31.03.2004 Detailed

6! clamav shell characters   Shell characters problem in filename if %f option is used.   tcpdump DoS   ISAKMP procession DoS.   oftpd DoS   DoS on PORT command with number > 255

30.03.2004 Detailed

7! courier-imap buffer overflow   Buffer overflow during character codepage conversions.

7! Multiple ISS products ICQ analisys buffer overflow updated since 19.03.2004   Few stack overflows.

DoS and information leak in FreeBSD IPv6   setsockopt() implementation error.

28.03.2004 Detailed

CGI bugs updated since 24.03.2004

27.03.2004 Detailed

Kerio Mailserver buffer overflow   SPAM filter buffer overflow.   nstxd DoS   NULL pointer reference on unexpected DNS traffic.

26.03.2004 Detailed

NetSupport School weak encryption   Password is stored in reversable encryption.   Check Point Smartview Tracker buffer overflow   Buffer overflow in GUI during viewing oversized column.   ESignal buffer overflow   Stack overflow on oversized TCP/80 request.

Multiple Apache vulnerabilities   mod_ssl memory leak, logfile terminal escape sequences injection.

mysqlbug symbolic links problem   Symbolic links problem during bugreport saving.

25.03.2004 Detailed

NexGen FTP Server directory traversal         Multiple HP WebJet Admin bugs   Directory traversal, file uploading and execution.   emil multiple bugs   Buffer overflows, format string bugs.

PicoPhone buffer overflow   Buffer overflow during logging.

Weak DameWare encryption   Weak PRNG is used for symmetric key generation, key is self is sent in cleartext among data.

24.03.2004 Detailed

7! Solaris vfs_getvfssw() call directory traversal   Vulnerability allow local user to load kernel module. 6! TrendMicro Interscan VirusWall directory traversal   Directory traversal in HTTP proxy service. 6! Multiple ecartis bugs updated since 14.08.2003   Buffer overflows, maillist password disclosure.

libREP buffer overflow

Apache mod_survey crossite scripting

xweb directory traversal

22.03.2004 Detailed

Apache mod_disk_cache information leak   Full headers, including authentication ifnormation, are stored in file.   Reget directory traversal   Directory is traversed with %2F.. in filename.

20.03.2004 Detailed

Samba symbolic links problem   Smbprint symbolic links problem.   Borland Interbase weak permissions   File /opt/interbase/admin.ib is world writable.   IPswitch WS_FTP buffer overflows updated since 29.03.2003   Buffer overflow on oversized filename then building local files list. Buffer overflow on oversized server banner.

19.03.2004 Detailed

6! Norton Antispam buffer overflow   Buffer overflow in SymSpamHelper and WrapNISUM ActiveX.   RealNetworks Helix buffer overflow   Buffer overflow during POST request paring.   Multiple OpenSSL DoS bugs updated since 17.03.2004   Few bugs patched during product audit.

CGI bugs updated since 15.03.2004

16.03.2004 Detailed

6! Multiple VocalTec bugs   Directory traversal, authentication bypass. 6! mod_security buffer overflow   off-by-one buffer overflow during POST processing.   Multiple Vendor SOAP server array DoS

15.03.2004 Detailed

CA Unicenter TNG buffer overflow   Few network services are vulnerable to stack overflow.   mathopd buffer overflow   Buffer overflow on oversized path in request.

13.03.2004 Detailed

Metamail symlink problem   Symlink problem in extcompose script.   Compaq Web Managment spoofed certificate unauthorized access   User can upload his certificate to server for getting unauthorized access.   Multiple uudeview bugs   Buffer overflow, symbolic links problem.

CGI bugs updated since 09.03.2004

12.03.2004 Detailed

xitalk privilege escalation   It's possible to obtain utmp group privileges.

11.03.2004 Detailed

MyProxy crossite scripting   Crossite scripting via URL.   Multiple Pegasi Web Server bugs   Directory tracersal, crossite scripting.   gdk-pixbuf DoS   Bug during BMP files processing.

wMCam DoS   Connection flood causes server to crash.

10.03.2004 Detailed

7! MSN Messenger unauthorized access   Any file from client computer can be retrieved. 6! Microsoft Outlook shell characters problem   Shell characters problem allow javacript execution in local zone.   Python buffer overflow   getaddrinfo() buffer overflow on oversized address (IPv6 for example).

Directory traversal in multiple browsers cookie path   It's possible to access cookie from the document with different path

Windows Media Services DoS   Specially crafted TCP packets sequence causes service to hang.

09.03.2004 Detailed

6! DB2 RPC privilege escalation   It's possible to attach to a process with administrator privileges. 6! Sun Solaris passwd priviledge escalation         Multiple SLMail bugs   Buffer overflows in webmail and Supervisor Report Center interface.

Norton Antivirus protection bypass   Files with special characters in path are not checked.

multiple wu-ftpd bugs   Local user can bypass root directory protection, buffer overflow on S/Key authentication.

GWEB/PWebServer directory traversal updated since 04.03.2004

Multiple SLMail/SLWebMail bugs updated since 07.05.2003   Multiple buffer overflows, file access, etc.

Symbolic links problem during automake compilation

05.03.2004 Detailed

Cisco CSS UDP DoS   DoS on malformed packets to UDP/5002.   GNU Anubis multiple bugs   Buffer overflows, format string bugs.

04.03.2004 Detailed

6! Adobe Acrobat Reader .xfdf buffer overflow   Buffer overflow on parsing XML Forms Data Format.   FreeBSD TCP DoS   By sending large number of non-sequential packets it's possible to cause memory exhaustion.   NetScreen-SA crossite scripting   Crossite scripting in delhomepage.cgi

SonicWall ARP traffic amplification   3x traffic ammplification from external to internal network.

CGI bugs updated since 01.03.2004

03.03.2004 Detailed

7! ProFTPD buffer overflow updated since 23.09.2003   Buffer overflow on ASCII-files uploading.   Nortel AP2200 DoS   Oversized string to any port causes AP to crash.

02.03.2004 Detailed

9! linux kernel mremap privilege escalation updated since 05.01.2004   It's possible to map memory page of zero size causing memory corruption in kernel.   Motorola T720 DoS   Any network flood leads to DoS.

01.03.2004 Detailed

6! Multiple WFTPD bugs   Buffer overflows, DoS conditions.   InnoMedia VideoPhone protection bypass         602Pro LAN Suite multiple bugs updated since 29.09.2003   Information leak, directory traversal, crossite scripting.