28.06.2002 Detailed

6! AnalogX SimpleServer:Shout buffer overflow   Buffer overflow on oversized port 8001 request. 6! Cisco SSH multiple bugs updated since 28.06.2001   It's possible to insert command and intercept data from ssh session.

27.06.2002 Detailed

Format string bug in decfingerd   Ошибка форматной строки при вызове syslog()   Buffer overflow in HP-UX cifslogin updated since 24.06.2002   Buffer overflow on oversized -P option.

Privelege escalation via Apache .htaccess buffer overflow updated since 23.06.2002   Oversized line in .htaccess causes buffer overflow

26.06.2002 Detailed

Format string bug in Netware ftpd   Format string bug in username

22.06.2002 Detailed

6! Solaris 9 rcp buffer overflow   Buffer overflow on long hostname:filename   Gamecheats AdvServer DoS         Pirch 98 buffer overflow   Writing behind array boundary on large number of channel references.

20.06.2002 Detailed

8! Multiple bugs in Irix rpc.xfsmd   Weak encryption, uncommented shell-characters. 6! Buffer overfrlow in Cisco vpnclient   Buffer overflow on long profile name. 6! Microsoft Word Mail Merge vulnerability updated since 07.08.2000   Microsoft Word document merged with Access database allows to execute VBA procedures without warning.

Bugs in Apache Tomcat   Physical path disclosure, DoS.

Cisco ONS15454 DoS updated since 20.06.2002   IP packets with ToS bit causes interface to hang.

irssis DoS updated since 20.06.2002   Channel topic processing problems.

Synblic links in Adobe Acrobat Reader

19.06.2002 Detailed

6! Buffer overflow in OpenUnix/Unixware ppp utils updated since 13.11.2001         procmail buffer overflow   Buffer overflow on long command line argument

18.06.2002 Detailed

10! Buffer overflow in Apache updated since 17.06.2002   Signed/unsigned conversion bug on CHUNKed POST.   nCipher problems   Weak key generation during installation, problems with java library.   Buffer overflow in Interbase   Heap overflow on environment parsing.

Zyxel Prestige DoS updated since 17.12.2001   Problems with fragmented packets processing, Syn+fin and Syn+ack packets.

NetGear unauthorized access updated since 18.06.2002   It's possible to obtain full access by using 192.168.0.1 address from external interface.

17.06.2002 Detailed

IGMP DoS   By sending unicast membership report to attacked host it's possible to prevent one from registering in group.   CiscoSecure ACS crossite scripting   Crossite scripting in web interface (requires authentication)   Xitami GSL problems

14.06.2002 Detailed

6! Microsoft RAS Phonebook buffer overflow updated since 05.12.2000   Buffer overflow.

13.06.2002 Detailed

7! Buffer overflow in Microsoft IIS HTR   Buffer overflow on chunk-encoded POST request. 7! Multiple bugs in QNX updated since 01.06.2002   User can create the hard link for a file not owned by him. ptrace() can be attached to suid process, signals may be passed to any process, buffer overflows and privelege escalations in many utilities. 6! Buffer overflow in Oracle 9iAS Reports Server   Buffer overflow in CGI script.

SQL modification in <Body>Builder   ' is not checked during authorization.

Buffer overflow in AnalogX SimpleServer updated since 13.06.2002   Buffer overflow on loong '@' http request.

Privelege escalation via simpleinit   File descriptor doesn't closed after priveleges are dropped.

Buffer overflow in IRCIt   Buffer overflow on invite command.

Format string bugs in mmmail/mmftpd   Format string bugs in logging.

Microsoft SQL Server 2000 SQLXML buffer overflow   Buffer overflow in ISAPI filter and crossite scripting.

Port translation bypass in 3Com OfficeConnect Remote 812 ADSL updated since 28.05.2002

12.06.2002 Detailed

8! Microsoft Internet Explorer, Microsoft Proxy & Microsoft ISA server buffer overflow gopher buffer overflow updated since 04.06.2002       6! Buffer overflow in OpenServer Xsco   Buffer overflow on command line parsing.   X DoS via Moziila   X crashes on oversized font-size.

Multiple bugs in SeaNox Devwex   Buffer overflows, directory traversal.

Multiple RED-M 1050 bugs

07.06.2002 Detailed

Format atring bug in TrACESroute   Ошибка форматной строки при обработке аргументов.   Microsoft ASP.NET buffer overflow   Buffer overflow on state cookie processing.

06.06.2002 Detailed

7! Multiple bugs in Yahoo Messenger updated since 24.02.2002   Multiple bugs including buffer overflows.   Buffer overflow in eDonkey 2000   Buffer overflow on othersized URL ed2k://   Cisco IOS DoS

Multiple bugs in Red-M 1050 Blue Tooth

05.06.2002 Detailed

8! Solaris LPD buffer overflow       7! IRIX rpc.passwd problems         OpenServer crontab format string bug   Format string bug in command line arguments parsing.

Format string bug in slurp   Format string bug on processing NNTP server reply.

ISC bind DoS   Error in dns_message_findtype() function causes bind to fail.

04.06.2002 Detailed

Format string bug in squid   Format string bug in NT domain authorization module.   Cleartext password in Volution Manager   Cleartext password stored in /etc/ldap/slapd.conf   Unauthorized access to PowerChute shared folder   During programm installation Program Files\Pwrchute shared with full access allowing to trojan program executables.

CGI bugs updated since 28.05.2002

01.06.2002 Detailed

File system access in imap-uw   By design it's possible to access any file readable by user's account.   Multiple buffer overflows in mnews   Buffer overflows on command line processing, environment variables and NNTP server response handling.   Multiple bugs in Shambala Server updated since 10.10.2000   DoS, directory traversal.