29.11.2003 Detailed

6! Applied Watch protection bypass   It's possible to add new users or IDS rules without authentication.   CGI bugs updated since 25.11.2003         Internet explorer (and others) CA certificate attack updated since 15.08.2002   For intermediate CA only signature is checked, missed check for basic constaint allows to use any valid certificate as CA certificate.

28.11.2003 Detailed

GNU screen integer overflow   Integer overflow leads to buffer overflow if over 2Gb of data is sent to screen.

bind negative response cache poisoning   By spoofing negative reply it's possible to DoS name resolution while spoofed reply doesn't expire from cash.

27.11.2003 Detailed

GnuPG weak ElGamal implementation   It's possible to compromise private key is ElGamal key is used.

26.11.2003 Detailed

6! pam_smb, pam_ntdom buffer overflow updated since 11.09.2000   Buffer overflow on oversized username.   Thomson TCM315, 510 DoS updated since 25.11.2003   Oversized request to HTTP interface leads to buffer overflow.

25.11.2003 Detailed

epic buffer overflow   DoS on oversized CTCP nickname.   Pan DoS   DoS on reading article with oversized header.   stunnel file descriptors leak updated since 04.09.2003   Child process has access to critical descriptors.

DoS против IPRoutes (packet flood) updated since 06.12.2001

22.11.2003 Detailed

OpenBSD semaphores DoS   DoS on large number of sequential calls to semop() with differen semids.   CGI bugs updated since 17.11.2003         IP address leak in MSN messanger   With filte transfer requests it's possible to determine user IP.

21.11.2003 Detailed

7! Multiple bugs in linux kernel updated since 15.05.2003   new kernel version fixes DoS in TCP/IP stack (by isuing amount of packets with same hash value) and privelege escalation in ioperm() call. mxcsr CPU state modification, TTY level DoS, multiple etherleaks. 6! Multiple RADIUS servers and clients bugs updated since 04.03.2002   Different bugs during RADIUS packets parsing.   Sybase ASE DoS   Server DoS during user logon with invalid 'remote password array' parameter.

sircd privelege escalation   User can give operator's rights to himself.

20.11.2003 Detailed

OpenBSD sysctl DoS         HP-UX dtmailpr buffer overflow   Buffer overflow on oversized DISPLAY variable.   SharePoint administration interface unauthorized access   Page with authentication request contains private information.

Effect Office buffer overflow   Buffer overflow on few strings sent to TCP/56004.

Yak! unauthorized access updated since 13.09.2003   FTP server is launched with default password.

MacOS X privilege escalation   If short after sudo command computer was switched to sleep mode, it's still possible to use elevated privileges immediately after turning on again.

19.11.2003 Detailed

7! OpenBSD DoS and buffer overflow updated since 05.11.2003   NULL pointer is possible on executable file parsing. In case patches against this vulnerability are installed there is a new vulnerability with kernel mode buffer overflow. 6! Kerio Winroute firewall account information leak   If proxy authorization is used authentication information is not stripped from browser's request.   Apple Safari cookir informatio leak

Half Life information leak   If server download is allowed it's possible to download server configuration files.

18.11.2003 Detailed

6! sqwebmail unauthorized access   Session hijacking via Referer is possible.

17.11.2003 Detailed

7! Multiple SAPDB bugs   Local privelege escalation via DLL spoofing in working directory, remote buffer overflow, multiple web-tools issues. 6! minimalist code execution         NetServe buffer overflow   Directory traversal, configuration access.

PostMaster crossite scripting   Crossite scripting on errorpage.

15.11.2003 Detailed

CVS directory traversal updated since 15.12.2003         zebra DoS updated since 13.11.2003   Few bugs with DoS conditions.   CGI bugs updated since 10.11.2003

14.11.2003 Detailed

6! Planet switches unauthorized access updated since 10.10.2003   There is a backdoor account 'superuser' with 'planet' password via any VLAN.   WebWacher crossite scripting         Symantec pcAnywhere privelege escalation   It's possible to obtains system account privileges via help.

13.11.2003 Detailed

7! Multiple bugzilla bugs updated since 30.08.2001   Multiple bugs are fixed during audit 6! clamav format string bug   Format string bug in e-mail address during syslog() call. 6! UnixWare privilege escalation   Problems with procfs lead to local privilege escalation.

6! IBM AIX libIM buffer overflow updated since 14.02.2003   Buffer overflow on NLS functions.

Nokia IPSO crossite scripting   Crossite scripting in web administration interface.

HP-UX Software Distributor buffer overflow   Buffer overflow on LANG variable parsing.

GAIM information leak   IRC plugins registers user's IP and accoun.

Eudora buffer overflow   Buffer overflow during "reply to all" on oversized From: and Reply-To: of original message.

Multiple peoplesoft bugs

Hylafax format string bug

xinetd memory leak DoS updated since 19.04.2003   144 bytes are leaked on unsuccessful connection.

12.11.2003 Detailed

9! Lanman workstation buffer overflow   Buffer overflow during service network messages processing. 7! Microsoft Internet Explorer crossite scripting   Few vulnerabilities allow scripting in local zone. 6! Microsoft Office 2000 Macros parsing buffer overlofw updated since 10.10.2003   Buffer overflow on oversized Macros name.

Microsoft Frontpage Server buffer overflow   Buffer overflow in remote debugging interface.

10.11.2003 Detailed

8! Internet explorer HTML embedded .exe file code execution updated since 26.02.2003   By combining Content-Location: file:///xxx.exe with codebase property of <object> tag it's possible to execute .exe file embedded into HTML. 6! Multiple Ethereal bugs   Multiple bugs including remote buffer overflow. 6! Oracle SQL injection   Multiple SQL injection bugs in differenc components.

libXcursor buffer overflow   Buffer overflow on HOME environment parsing.

gandlia DoS   DoS on packet parsing.

TelCondex SimpleWebserver directory traversal   Directory traversal with .../

05.11.2003 Detailed

Liteserve buffer overflow   Buffer overflow in logging.   NIPrint multiple bugs   Remote buffer overflow, help access with local system.   CGI bugs updated since 03.11.2003

03.11.2003 Detailed

6! Microsoft internet explorer local files access updated since 27.10.2003   Redirection with Location: file:/// allows to open local file in known location. Macromedia flash allows to store HTML text in known file. 6! Buffer overflow in VMware GSX updated since 25.07.2002   Buffer overflow during user's authentication.   Choutcast buffer overflow   Buffer overflow on oversized icy-name and icy-url parameters.

Multiple unichat bugs

Citrix Metaframe crossite scripting   login.asp crossite scripting.

Multiple jre/jdk installation symbolic link bugs

Webweaver DoS   Large number of data in GET request causes server to crash.

MacOS X privilege escalation   There are conditions it's possible to obtains local root access having access to USB keyboard during boot process.

tHTTPd directory traversal updated since 03.11.2003   If virtual hosts are usid it's possible to traverse directories with ../ in Host: header.

IA WebMail buffer overflow   Stack overflow on oversized HTTP GET request.

Plug & Play Web Server multiple bugs updated since 19.09.2003   Directory traversal, DoS.

Memory leak DoS in EServ updated since 12.05.2003   On every connection few Kb of memory are reserver and never free'd back.

SHOUTcast Server buffer overflow updated since 13.08.2001   buffer overflow on long User-Agent HTTP header in admin.cgi and in processing of internal administration protocol.