30.11.2004 Detailed

6! WS_FTP Server buffer overflow adn backdor updated since 05.11.2001   Buffer overflow in STAT and another commands. Built-in user accaount XXSESS_MGRYY with password X#1833 allows command execution on server.   Jana Server DoS   % character in request is handled incorrectly.   FreeImage buffer overflow   Buffer overflow on interleaved bitmaps processing.

MDaemon privilege escalation   It's possible to run application with LocalSytem privileges.

Buffer overflow in CuteFTP updated since 05.01.2003   Buffer overflow on oversized server banner or reply.

29.11.2004 Detailed

KDE SMB share link cleartext password   SMB password is stored cleartext if desktop shortcut is created.

27.11.2004 Detailed

7! Buffer overflow in multiple RADIUS implementations updated since 06.07.2001   Multiple buffer overflows 6! MailEnable buffer overflow   Buffer overflow on oversized IMAP command.   BNC password protection bypass   It's possible to connect with invalid password.

CGI bugs updated since 22.11.2004

25.11.2004 Detailed

CMailServer multiple bugs   Buffer overflow, SQL injection, crossite scripting.

24.11.2004 Detailed

6! jabberd buffer overflow   Buffer overflow on oversized username.   WinFTP weak encryption   Cleartext passwords are stored in the world readable file.   Open Dc Hub buffer overflow updated since 24.11.2004   Buffer overflow on ForceMove command processing.

PrevX protection bypass   Protection can be bypassed by direct physical memory access.

Fastream DoS   HEAD command socket leak.

SecureCRT command execution   Unsafe telnet: protocol handling.

ZyXEL Prestige 650 unauthorized access   It's possible remotely reload router's configuration with /rpFWUpload.html.

WeOnlyDo!/CoffeeCup FTP buffer overflow   Buffer overflow during server reply parsing.

22.11.2004 Detailed

Sacred DoS   Server doesn't have connection timeout and doesn't support more than 17 connections.   TC-IDE unfiltered shell characters problem   Shell characters filtering problem on external program execution in multiple utilities.   Altiris AClient privilege escalation   It's possible to execute external application with local system privileges.

Mailtraq privilege escalation   It's possible to execute external application with LocalSystem account.

Timbuktu DoS updated since 21.01.2002   Large number of connections causes service to crash.

Danware NetOp information leak   System information leak.

19.11.2004 Detailed

DMS POP3 Server buffer overflow   Buffer overflow on oversized username.   CGI bugs updated since 15.11.2004

18.11.2004 Detailed

FreeBSD fetch integer overflow   Interger overflow on HTTP headeres parsing.   GIMPS, SETI@home, ChessBrain weak permissions   Unprivileged user's file are executed with superuser privileges.   CScope symbolic links problem   Symlink problem on temporary files.

Multiple Linux smbfs bugs   Multiple bugs on parsing server replies.

16.11.2004 Detailed

Skype buffer overflow   callto: URL buffer overflow   SAMBA buffer overflow updated since 15.11.2004   By setting small buffer in TRANSACT2_QFILEPATHINFO it's possible to cause dynamic memory buffer overflow on oversized path.

15.11.2004 Detailed

NetNote DoS   Malcrafted string to TCP/6123 causes program to crash.   Webroot Spy Sweeper weak encryption   Password is stored in registry uencrypted.   Attachment spoofing code execution in Eudora updated since 28.05.2003   If "attach" and "attach.exe" co-exist in message and "attach" is clicked, "attach.exe" will be silently executed instead.

Internet Explorer cookie spoofing   Under certain conditions it's possible to change cookie path.

13.11.2004 Detailed

7! Cisco Security Agent buffer overflow   Race conditions leading to buffer overflow.   unarj buffer overflow   Buffer overflow on oversized archive filename.   CGI bugs updated since 10.11.2004

Pavuk buffer overflow updated since 27.07.2004   Buffer overflow on parsing digest authentication.

11.11.2004 Detailed

8! Multiple MIT Kerberos bugs updated since 01.09.2004   Multiple double free() problems, DoS. 6! Cisco IOS DHCP DoS   Malcrafted packet blocks input queue.   Sun ONE Messaging Server session hijacking   Webmail sessions hijacking.

SQLGrey SQL injection   SQL injectiuon with sender/recepient e-mails.

Samhain privilege escalation   Privilege escalation if "-t update" option is used.

CCProxy buffer overflow   Buffer overflow on oversized URL.

ez-ipupdate format string bug

BNC buffer overflow   Buffer overflow on server response parsing.

Nortel Contivity VPN information leak   Messages for wrong username and wrong password are different.

HP PSC 2510 unauthorized access   Device can be anonymously accessed via FTP.

04WebServer multiple bugs updated since 11.11.2004   Crossite scripting, DOS device access.

RealVNC DoS updated since 30.08.2004   More than 60 concurrent TCP connections causes server to crash.

10.11.2004 Detailed

6! Kerio Firewall DoS   Problem with IP options processing allow to crash firewall with single packet.   Samba DoS   Accessing directory with large number of '*' in the name lead to smbd CPU exhastion.   mtink symbolic links problem   Symboli links problem on temporary files creation.

Microsoft ISA 2000 DNS cache poisoning   Content spoofing by DNS cache poisoning.

09.11.2004 Detailed

MiniShare buffer overflow   Buffer overflow on oversized request URI.   Ruby DoS updated since 09.11.2004   Malcrafted request to CGI module leads to infinite loop.   up-imapproxy multiple bugs   Signed/unsigned conversion and memory management bugs.

Java InitialDirContext DoS   Integer overflow on large number of name resolutions.

FreeAmp buffer overflow   Buffer overflow on playlist parsing.

Gentoo symbolic links problem   dispatch-conf and dpkg symbolic links problem.

Microsoft Internet Explorer information leak   It's possible to check file existance in the standard folder.

08.11.2004 Detailed

602 Lan Suit DoS   Multiple resources consuption DoS conditions.

06.11.2004 Detailed

6! DHCP format tring bug   Format string bug via DNS name on syslog() call.   CGI bugs updated since 01.11.2004

04.11.2004 Detailed

Info-Zip buffer overflow   Buffer overflow on oversized path file comperssing.

03.11.2004 Detailed

6! Cisco Secure ACS protection bypass   IF EAP-TLS is used validity of ceritifcation agency is not checked.   HP OpenView Operations privilege escalation         proxytunnel format string bug   Format string bug on syslog().

Speedtouch USB driver for linux format string bugs   Format string bug on syslog() call.

WinRAR code execution   Undisclosured bug on archive repair.

lvm symbolic links   Incorrect temporary directory creation in lvmcreate_initrd и davfs2.

02.11.2004 Detailed

7! Internet Explorer HTML Help Control ActiveX crossite scripting   By clicking control element, it's possible to activate script in context of different site or local system.   Cherokee formatstring bug updated since 21.04.2004   Format string bug on syslog() call and gile logging in NCSA format, cherokee_logger_ncsa_write_string().

01.11.2004 Detailed

6! Linux iptables logging DoS   integer overflow causes kernel crash if logging is enabled. 6! Sun Java System Web Proxy Server buffer overflow         Caudium DoS   Malfromed HTTP request causes server to crash.

Multiple Chesapeake TFTP Server bugs   Directory traversal, DoS.

bogofilter DoS   Problems with quoted-printable encoding parsing.