HOME > RESOURCES > ADVISORIES


07.02.2004

Internet Explorer - Heap Memory Corruption Vulnerability

Internet Explorer is the flagship browser for the Microsoft Windows OS. A vulnerability has been discovered in IE5.x and IE6.x which allows an attacker to effectively corrupt the allocated memory space and cause IE to crash.


10.07.2003

Mirc - Buffer Overflow in "IRC" protocol

mIRC attempts to provide a user-friendly interface for use with the Internet Relay Chat network. An attacker can take advantage of a remote buffer overflow vulnerability existed in current version of mIRC to potentially have his malicious code executed under the user context.


09.23.2003

TCLHttpd Server - Multiple Vulnerabilities

TclHttpd is used both as a general-purpose Web server, and as a framework for building server applications. Mutiple flaws in TCLHttpd server open door for an attacker to browse any directories on the remote host and to inject malicious javascript/vbscript content to the user's browser under the TCLHttpd server context (Cross Site Scripting).


09.22.2003

Savant Web Server - Multiple DoS Vulnerabilities

Savant is a full-featured open source / freeware web server designed to be run under any 32-bit version of Microsoft Windows (including Windows 95, 98, ME, XP, NT, and 2000). Savant was designed to be easy to use, fast, and secure. Recent version of Savant Web Server is found to be suffered from multiple remote DoS vulnerabilities which allow an attacker to terminate the server daemon by sending malformed request packets to the server.


09.12.2003

602pro LanSuite - Multiple Vulnerabilities

602Pro LAN SUITE is an easy-to-install and manage all-in-one server application. Multiple vulnerabilities are found in the LanSuite 2003 software, particularly the WebMail interface, letting an attacker to view sensitive information about the users and read arbitrary file on the server.


09.12.2003

Gordano Messaging Suite - Multiple Vulnerabilities

Gordano Messaging Suite is the powerful messaging server running on Windows, Linux, Solaris, and AIX. E-CQURITY found several security flaws in the software that could result in DoS attack against the application and sensitive information disclosure if exploited by the attacker.


09.01.2003

FTGate Pro - Multiple Vulnerabilities

FTGate Pro WebAdmin interface (not enable to the Internet by default) are found to be vulnerable to a numerous security holes, giving an attacker chances to learn various information about the FTGate server and exporting FTGate sever's mailboxes to a text file. By taking advatages of these mentioned vulnerabilities, the attacker can utimately compromise the whole server.


05.28.2002

Yahoo Messenger - Multiple Vulnerabilities

Yahoo! Messenger lets you communicate in real time over the Internet via voice or text. Security vulnerabilities in YIM have recently been found which can allow unauthorized execution of programs on a YIM user's PC via buffer overflows or Java or Visual Basic script execution added through YIM Content tabs. The net impact is to allow a relatively simple opportunity to hijack users' YIM client outright, and use it to attack or intrude into YIM users supposedly private information systems.


02.04.2002

Hosting Controller - Multiple Vulnerabilities (II)

Hosting Controller is an all-in-one administrative hosting tool for Windows. It automates a wide range of hosting tasks andprovides control of each hosted site to the respective owners. By taking advantage of these newly found vulnerabilities, an attacker can create, remove arbitrary files or folders on the system.


02.04.2002

Hosting Controller - Multiple Vulnerabilities

Hosting Controller is an all-in-one administrative hosting tool for Windows. It automates a wide range of hosting tasks and provides control of each hosted site to the respective owners. E-CQURITY discover multiple vulnerabilities in the software that allow an attacker to browse directories that are not intended to be publicly accessible and upload scripts to manipulate files and control administration of sites using Hosting Controller.



VIA Agent Login