29.08.2003 Detailed

7! pam_smb buffer overflow   Buffer overflow on user authentication.   Multiple node bugs   Buffer overflows, format string bugs.

28.08.2003 Detailed

Buffer overflow in gtkftpd   Buffer overflow in LIST command

27.08.2003 Detailed

9! Real Server/Helix Universal Server array overflow   Pointers array overflow leads to remote root code execution.   widz uncommented shell characters   Uncommented shellc characters on system() call.   SNMPc information leak   On unauthorized user's requests server leaks users information incliduing passwords.

CGI bugs updated since 26.08.2003

26.08.2003 Detailed

Sendmail DNS DoS   Uninitialized pointer causes DoS conditions on bogus DNS reply.

22.08.2003 Detailed

vpop3 DoS   Oversized username causes service to crash.   WapServ DoS   Sending invalid data to service port causes service to crash.   Avant Browser buffer overflow   Buffer overflow on oversized URL.

GDM symbolic links problem   .xsession-errors file in user's home is open with root permissions without checking for symlinks.

srcpd multiple bugs   Buffer overflows, integer overflows.

CGI bugs updated since 18.08.2003

20.08.2003 Detailed

6! emule/xmule/lmule multiple bugs   Multiple bugs including format string and buffer overflows. 6! PHP Authentication Suit for DreamWeaver multiple bugs updated since 05.08.2003   Crossite scripting PHP injection.   Piolet DoS   Connection flood to TCP/701 causes program to crash.

Entropy sources information leakage   Entropy sources can be used for keystrokes timing attack.

OpenSLP symbolic links problem   Symbolic links problem during temporary files creation.

18.08.2003 Detailed

6! Dropbear SSH Server format string bug   Format string bug on syslog() call;

14.08.2003 Detailed

7! Multiple bugs in ActiveX components updated since 20.08.2002   Local files access in applet com.ms.xml.dso.XMLDSO.class and XMLHTTPConnection ActiveX, buffer overflow in xweb.ocx ActiveX (Microsoft DirectX Files Viewer), TSAC and File Transfer Manager (FTM) ActiveX.   Netris buffer overflow   Multiple buffer overflows   CiscoWorks unauthorized access   It's possible to obtain administrative access with guest account.

CGI bugs updated since 12.08.2003

12.08.2003 Detailed

FreeBSD signal DoS   ptrace and spigot device allow to generate signal with negative or out of range valur leading to system panic.

10.08.2003 Detailed

6! MDaemon protection bypass   Empty password allows to bypass SMTP authentication.   pam-pgsql format string bug   Format string bug in username.   iPlanet Administration Server directory traversal   Directory traversal during log view with %2f.. .

Cisco IOS UDP echo information leak   Reply to UDP echo requests contain trffic data from memory.

Cisco IOS HTTP buffer overflow   Buffer overflow on GET request over 2 GB.

CGI bugs updated since 30.07.2003

08.08.2003 Detailed

7! MacOS X privilege escalation   Network traffic sniffing via IPNetMonitorX, format string bug in PNetSentryX.   VMWare unauthorized access   WMVare unprivileged access   Cisco CSS 11000 Series DoS   SYN flood causes device to reboot.

07.08.2003 Detailed

D-Link 704 DoS   Web-interface oversized requests DoS.   Crob FTP server format string bug   Multiple FTP commands format string bug.   eroaster symbolic links bug   Temporary file symbolic links problem.

06.08.2003 Detailed

6! Windows drivers privilege escalation updated since 04.08.2003   During access to driver memory range for input/output buffers is not checked.   IBM DB2 privilege escalation   db2job allows to write any file.

05.08.2003 Detailed

6! wget buffer overflow   Buffer overflow on oversized URL.   Password Safe information leak   Cleartext password could be found in memory.   NetBSD OSI protocol DoS   Delivery error packet generation problem.

04.08.2003 Detailed

6! Compaq HTTP server format string bug   Insight Management Agent format string bug during processing of HTTP request.   Multiple xfstt bugs   Buffer overflows, memory regions reading.   Multiple atari800 bugs   Multiple buffer overflows.

IIS Shield DoS   Specific HTTP request causes DoS.

cdrtools privilege escalation   rscsi utility allows unprivileged user to overwrite any file.

Postfix DoS   NULL pointer reference during address parsing, bounce portscanning via specially crafted address..

Multiple NetFilter bugs   Multiple bugs causing DoS.

01.08.2003 Detailed

7! Multiple McAfee ePolicy Orchestrator bugs   Buffer overflows, format string bugs, MSDE is installed in insecure configuration.   NetScreen DoS   DoS on incorrect TCP options.   Trillian DoS   NULL pointer reference on large number of ctcp reply packets.

Novell groupwise cleartext passwords   Passwords are logged to file in cleartext.