30.12.2003 Detailed

Jordan's Windows Telnet server buffer overflow   Buffer overflow during authentication.   MDaemon buffer overflow   Buffer overflow if FROM2Raw.exe CGI is used.   NetObserve protection bypass   It's possible to bypass web authentication by using Cookie: login=0.

29.12.2003 Detailed

Landesk Management Suite buffer overflow   Buffer overflow in IRCRBOOT.DLL ActiveX component.

27.12.2003 Detailed

PServ directory traversal   With // it's possible to traverse webroot.   CGI bugs updated since 22.12.2003

26.12.2003 Detailed

SquirrelMail shell characters command execution   Uncommented shell characters in parsing To: headers in PGP plugin.

22.12.2003 Detailed

tcpdump L2TP DoS   L2TP packet containing 0xff,0x02 bytes causes parser to enter an infinite loop.   Xerox Document Centre multiple bugs   Directory traversal, cleartext passwords, etc.   SpeakFreely DoS   DoS on GIF processing in "Show your face" functionality.

SpeakFreely DoS updated since 22.09.2003   Program crashes on receiving large number of small packets.

19.12.2003 Detailed

Cyberguard crossite scripting   Crossite scripting on 501 error.

18.12.2003 Detailed

SARA crossite scripting   Crossite scripting on displaying remote sustem scan results.

17.12.2003 Detailed

Apache local buffer overflow   Buffer overflow on parsing regular expressions in .htaccess.

16.12.2003 Detailed

6! MacOS X cd9660.util buffer overflow   Buffer overflow on command line parsing. 6! Cyrus IMSP buffer overflow   Buffer overflow in multiple commands.   DameWare Mini Remote Control buffer overflow   Buffer overflow during NTLM authentication.

15.12.2003 Detailed

7! Multiple bugs in Internet Explorer updated since 11.09.2003   Crossite scripting via Find dialog, location/refresh, NavigateAndFind, file:javascript:, click to drug-n-drop spoofing, src URL spoofing, BaseRef spoofing, etc. 6! Multiple mIRC bugs updated since 14.10.2003   Buffer overflow on processing irc:// URL, DoS on DCC processing.   Multiple Cisco FWSM bugs   SNMPv3 message causes device to reboot, buffer overflow on RADIUS and TACACS authentication.

Multiple IKE bugs   Type of cerificate is not checked. If XAUTH if used in IKE phase I, it's possible to user proxy attack for challenge-response based authentication.

Cisco PIX multiple bugs   SNMPv3 message causes device to reboot. If device is configured as VPN client and another VPN client connects IPSec tunnel may be broken during IKE phase.

Doro privilege escalation   It's possible to access any file or pipe with local system privileges.

ltftp buffer overflow   Buffer overflow on 'ls' reply.

irssi DoS   It's possible to insert formatting commands into messages text.

CGI bugs updated since 15.12.2003

Multiple Cisco PIX bugs updated since 22.11.2002   Multiple bugs during authentication processing.

13.12.2003 Detailed

Multiple Vendor SOAP server DoS updated since 10.12.2003   Oversized XML request causes CPU consumption.

11.12.2003 Detailed

6! Cisco ACNS buffer overflow   Buffer overflow on oversized password. 6! Sybase Anywhere multiple bugs   Buffer overflows, format string bugs, etc in multiple SQL functions.   sipD DoS   Because of insufficient check of gethostbyname_r results is's possible to crash service with unresolvable hostname.

Multiple NetGear WAB 102 bugs   It's possible to access device with any password containing space, device resets to default password on reboot, information is leaked about wireless devices.

Cisco Unity multiple bugs   Local account with predefined passsword, server awaits for connection from statically compiled address. etc/

CGI bugs updated since 02.12.2003

09.12.2003 Detailed

Multiple @Mail bugs   SQL injection, user folders access.   Symbolic links problem in cdwrite   Temporary files are created in insecure manner.   Yahoo messanger crossite scripting   By using ymsgr: it's possible to inject javascript.

Webeye unauthorized access   It's possible to retrieve full usernames/passwords list

AppleShare IP FTP DoS   RMD / causes service to hang.

Multiple ez bugs   Multiple buffer overflows in exnet.exe

SNAP Innovation's PrimeBase Database 4.2 multiple bugs updated since 07.10.2003   Symbolic links problem, weak executables permissions.

Abyss webserver FAT partition protection bypass   Under linux, it's possible to access protected located on FAT partition by appending dot to filename.

05.12.2003 Detailed

6! ebloa buffer overflow   Buffer overflow on oversized password. 6! rsync buffer overflow   Heap overflow.

04.12.2003 Detailed

eZphotoshare buffer overflow   Buffer overflow on oversized GET request.

03.12.2003 Detailed

GnuPG HKP interface format string bug   Format string bug during keys retrieval from server.   IBM Directory Server crossite scripting   Crossite scripting in web managment interface.   Net-SNMP information leak   With knowledge of any community it's possible to gain access to all MIB objects.

Cisco WEP key leak via SNMP trap   SNMP trap message contains key information.

02.12.2003 Detailed

8! Linux kernel do_brk() privilege escalation   Function may be used for allocation virtual memory exceeding user accessible memory limit, givin access to kernel internal structures.   Multiple bugs in FortiGate updated since 03.10.2003   Multiple bugs in web interface.