30.04.2003 Detailed

6! Mozilla/Netscape crossite scripting   If dot is present in the end of hostname Mozilla teat part of the path as a domain.   Multiple bugs in Macromedia Cold Fusion MX   Path disclosure, DoS.

29.04.2003 Detailed

6! Kerio personal firewall multiple bugs updated since 28.04.2003   It's possible to fool ip filtering by using UDP/53 as a source port. Buffer overflow during authentication. Replay attacks during authentication.   Qpopper poppassd privelege escalation   During call to external program specified by used rot privileges are not dropped.

28.04.2003 Detailed

6! Multiple bugs in MDaemon   IMAP4 buffer overflow, negative array indexes problem in POP3. 6! Multiple bugs in Deerfield MDaemon WorldClient updated since 08.05.2002   Multiple bugs including remote buffer overflow.   3D-ftp client buffer overflow   Buffer overflow on oversized server's banner.

linux-atm buffer overflow   Buffer overflow in command line parsing in /usr/local/sbin/les -f

26.04.2003 Detailed

Buffer overflow in Options Parsing Tool library   Buffer overflows in few argument processing functions.   Buffer overflow in SonicWall   Buffer overflow on oversized POST request.   CGI bugs updated since 22.04.2003

25.04.2003 Detailed

VisNetic ActiveDefense DoS   Oversized request to web server protected by this tool causes service to hang.   mICQ DoS   Messages with type without 0xFE terminatro cause program to crash.

24.04.2003 Detailed

7! Windows NTLM relaying attacks updated since 14.09.2000   Some client program use NTLM authentication with user's permission without user request. It may leak to NTLM credentials and perform choosen challenge attack and comprometation of server's with client credentials by relaying NTLM request. 6! Cisco Secure ACS buffer overflow updated since 23.04.2003   Buffer overflow in TCP/2002 web interface port.   WebWeaver DoS   Request via FTP to non-existant file causes server to hang.

Nokia IPSO directory traversal   Directory traversal in /cgi-bin/readfile.tcl accessible via Web-Interface.

SAMBAR WebMail authentication cleartext passwords   Cleartext poassword authentication in WebMail access.

23.04.2003 Detailed

gkrellm-newsticker unescaped shell characters problem   Shell characters problem on browser execution.   Symbolic links problem in mime-support   Symbolic links problem on temporary files.   SAP DB development tools privelege escalation   instdbmsrv and instlserver allow chmod/chown for any files.

Microsoft IIS local ASP DoS   Insertion of oversized header line via Response.AddHeader causes server to crash.

AN HTTPd multiple bugs updated since 05.01.2003   Crossite scripting, physical path leakage, special devices access, file corruption.

22.04.2003 Detailed

Unauthorized ACER Travelmate access   If smart card protection is used it's still possible to access system for short time.   mod_ntlm format string bug   Format string bug in logging.   QuickFront Directory Traversal   Directory traversal in web interface.

Xeneo web server buffer overflow   Buffer overflow on oversized GET request.

21.04.2003 Detailed

Buffer overflow in Vexira Antivirus   Buffer overflow on oversized filename.   mod_access_referer NULL pointer DoS   NULL pointer reference on unresolvable REFERER.   Twilight Utilities TW-WebServer buffer overflow   Buffer overflow on oversized GET request.

Unauthorized BadBlue access   It's possible to access administration interface.

Monkey HTTPD buffer overflow   Buffer overflow on POST request.

19.04.2003 Detailed

6! PoPToP buffer overflow updated since 10.04.2003   Buffer overflow on small packet length in PPTP header.

18.04.2003 Detailed

6! snort multiple bugs updated since 16.04.2003   Integer overflow during TCP stream processing leads to heap overflow. Heap overflow in stream4 filter.   rinetd DoS   Setting more than 64 connection could cause server to fail.   regedit buffer overflow   Buffer overflow on oversized key displaying.

CGI bugs updated since 15.04.2003

17.04.2003 Detailed

7! Windows NT/2000/XP kernel buffer overflow   Stack based overflow during debug message processing.   EZ Server multiple bugz updated since 31.03.2003   Program exits by exception on oversized FTP ls and cd commands. Directory traversal.   Log spoofing in NetGear RP114   HTTP Host: header is used for log record.

16.04.2003 Detailed

Windows 2003 sin2k.sys EngTextOut DoS   DoS on function call with non-ASCII text.   iWeb Mini Web Server directory traversal         Mozilla race condition crossite scripting   In beggining of new page download old page can get an access to new context.

15.04.2003 Detailed

SheerDNS multiple bugs   Buffer overflow during CNAME processing, remote file access.   ghostscript symbolic link problem updated since 15.04.2003   Symboli link problem during temporary files creation in ps2epsi.

12.04.2003 Detailed

6! Unauthorized access to filemaker   During authentication server sends full password list to client. 6! MacOS X DirectoryService privelege escalation   External touch command is executed without full path. 6! Unauthorized file access via Oracle fndfs

Symbolic links in xfsdump   File is created insecurely in the root of given file system.

Gaim buffer overflow DoS   Insuficient message length check leads to heap corruption.

CGI bugs updated since 08.04.2003

11.04.2003 Detailed

6! Windows Indexing Services Crossite Scripting updated since 04.11.2000   It's possible to compromise client by inserting javascript into query URL.   Code execution via PDF and PS in KDE   Command contained in PS and PDF files may be eceuted.   Multiple Java virtual machines bugs updated since 23.11.2002   Multiple bugs in Netscape and Internet Explorer virtual java machines.

10.04.2003 Detailed

Microsoft ISA Server   It's possible to cause infinite reply loops with spoofed UDP packets with bith source and destination ports 1745 between 2 servers on from server to itself.   Hyperion FTP Server multiple bugs updated since 05.04.2003   Buffer overflow in mkdir, USER.

09.04.2003 Detailed

Buffer overflow in moxftp/xftp         mgetty multiple bugs   Buffer overflow, weak spool permissions.

08.04.2003 Detailed

7! Multiple bugs in Seti@home   Buffer overflows, infomration leak.   Aprelium Abyss Webserver DoS   Incomplete Connection: and Range: headers cause server to crash.   Interbase Firebird unauthorized file access   It's possible to access any external file by using it as a table storage.

Lotus Notes / Lotus Domino DoS   update() method of CRC32 class causes server to hang.

05.04.2003 Detailed

6! Apache DoS updated since 05.04.2003   Memory leak on request with large number of line feeds.   passlogd buffer overflow   Buffer overflow on syslog packets processing.   Interbase buffer overflow   Buffer overflow on ISC_LOCK_ENV environment variable.

Syscall timing attacks in multiple systems   By timing system calls it's possible to check file existance.

Buffalo AirStation DoS   Small packet flood causes station to hang.

AOL Server proxy API format string bug   Format string bug on syslog() call.

CGI bugs updated since 01.04.2003

NetGear DoS updated since 11.10.2002   Large number of connection attampts cause router to hang.

02.04.2003 Detailed

6! Sambar Server buffer overflow   http://localhost/session/login buffer overflow. 6! QuickTime buffer overflow updated since 02.04.2003   Buffer overflow on processing quicktime:// URL

01.04.2003 Detailed

7! Sun Solaris lpq buffer overflow   Stack overflow. 7! Sun Solaris dtsession buffer overflow   Heap overflow on HOME environment variable parsing.   HP Instant TopTools DoS   DoS on malcrafted Web requests to TCP/280.

SAP DB weak permissions   777 permissions are used for executables.

Chindi DoS   Program crashes on receiving large amount of data in TCP/4444 port.

WinRoute DoS   Program crashe if Host: header is missed in HTTP request to web administration interface.

PowerFTP DoS   DoS on oversized cd and ls commands.

D-Link DSL unauthorized access updated since 28.03.2003   public and private community are accessable by default. public community leaks account infromation in cleartext.

WebWeaver multiple bugs updated since 21.01.2003   File type is not checked on file open. DoS on oversized URLs (>2,5Mb), weak encryption (Caesar code), information leak, directory traversal.