Computer Security
[EN] no-pyccku

7!Mozilla buffer overflow
document Dynamic memory overflow on news:// URL.
6!QNX crttrap unauthorized file access
document -c option can be user to read/write any file.
6!xine-lib buffer overflows
updated since 19.08.2004
document buffer overflow in the PNM, VCD and DVD handling code.
 astats symbolic links problem
document Symboli links problem on temporary files creation.

 snort TCP options DoS
updated since 27.12.2004
document Invalid set of TCP options causes program to crash.
 Crystal Enterprise report file crossite scripting
document Crossite scripting with report files.
 Linux kernel S/390 plafrom privilege escalation
document SACF instruction usage is not limited to user.
 CleanCache protection bypass
document "Secure file deletion" feature doesn't data wiping.

7!Multiple Linux kernel bugs
updated since 15.12.2004
document DoS, privilege escalation, buffer overflow on 32bit calls emulation under 64bit platforms.
 YACY crossite scripting
document Crossite scripting with diagnostic messages.
 rpf multiple bugs
updated since 24.12.2004
document Buffer overflow, symboli links problem.
 CGI bugs
updated since 21.12.2004

9!Multiple Orcale bugs
updated since 01.09.2004
document Buffer overflows, DoS, SQL injections, etc.
6!Netscape Directory Server buffer overflow
updated since 24.12.2004
document LDAP buffer overflow.
6!SHOUTCast format string bug
document Format string bug in filename.
6!Windows LoadImage integer overflow
document Integer overflow on bitmap size calculation.
 Tru64 TCP DoS
 Linux kernel Capability LSM privilege escalation
document Aplication started before module load have elevated privileges.
 HP-UX SAM privilege escalation
 Windows ANI files DoS
document Installing ANI file with incorrect parameters causes syste, to freeze or crash.
 telnetd-ssl format string bug

7!Multiple PHP bugs
updated since 16.12.2004
document Integer overflow leading to memory content leak, safe mode protection bypass, openlog() buffer overflow, etc.
6!Citrix Metaframe XP buffer overflow
 SpySweeper privilege escalation
document Privilege escalation with help subsystem.
 Symantec Brightmail AntiSpam DoS
document Large number of quarantined spam messages causes notifier service to crash.
 LPRng symbolic links problem
document Symbolic links problem in
 debmake symbolic links problem
document Invalid debstd temporary directories handling.

7!MIT Kerberos 5 buffer overflow
document Buffer overflow on password history check during password change .
6!Multiple AIX bugs
updated since 21.12.2004
document lsmcode, diag_exec, invscout, invscoutd invoke external application with relative path, paginit - stack based buffer overflow.
 Email Sanitizer DoS
 Multiple JunkieFTP bugs
document Shell characters problem. directory traversal.
 Ultrix dxterm buffer overflow
document setup flag buffer overflow.

 Crystal FTP Pro buffer overflow
document Buffer overflow on oversized file extension in directory listing.
 WinRAR buffer overflow
document Buffer overflow on file deletion.
 My Firewall Plus privilege escalation
document It's possible ot invoke external application with SYSTEM privileges via help subsystem.
 HP-UX newgrp privilege escalation
 Sun Java plugin privilege escalation
updated since 23.11.2004
document It's possible to access few internal classes.

6!NetBSD compat subsystems privilege escalation
document Some emulated syscalls do insuficcient check for arguments.
 Hitachi Cosminexus Web Contents Generator buffer overflow
 Windows XP SP2 protection bypass
document For dialup connection whole network of dynamic IP class is treated as local segment.
 CGI bugs
updated since 15.12.2004

8!Multiple Unix applications bugs
updated since 16.12.2004
document Different vulnerabilities in multiple applications.
8!Buffer overflow Novell Netmail
updated since 15.07.2002
document Multiple buffer overflows
7!Samba integer overflow
updated since 16.12.2004
 Multiple Ethereal bugs
document Multiple protocol handling bugs leading to DoS.
 Multiple Sun ONE bugs
document Session ID disclosure, crossite scripting.
 CA eTrust EZ weak permissions
document Executables, including ones executed with System privileges are writable by users.
 ISAKMPd/KAME/Racoon multiple bugs
updated since 05.11.2003
document Multiple bugs in RFC 2407-2409 realization.

6!Cisco Guard and Traffic Anomaly Detector default password
document Default root password is used.
6!Cisco Unity default password
document Few Accounts with default passwords.
 FirstClass DoS
document /Search requests flood causes server to fail.
 vim privilege escalation
document Icorrect modelines options handling.
 3cdaemon buffer overflow
document Buffer overflow on oversized TFTP filename.
 Roxio Toast format string bug
document TDIXSupport suid application format string bug.
 RICOH Aficio DoS
document Printer reboots on malcrafted ICMP packet.

7!Opera 7 multiple bugs
updated since 04.02.2003
document Crossite scripting (including local zone), local files access, mail access, user activity tracking, etc. Buffer overflow. Directory traversal. Files overwriting. Local files access with Location overwriting. Multiple Java bugs.
6!Multiple Microsoft Windows NT 4.0 DHCP bugs
document DoS, buffer overflow.
6!Microsoft WordPad buffer overflow
document Buffer overflow during Word 95/6.0 documents conversion.
6!Adobe Acrobat Readed buffer overflow
document Buffer overflow in mailListIsPdf() function.
6!Multiple linux kernel IGMP processing bugs
document DoS, kernel memory access.
6!Symantec LiveUpdate privilege escalation
6!Microsoft WINS server memory corruption
updated since 29.11.2004
document Bug in replication protocol handling allows code execution.
 HyperTerminal buffer overflow
document Buffer overflow on .ht files parsing.
 Linux kernel __scm_send DoS
document Race conditions leading to deadlock.
 Multiple WinAmp memory corruptions
document Multiple memory corruptions.
 xzgv integer overflow
document read_prf_file() integer overflow

 IBM WebSphere information leak
updated since 04.12.2004
document It's possible to retrieve customers information.

6!Citadel/UX format string bug
document Formatr stirng bug on syslog() call.
 Netware screensaver protection bypass
document By using debugging features it's possible to terminate screensaver process from console.

6!ProFTPD privilege escalation
document Access privileges are not chacked for 'site chgrp' command.
 mtr buffer overflow
document Off-by-one overflows during keycode handlings.

 CGI bugs
updated since 06.12.2004

6!Solaris in.rwhod privilege escalation
 squid information leak
document Reply to malformed request may contain random data from process memory.
 CA Unicenter privilege escalation
 Novell NetMail default credentials
document Default NMAP credentials are not changed after installation.
 SharePoint information leak
document During installation text file with cleartext password is created in world readable folder.

 Microsoft Internet Explorer sysimage: information leak
document By using sysimage: URL it's possible to check local file existance.
 Adobe version cue privilege escalation
document External application invoked with relative path.

 mirrorselect symbolic links problem
document Symlink problem on temporary files creation.

6!Mozilla and Opera information leak
updated since 02.12.2004
document By using local_files object it's possible to obtain local files list. Under some conditions it' possible ot retrieve file content.

 AIX Object Data Manager DoS
 Apple Darwin Streaming Server NULL pointer DoS
document Null pointer reference in DESCRIBE command.
 hpsockd buffer overflow
 rssh/rcponly protection bypass
document Restricted application can be executed with command line of allowed application.
 CGI bugs
updated since 29.11.2004

7!Microsoft Internet Explorer buffer overflow
updated since 03.11.2004
document Buffer overflow in FRAME and IFRAME tags parameters.
6!Solaris ping buffer overflow
 Cisco CNS Network Registrar DoS
document Invalid packets sequence causes CPU exhaustion or crash.
 nfs statd DoS
document Client connection termination causes server to shutdown.
 FreeBSD procfs information leak
document Kernel memory disclosure, DoS.
 Multiple Mercury/32 buffer overflows
document Multiple overflows in IMAP commands.

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod