Computer Security
[EN] no-pyccku

 Multiple ncpfs (Novell Netware client for Unix/Linux) bugs
document Symbolic links problems during accessing files in user's home with elevated privileges. Buffer overflow with malicious Novell Netware server.

6!Microsoft Windows XP SP2 non-executable memory (DEP) protection bypass
document By using small memory regisouns it's possible to place executable code into non-executable memory regions.
6!Alt-N WebAdmin MDaemon/RelayFax administration tool multiple bugs
document Crossit scripting, user accounts editing, code execution.
 Snug Server FTP directory traversal
 ngIRCd Internet Relay Chat server integer overflow
document Integer overflow in Lists_MakeMask() leads to buffer overflow.
 WebWasher filtering proxy localhost access
document It's possible to access localhost from remote network with a proxy.

 imap-uw IMAP server CRAM-MD5 unauthorized access
document It's possible to access mailboxes of different users.
 War FTPD FTP server format string bug
document CWD command format string bug.

7!Multiple ISC bind named DoS vulnerabilities
document authvalidated() internal state DoS conditions, q_usedns array overflow.
7!Multiple Cisco routers IOS DoS vulnerabilities
document Malcrafted IPv6, BGP or MPLS packets can cause router to reboot.
6!Juniper router JUNOS DoS
document Invalid packet causes router to crash.
6!OpenSWAN IPSec implementation XAUTH authentication buffer overflow
document pluto process stack based buffer overflow.
6!WinAmp media player buffer overflow
updated since 24.11.2004
document IN_CDDA.dll stack overflow
 Sun Solaris UDP endpoints DoS
document Heavy UDP usage with large number of open sockets can cause system to panic.
 MacOS X at scheduling utilities privelege escalation
document During execution of user's batch job system groups membership is not dropped.
 Real Player real audio files buffer overflow
document Buffer overflow on .ra files parsing.
 Ingate Firewall disabled user PPTP disconnection problem
document Then user is disabled active PPTP sessions are not disconnected.

6!Berlios gpsd (GPS/GIS daemon) format string bug
document Format string bug on syslog() call.
 SCO OpenServer scosession buffer overflow
document Buffer overflow on command line parsing.
 perl DBI::ProxyServer module symbolic links problem
document Symbolic links problem on pid file creation.
 vdr (DVB video disk recorders daemon) symbolic links problem
document It's possible to overwrite arbitrary files.

 Novell Evolution groupware client integer overflow vulnerability
document Buffer overflow in camel-lock-helper application.
 zhcon privilege escalation
document Configuration file is accesses with escalated privileges.
 Spectrum Cash passwords weak encryption
document Passwords are limited in character set and length and are sored with symbol substitution encryption.
 W32Dasm disassembler debugger buffer overflow
document Buffer overflow on oversized function name.

7!Multiple applications fd_set structure bitmap array index overflow
document Absence of control for large number of open file descriptors or sockets (FD_SETSIZE) allow to write arbitrary memory.
 Xerox WorkCentre Pro 32/40 Color PostScript Directory Traversal
document Directory traversal on PostScript files processing.
 FireHOL Linux firewall builder symbolic links problem
document Symbolic links problem on temporary files creation.
 Netgear FVS318 router multiple vulnerabilities
document URL filtering bypass, log file crossite scripting.
 Konversation KDE IRC client multiple vulnerabilities
updated since 20.01.2005
document Special characters filtering problem.
 ImageMagic PSD files buffer overflow
updated since 18.01.2005
document Integer array overflow in psd.c

 Multiple enscript ASCII to Postscript convertor vulnerabilities
document Shell characters filtering problems, multiple buffer overflows.
 MacOS X Apple iSync buffer overflow
document Buffer overflow on -a argument parsing in suid root mRouter binary.
 PHP/ASP/CGI web applications security vulnerabilities
updated since 18.01.2005
document PHP inclusions, SQL injections, directory traversals, crossite scripting, etc.

7!Sun Java plugin sandbox protection bypass
document It's possible to break sandbox protection and access local files and applications.
7!Multiple Oracle Database Server security problems
updated since 18.01.2005
document SQL injection, privilege escalation, buffer overflows.
7!Microsoft Windows NetDDE buffer overflow
updated since 13.10.2004
6!Sybari Antigen for Domino antivirus multiple vulnerabilities
document Protection bypass, buffer overflow on MIME parsing in Antigen for Domino on Solaris.
 GhostScript symbolic links problem
document Symbolic links problem in multiple scripts.
 KDE KOffice buffer overflow
document Buffer overflow in Decrypt::makeFileKey2() function.
 DivX Player skin files directory traversal
document During installation of DivX skin file it's possible ot overwrite any files in any location.
 fkey directory traversal
 3COM OfficeConnect Wireless 11g AP wireless access point unauthorized access
document It's possible to accesss configuration data including cleartext passwords without any authentication.
 xtrlock X display locker buffer overflow
document Buffer overflow allows to crash application and access desktop.

9!Multiple Internet Explorer bugs
updated since 13.10.2004
document CSS buffer overflow, local zone scripting, buffer overflow in Install Engine, writing file to any location with drag and drop or scripting in <img> tag, address bar spoofing, SSL crossite scripting.
6!Multiple Real products multiple bugs
updated since 30.09.2004
document RealPlayer ActiveX 'ShowPreferences' Buffer Overflow Vulnerability. Malcrafted RMP files arbitrary files deletion.
 squid proxy server access control lists protection bypass
document If LDAP authentication is used space can be added to username to bypass ACL restrictuions.
 Multiple Darwin/MacOS X kernel bugs
document DoS on parsing executable format, access behind array boundaries.
 Cisco IOS Telephony Services DoS
document DoS on SCCP control protocol parsing if configured tobe used with Cisco IOS Telephony Service (ITS), Cisco CallManager Express (CME) or Survivable Remote Site Telephony (SRST)
 Multiple AtHoc toolbar bugs
updated since 07.10.2004
document Buffer overflows, format string bugs in ActiveX components.

 SCO UnixWare chroot protection bypass

6!queue buffer overflow
6!NodeManager Professional SNMP trap buffer overflow
document Stack based buffer overflow on SNMPv1 trap processing.
 chbg buffer overflow
document Malcrafted background picture change scenario leads to buffer overflow.
 Multiple Kazaa P2P agent sig2dat protocol bugs
document Integer overflow, directory traversal.
 playmidi buffer overflow

6!Multiple VMware ESX Server problems
document Web interface format string bugs and protection bypass, kernel memory access.
6!Content filtering bypass for SMTP/HTTP in multiple products
updated since 09.03.2002
document By using unusuall representation for filename, boundaries, etc it's possible to bypass content filtering software.
 BlackBerry Enterprise Server Mobile Data Service WML (Wireless Markup Language) DoS
document Invalid WML (Wireless Markup Language) request causes Mobile Data Service to utilize 100% CPU.
 PHP/ASP/CGI web applications security flaws
updated since 10.01.2005

6!nfs rquotad 64-bit architectures integer overflow
6!Exim buffer overflows
updated since 07.01.2005
document Buffer overflows on SPA-authentications and IPv6 names resolution.
 Sun Solaris SMC (Solaris Management Console) weak passwords
document Under certain conditions user accouint configured with password aging is created with empty password.
 SGI Irix inpview (InPerson networked multimedia conferencing tool) privilege escalation
document User supplied application is executed with superuser privileges.

7!squid web cache proxy multiple bugs
document WCCP_I_SEE_YOU message WCCP (Web Cache Communication Protocol) DoS, gopher protocol buffer overflow.
6!OpenBSD TCP Retransmission Timeout Calculation Denial of Service
document Packets with specially crafted timestamp value can lead to denial of service.
 apf firewall privilege escalation
document Local user can bypass internal protection and execute administration commands.
 Apple iTunes playlist buffer overflow
updated since 13.01.2005
document Overflow on multiple playlists format parsing (.m3u, .pls).

8!Microsoft Windows .ANI (animated cursor) files buffer overflow
document USER32.DLL buffer overflow allows code to be executed. This vulnerability can potentially be used for silent spyware/adware installation.
6!Microsoft Indexing Service buffer overflow
document Buffer overflow on search request processing.
6!HylaFAX hfaxd unauthorized fax access
document During authorization of fax access by hostname, hostname sent by remote side is used.
 Hitachi Directory Server LDAP protocol buffer overflow
 Unixware mountd DoS
document Multiple connections lead to system resources exhaustion.
 bmv PostScript viewer symbolic links problem
document Symbolic links problem on temporary files creation.
 poppassd_pam unauthorized password change
document Old password is never checked before setting new one.
 Squirrelmail vacation plugin shell characters problem
document Unfiltered shell characters on ftpfile external program invocation.
 Apache mod_dosevasive symbolic links problem
updated since 07.01.2005
document Symbolic links problem on temporary files creation.
 TFTPD32 multiple bugs
updated since 19.11.2002
document Buffer overflow, directory traversal.
 Apache mod_auth_radius integer overflow
document Integer overflow on RADIUS server reply parsing.

8!Multiple Microsoft Windows bugs
updated since 15.12.2004
document Kernel buffer overflow LSASS privilege escalation.
6!Veritas Backup Exec buffer overflow
updated since 17.12.2004
document Buffer overflow during agent registration request processing.
 iproute2 netbug script symbolic links bug
document netbug script symbolic links problem on temporary files creation.
 Encrypted Messenger char sequence DoS
document Strings %~% !~! cause application to crash.

6!Novell Netware CIFS DoS
document Error in file protocol handling leads to crash in CIFS.NLM.
 Debian Linux lintian symbolic links problem
document Symbolic links problem on temporary files creation.
 Dillo browser format string bug
document Format string bug in a_Interface_msg() function.

updated since 04.01.2005

 Mozilla XBM graphic files DoS
document Large file size causes memory exhaustion.

9!Linux kernel multiple bugs
document Race conditions in uselib() leading to possibilityto overwrite kernel memory regions. Integer overflows in multiple drivers (random poolsize, scsi ioctl, moxa). RLIMIT_MEMLOCK protection bypass. mlockall DoS. Privilege escalation with race conditions on page fault with SMP platforms.
 Jeuce Personal Web Server multiple bugs
document Directory traversal, DoS.
 Apache Tomcat crossite scripting
document Tomcat Manager crossite scripting
 Gracebyte Network Assistant DoS
document Invalid packet to UDP/50138 port causes service to crash or misbihave.
 WinHKI/WinAce multiple bugs
updated since 06.01.2005
document Directory traversal. DoS.

7!Multiple libtiff buffer overflows
updated since 15.10.2004
document Multiple dynami memory overflows.
 Bugzilla crossite scripting
document Crossite scripting on "Internal Error" page.
 PuTTY for Symbian OS "SSH2_MSG_DEBUG" Buffer Overflow
 Multiple GRASS symbolic link problems

6! 3Com 3CDaemon multipe bugs
document Format string bugs, buffer overflows, DoS.

7!top formatstring bug
updated since 02.11.2000
document Format string bug allows kmem group privilege escalation.
 Moziila/Firefox file download dialog location spoofing
document Problem with displaying oversized domain names.
 Microsoft HTML parser DoS
document Invalid javascript handling causes application compiled with libarary fails.
 HTML Healine symbolic links problem
document Symbolic links problem on temporary files creation.

6!Multiple Symantec Nexland Firewall bugs
document Information leak, unauthorized configuration, DoS.
 Microsoft Internet Explorer directory traversal
document ..\ in filename is not checked.
 Multiple Zyxel B-420 bugs
document DoS, Crossite scripting.
 ArGoSoft FTP Server user enumeration
document Server reports invalid username.
 NetCat for Windows buffer overflow
updated since 30.12.2004
document Remote buffer overflow if netcat is used in supersever mode (-e option).
 CGI bugs
updated since 27.12.2004

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod