Computer Security
[EN] no-pyccku

 DansGuardian protection bypass
document URL escaping allows to bypass URL filtering.
 OpenFTP format string bug
document Format string bug in SITE msg send command.
 CGI bugs
updated since 26.07.2004

9!Check Point VPN-1 buffer overflow
document Buffer overflow on parsing ASN.1 notation.
 SoX multiple buffer overflows
document Few buffer overflow on parsing .wav files.
 Multiple personal firewall protection bypass
document By using scripting and crossite scripting malware script can bypass protection against access to external sites and bypass sites restriction.

8!HP-UX CIFS (Samba) buffer overflow
document Buffer overflow leads to unauthorized remote access.
 FTP Glide cleartext passwords
document Passwords are stored in puvlic folder in cleartext.

6!eSeSIX Thintune backdoor
document Backdoor on port TCP/25702, it's possible to obtain ICA and RDP usernames/passwords.
6!MacOS X Internet Connect symbolic links
document ppp.log is created in /tmp in unsafe way.
6!Microsoft Systems Management Server client memory corruption
updated since 15.07.2004
document Malcrafted data to TCP/2702 port causes memory corruption.
6!HP-UX Xfs buffer overflow
updated since 14.07.2004
document Buffer overflow on oversized line in configuration file (sgid bin).
 Mozilla Firefox certificate spoofing
document By using onunload() method it's possible to use certificate of any site.
 APC PowerChute DoS
document It's possible to prevent access to server or agent.

7!Samba SWAT buffer overflow
document Buffer overflow in Base64 decoding functions.
6!HP Tru64 UNIX/OpenVMS/HP-UX DCE server buffer overflow
updated since 26.06.2004
document Buffer overflow on RPC parsing.
 Conceptronic CADSLR1 buffer overflow
document Buffer overflow on oversized HTTP Authorization: header.
 Flash FTP directory traversal
 XITAMI invalid request endless loop
updated since 21.11.2003
document If HTTP header doesn't contain ':' server goes into endless loop.

 Cisco ONS DoS
document Malformed packet causes device to crash.
 Lexmark T522 buffer overflow
document Buffer overflow on oversized HTTP Host: header.
 WWW File Share Pro buffer overflow
document Buffer overflow on oversized path in GET request.
 CGI bugs
updated since 19.07.2004

6!SCO MMDF multiple buffer overflows
document Multiple buffer overflows.
 Whisper FTP buffer overflow
document Buffer overflow on oversized filename.

6!L2TPd buffer overflow

 CGI bugs
updated since 14.07.2004

8!Microsoft HTML Help buffer overflow
document Buffer overflow on CHM format parsing.
6!Microsoft Windows Task Scheduler buffer overflow
document Buffer overflow during .job files parsing.
6!4D Webstar multiple bugs
document Buffer overflow, information leakage, symbolic links.
6!PHP memory corruption
document Invalid exceptional conditions handling allows memory corruption leading to code execution.
6!IBM AIX Inventory Scout symbolic links problem
document Unsafe temporary dirs usage.
 Windows Shell file type spoofing
document By using class id in content-disposition it's possible ti spoof file type. Content-Disposition: attachment; filename=malware.{3050f4d8-98B5- 11CF-BB82-00AA00BDCE0B}fun_ball_gites_pie_throw%2Empeg"
 Microsoft Internet Information Server buffer overflow
document Buffer overflow on oversized URL to redirected site.
 Windows POSIX subsystem buffer overflow
document POSIX subsystem overflow allows privilege escalation.
 Mozilla crossite scripting
document By using local cache it's possible to access local files.
 PHP strip_tags protection bypass
document Insertion null character into tag allow protection bypass for few browsers.
 FoxMail buffer overflow
updated since 14.07.2004
document Buffer overflow on oversized From:
 Microsoft Outlook Express DoS
document Invalid mail headers processing.

6!Bugzilla multiple bugs
document SQL injection, shell escaping problems, information leakage.
 Adobe Acrobat Reader buffer overflow
document Buffer overflow on filename parsing.

6!Multiple bugs in Ethereal
updated since 31.05.2002
document DoS and buffer overflows on different protocols parsing.
 wvWare buffer overflow
document Buffer overflow on parsing MS Word document DateTime filed.

6!Mozilla Network Neighbourhood code execution
document By using shell:NETHOOD\ URL it's possible to execute file from any Network Neighbourhood host.
 Shorewall symbolic links problem
document Temporary files and directories are created in unsafe manner.
 Norton AntiVirus DoS
document Programs hangs with 100% on malcrafted executable file.
 SSLTelnet format string bug
document Format string on syslog() in ssltenetd SSL_set_verify().
 CGI bugs
updated since 05.07.2004

 Nokia 3560 DoS
document It;s possible to cause denial of service by sendimng malcrafted message.
 DiamondCS Process Guard protection bypass
document Untrusted process widh administrative permissions can disable protection system using direct memory access.
 Passid EasyDisk protection bypass
document If EasyDisk was accessed from same system in previous session, authentication is not required to access EasyDisk encrypted files after reboot.

6!Multiple browsers security dialogs race conditions
document By forcing user to type predictable characters, key sequences or mouse clicks it's possible to conduct situation user event will be received by shortly appeared security dialog (for example "Save file" dialog can apper then user is about to press Y key).

7!MySQL unauthorized access
document During password check length of the user-supplied password is used.
 XFree XDM TCP port protection bypass
document XDM will open TCP sockets for its chooser, even if the DisplayManager.requestPort setting is set to 0.
 Multiple Webmail systems crossite scripting
updated since 31.05.2004
document Crossite scripting via Content-Type.

6!Multiple Fastream Netfile bugs
document Directory traversal, DoS.
6!Enterasys XSR DoS
document Router crashes on packet with RR option.
 Linux Virtual Server procfs DoS
document Virtual machine users can change /proc permissions.
 Unreal ircd ip cloacking protection bypass
document To hide real IP hash of IP address with simple hashing algorithm is used.

7!Multiple linux kernel bugs
document chown: users can change the group affiliation of arbitrary files to the group they belong to, missing DAC check in chown(2): local privilege escalation, overflow with signals: local denial-of-service, pss, mpu401 sound driver: read/write to complete memory, airo driver: read/write to complete memory, ALSA: copy_from_user/copy_to_user confused, acpi_asus: read from random memory, decnet: write to memory without checking, e1000 driver: read complete memory
 Esearch symbolic links problem
document eupdatedb creates files in /tmp without checking for symbolic links.
 Multiple Netegrity products crossite scripting
document Web interface crossite scripting.
 IBM WebSphere Edge DoS
document Server crashes on incomlete HTTP request.
 CGI bugs
updated since 28.06.2004
 BrightMail information leak
document Message classified as SPAM are available without authentication.
 Dr.Web for OpenBSD failure
updated since 02.07.2004
document Small stack size causes daemon fail to start if LocalScan = no configured whth message stack overflow in function int scanMail(int, time_t *, int, int, const char *)

6!Wingate unauthorized access
document wingate-internal virtual deirectory of HTTP proxy server allows to download any file located on server.
 Domino Web Access DoS
document Message with large broken image causes server to crash on message reading.

6!FreeBSD Linux compatibility subsystem privilege escalation
document It's possible to access kernel memory via system calls.
6!Cisco Collaboration Server unauthorized access
document Unauthorized users can upload any file and gain administrative privileges
 Lotus Domino quota settings change
document By using IMPAP setquota command it's possible to change quota settings.
 HP-UX ObAM WebAdmin unauthorized access
 ZyXel Prestige 650 buffer overflow
document Buffer overflow on oversized password.

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod