31.03.2003 Detailed

Personal FTP Server buffer overflow   Buffer overflow on USER longer than 320 characters.   CGI bugs reported by Russian teams         CGI bugs updated since 24.03.2003

29.03.2003 Detailed

Format string bug in GNOME Eye of Gnome   Format stirng bug in filename parsing.

28.03.2003 Detailed

6! Microsoft Windows XP redirector service buffer overflow updated since 07.02.2003   Buffer overflow on oversized UNC, for example in net use command.   D-Link DI-614 DoS   Access server hangs or reboots on some well known IP attacks.   snort protection bypass   Packest with SYN,FIN,ECN bits set are not detected.

27.03.2003 Detailed

8! Lotus Notes buffer overflows updated since 13.03.2003   Heap overflow during authentication process. Buffer overflow on oversized HTTP server reply Status: header in Web Retriever.   Microsoft RPC DoS   Malformed request to RPC Endpoint Mapper (TCP/135) may cause RPC services to crash.   Online tax programs information leak updated since 13.03.2003

26.03.2003 Detailed

8! apcupsd buffer overflow   Multiple buffer overflows. 6! JWalk directory traversal   Directory traversal on escaped URL.   Symantec Enterprise Firewall URL filtering protection bypass   Escaped URL may be used to bypass URL filtering.

Multiple PHP problems updated since 26.03.2003   Local integer overflow in socket_iovec_alloc() may be exploited if PHP is compiled with --enable-sockets option. Memory allocation troubles. Buffer overflow in openlog().

emulte DoS   Empty nick name causes NULL pointer reference.

NetPBM integer overflows

25.03.2003 Detailed

6! INDY : idHTTPserver directory traversal   ... in URL allows access to any file on the server.   Adobe Acrobat Reader plugin trojaning   Because of weak cryptography it's possible to spoof Adobe signature for Acrobat Reader plugins.   Black Board Windows Lock protection bypass   It's possible to bypass hotkeys locking.

24.03.2003 Detailed

Multiple bugs in 3COM RAS 1500   Invalid IP options DoS, Web interface unauthorized access.   CGI bugs from DWClan updated since 22.03.2003   13 vulnerable CGI applications are reported by DWClan.

22.03.2003 Detailed

7! Open SSL timing attack updated since 19.02.2003   Because of timing difference it's possible to distinguish between bad padding and a MAC verification error. It's also possible to recover RSA secret.   Microsoft Active Sync DoS   Corrupted packet to TCP/5679 causes NULL reference.   ProtWare weak encryption   Position substitution is used.

Edonkey DoS   Resources consumption through multiple message dialogs.

21.03.2003 Detailed

Multiple bonsai bugs   Remote execution of arbitrary commands as www-data, absolute path disclosure, cross site scriptiong attacks, unauthenticated access to parameters page

20.03.2003 Detailed

10! Buffer overflow in Sun rpc updated since 31.07.2002   Buffer overflow in xdr_array primitive 7! Klima-Pokorny-Rosa attack on PKCS #1 v1.5 padding   On some conditions it's possible server's private key to be applied to attacker choosen ciphertext. 7! Windows Script Engine integer overflow   Integer overflow on array's sort() function.

6! IBM Tivoli Firewall Security Toolbox buffer overflow   Buffer overflow from client side.

6! Multiple vulnerabilities in Ximian 's Evolution   Heap corruption in UUEncode handling, crossite scripting, client fingerprinting.

6! Multiple linux kernel problems updated since 19.03.2003   Standard bug set: problems with ptrace, mmap and ethernet drivers.

mutt/balsa buffer overflow updated since 20.03.2003   Buffer overflow in IMAP code.

Kaspersky Antihacker DoS   By performing attack from spoofed addresses it's possible to block user's access to legitimate sites.

Microsoft ISA Server DNS publishing DoS   Incomplete DNS request DoS.

CGI bugs updated since 18.03.2003

18.03.2003 Detailed

7! Bea Weblogic multiple bugs updated since 18.03.2003   It's possible to download, upload and execute any file.

17.03.2003 Detailed

6! McAfee ePolicy Orchestrator format string bug   Format string bug during network request processing.   Kerberos v4 cryptographic weakness   Several cryptographic vulnerabilities exist in the basic Kerberos Version 4 protocol that could allow an attacker to impersonate any user in a Kerberos realm.

16.03.2003 Detailed

9! Multiple bugs in Samba updated since 16.03.2003   Buffer overflow on SMB/CIFS packet re-assembly, chown race conditions.   CGI bugs updated since 11.03.2003         QPopper timing attack   Differet timing interval are used for error message in case of wrong username and wrong password.

15.03.2003 Detailed

Buffer overflows in ircII based clients   Multiple buffer overflows can only be exploited from server side.   GiantRat Mailer weak encryption   Password is stored as cleartext in the word-readable file.   WIN32 PostMessage API information leak   By using PostMessage(hwnd, EM_SETPASSWORDCHAR, 0, 0) it's possible to unmask password in dialog to copy it later via buffer. It alows to bypass WM_GETTEXT protection.

14.03.2003 Detailed

8! Sun One Application Server buffer overflow   Buffer overflow on oversized URI in connector module.   Protegrity Secure.Data buffer overflow   Buffer overflows in Extended stored procedures.   Nokia SGSN SNMP information leak   SNMP read access is possible with any community name.

13.03.2003 Detailed

7! Multiple LDAP servers vulnerabilities updated since 17.07.2001   DoS, unauthorized access. 6! lprm buffer overflow updated since 06.03.2003   A bounds check that does its checking too late to be effective.   PostgreSQL DoS   User-supplied value is used for memory allocation.

Mandrake usermode utilities unauthorized access updated since 19.07.2000   Any user can halt/reboot system and obtain root shell from console.

12.03.2003 Detailed

pgp4pine buffer overflow   Buffer overflow on oversized last line in message.   Fata-jack - new 802.11b wireless DoS   Authentication-Failed packets from access points are spoofed. It causes access denial for client and sometimes hang of client driver or software.   Multiple bugs in Ethereal   Format string bug in SOCKS protocol handling, heap overflow on NTLMSSP code.

Clearswift MAILsweeper protection bypass updated since 09.03.2003   If MIME-Version header is missed or binary encoding is used attachments are not recognized.

man code execution   Under some conditions 'unsafe' command may be invoked.

11.03.2003 Detailed

8! qpopper buffer overflow   Qvsnprintf doesn't NULL-terminates string exceeding maximum length. 6! DeleGate array index overflow   Array index overflow on large number of User-Agent in robots.txt 6! Windows Help buffer overflow   Buffer overflow on :LNK processing in .CNT files.

6! PeopleSoft XML unauthorized access updated since 21.01.2003   It's possible to access any webserver files by using XML External Entities. By using SchedulerTransfer servlett it's possible to write arbitrary files on server.

Forum Web Server multiple bugs   Crossite scripting, directory traversal on file upload, information leak.

HP-UX stmkfont buffer overflow   Buffer overflow during command line parsing.

Internet Explorer .mht DoS   If executable with MZP signature but without actual data is included, NULL pointer reference occurs.

09.03.2003 Detailed

MySQL privelege escalation   By spoofing datadir/my.cnf with SELECT INTO it's possible to launch MySQL with any account, including root.   CGI bugs updated since 03.03.2003         SQLBase buffer overflow updated since 11.02.2003   EXECUTE command buffer overflow.

07.03.2003 Detailed

6! xscareensaver buffer overflow   Buffer overflow on XLOCALEDIR environment variable.   dbtools weak encryption   Account for database connection is stored in .mdb file.

05.03.2003 Detailed

file buffer overflow   Buffer overflow on file type analisys.

04.03.2003 Detailed

9! Sendmail buffer overflow updated since 03.03.2003   Buffer overflow on headers parsing (oversized address comment) 6! snort RPC buffer overflo   Buffer overflow on RPC preprocessing. 6! AVP (Kaspersky Antivirus) DoS   Self-looping instruction (jmp $) in the beginning of PE-file causes process to hang.

Caldera UnixWare/OpenUnix unescaped shell characters problem   If | is used in filename shell comand may be executed by client on tertrieval.

Pastel Accounting audit bypass   Accounting file may be directly edited.

03.03.2003 Detailed

6! Kaspersky AntiHacker protection bypass   Firewall does not catches packet with invalid flags set.   USR Broadband-Router 8000 DoS   Buffer overflow on oversized GET request.