size: | 3931 | | Last Modified: | Mar 2 10:22:30 2006 |
| MD5 Checksum: | 2a2c757620622b7e39fa6130886818de |
|
| /// File Name: |
phpWebsite.txt |
Description:
|
phpWebsite suffers from SQL injection in friend.php and article.php
| | Author: | DaBDouB-MoSiKaR | | File Size: | 646 | | Last Modified: | Mar 21 23:50:51 2006 |
| MD5 Checksum: | debc3465f149ce717c037d4dc891617e |
|
| /// File Name: |
qwikiwiki_1.0.5_xss.txt |
Description:
|
QwikiWiki 1.5 suffers from multiple script injection vulnerabilities in index.php, login.php, and pageindex.php.
| | Author: | Kiki | | Homepage: | http://kiki91.altervista.org | | File Size: | 2254 | | Last Modified: | Mar 10 01:13:14 2006 |
| MD5 Checksum: | ba327624af3bb96f9f030f8146f8c316 |
|
| /// File Name: |
rainXSS.txt |
Description:
|
Raindance Web Conference Pro suffers from a cross site scripting flaw in its browser compatibility checking code.
| | Author: | Dimitry Snezhkov | | File Size: | 1018 | | Last Modified: | Apr 1 06:05:10 2006 |
| MD5 Checksum: | 40866fdcfb084451b20a74d640eb374a |
|
| /// File Name: |
rapidshare.de.txt |
Description:
|
The file hosting company rapidshare.de suffers from XSS.
| | Author: | Ironfist | | File Size: | 1322 | | Last Modified: | Mar 14 23:52:57 2006 |
| MD5 Checksum: | c4275e083dd97c87bc2b3fba39548fc3 |
|
| /// File Name: |
sa18680.txt |
Description:
|
Secunia Security Advisory - Secunia Research has discovered a vulnerability in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system.
| | Homepage: | http://secunia.com/advisories/18680/ | | File Size: | 2178 | | Last Modified: | Mar 22 20:43:52 2006 |
| MD5 Checksum: | a1db681c405035643429b4eaa7d62b82 |
|
| /// File Name: |
sa18755.txt |
Description:
|
Secunia Security Advisory - Lincoln Stein has reported a security issue in Crypt::CBC, which can be exploited by malicious people to bypass certain security restrictions.
| | Homepage: | http://secunia.com/advisories/18755/ | | File Size: | 1912 | | Last Modified: | Mar 1 04:50:51 2006 |
| MD5 Checksum: | 4930f8942ca89fd2ddd822595cc15b73 |
|
|
|
|
|
![.:[ packet storm ]:.](/images/ps-ani.gif)
