30.12.2004 Detailed

7! Mozilla buffer overflow   Dynamic memory overflow on news:// URL. 6! QNX crttrap unauthorized file access   -c option can be user to read/write any file. 6! xine-lib buffer overflows updated since 19.08.2004   buffer overflow in the PNM, VCD and DVD handling code.

astats symbolic links problem   Symboli links problem on temporary files creation.

27.12.2004 Detailed

snort TCP options DoS updated since 27.12.2004   Invalid set of TCP options causes program to crash.

Crystal Enterprise report file crossite scripting   Crossite scripting with report files.

Linux kernel S/390 plafrom privilege escalation   SACF instruction usage is not limited to user.

Perl symbolic links race conditions   File::Path::rmtree unsecurely changes file permissions, creating race condiotns for symbolic links manipulation.

CleanCache protection bypass   "Secure file deletion" feature doesn't data wiping.

25.12.2004 Detailed

7! Multiple Linux kernel bugs updated since 15.12.2004   DoS, privilege escalation, buffer overflow on 32bit calls emulation under 64bit platforms.   YACY crossite scripting   Crossite scripting with diagnostic messages.   rpf multiple bugs updated since 24.12.2004   Buffer overflow, symboli links problem.

CGI bugs updated since 21.12.2004

24.12.2004 Detailed

9! Multiple Orcale bugs updated since 01.09.2004   Buffer overflows, DoS, SQL injections, etc. 6! Netscape Directory Server buffer overflow updated since 24.12.2004   LDAP buffer overflow. 6! SHOUTCast format string bug   Format string bug in filename.

6! Windows LoadImage integer overflow   Integer overflow on bitmap size calculation.

Tru64 TCP DoS

Linux kernel Capability LSM privilege escalation   Aplication started before module load have elevated privileges.

HP-UX SAM privilege escalation

Windows ANI files DoS   Installing ANI file with incorrect parameters causes syste, to freeze or crash.

telnetd-ssl format string bug

23.12.2004 Detailed

7! Multiple PHP bugs updated since 16.12.2004   Integer overflow leading to memory content leak, safe mode protection bypass, openlog() buffer overflow, etc. 6! Citrix Metaframe XP buffer overflow         SpySweeper privilege escalation   Privilege escalation with help subsystem.

Symantec Brightmail AntiSpam DoS   Large number of quarantined spam messages causes notifier service to crash.

LPRng symbolic links problem   Symbolic links problem in lprng_certs.sh.

debmake symbolic links problem   Invalid debstd temporary directories handling.

22.12.2004 Detailed

7! MIT Kerberos 5 buffer overflow   Buffer overflow on password history check during password change . 6! Multiple AIX bugs updated since 21.12.2004   lsmcode, diag_exec, invscout, invscoutd invoke external application with relative path, paginit - stack based buffer overflow.   Email Sanitizer DoS

Multiple JunkieFTP bugs   Shell characters problem. directory traversal.

Ultrix dxterm buffer overflow   setup flag buffer overflow.

21.12.2004 Detailed

Crystal FTP Pro buffer overflow   Buffer overflow on oversized file extension in directory listing.   WinRAR buffer overflow   Buffer overflow on file deletion.   My Firewall Plus privilege escalation   It's possible ot invoke external application with SYSTEM privileges via help subsystem.

HP-UX newgrp privilege escalation

Sun Java plugin privilege escalation updated since 23.11.2004   It's possible to access few internal classes.

18.12.2004 Detailed

6! NetBSD compat subsystems privilege escalation   Some emulated syscalls do insuficcient check for arguments.   Hitachi Cosminexus Web Contents Generator buffer overflow         Windows XP SP2 protection bypass   For dialup connection whole network of dynamic IP class is treated as local segment.

CGI bugs updated since 15.12.2004

17.12.2004 Detailed

8! Multiple Unix applications bugs updated since 16.12.2004   Different vulnerabilities in multiple applications. 8! Buffer overflow Novell Netmail updated since 15.07.2002   Multiple buffer overflows 7! Samba integer overflow updated since 16.12.2004

Multiple Ethereal bugs   Multiple protocol handling bugs leading to DoS.

Multiple Sun ONE bugs   Session ID disclosure, crossite scripting.

CA eTrust EZ weak permissions   Executables, including ones executed with System privileges are writable by users.

ISAKMPd/KAME/Racoon multiple bugs updated since 05.11.2003   Multiple bugs in RFC 2407-2409 realization.

16.12.2004 Detailed

6! Cisco Guard and Traffic Anomaly Detector default password   Default root password is used. 6! Cisco Unity default password   Few Accounts with default passwords.   FirstClass DoS   /Search requests flood causes server to fail.

vim privilege escalation   Icorrect modelines options handling.

3cdaemon buffer overflow   Buffer overflow on oversized TFTP filename.

Asante FM2008 backdoor account   Undocumented superuser/asante account.

Roxio Toast format string bug   TDIXSupport suid application format string bug.

RICOH Aficio DoS   Printer reboots on malcrafted ICMP packet.

15.12.2004 Detailed

7! Opera 7 multiple bugs updated since 04.02.2003   Crossite scripting (including local zone), local files access, mail access, user activity tracking, etc. Buffer overflow. Directory traversal. Files overwriting. Local files access with Location overwriting. Multiple Java bugs. 6! Multiple Microsoft Windows NT 4.0 DHCP bugs   DoS, buffer overflow. 6! Microsoft WordPad buffer overflow   Buffer overflow during Word 95/6.0 documents conversion.

6! Adobe Acrobat Readed buffer overflow   Buffer overflow in mailListIsPdf() function.

6! Multiple linux kernel IGMP processing bugs   DoS, kernel memory access.

6! Symantec LiveUpdate privilege escalation

6! Microsoft WINS server memory corruption updated since 29.11.2004   Bug in replication protocol handling allows code execution.

HyperTerminal buffer overflow   Buffer overflow on .ht files parsing.

Linux kernel __scm_send DoS   Race conditions leading to deadlock.

Multiple WinAmp memory corruptions   Multiple memory corruptions.

xzgv integer overflow   read_prf_file() integer overflow

14.12.2004 Detailed

IBM WebSphere information leak updated since 04.12.2004   It's possible to retrieve customers information.

13.12.2004 Detailed

6! Citadel/UX format string bug   Formatr stirng bug on syslog() call.   Netware screensaver protection bypass   By using debugging features it's possible to terminate screensaver process from console.

12.12.2004 Detailed

6! ProFTPD privilege escalation   Access privileges are not chacked for 'site chgrp' command.   mtr buffer overflow   Off-by-one overflows during keycode handlings.

11.12.2004 Detailed

CGI bugs updated since 06.12.2004

09.12.2004 Detailed

6! Solaris in.rwhod privilege escalation         squid information leak   Reply to malformed request may contain random data from process memory.   CA Unicenter privilege escalation

Novell NetMail default credentials   Default NMAP credentials are not changed after installation.

SharePoint information leak   During installation text file with cleartext password is created in world readable folder.

08.12.2004 Detailed

Microsoft Internet Explorer sysimage: information leak   By using sysimage: URL it's possible to check local file existance.   Adobe version cue privilege escalation   External application invoked with relative path.

07.12.2004 Detailed

mirrorselect symbolic links problem   Symlink problem on temporary files creation.

06.12.2004 Detailed

6! Mozilla and Opera information leak updated since 02.12.2004   By using local_files object it's possible to obtain local files list. Under some conditions it' possible ot retrieve file content.

04.12.2004 Detailed

AIX Object Data Manager DoS         Apple Darwin Streaming Server NULL pointer DoS   Null pointer reference in DESCRIBE command.   hpsockd buffer overflow

rssh/rcponly protection bypass   Restricted application can be executed with command line of allowed application.

CGI bugs updated since 29.11.2004

02.12.2004 Detailed

7! Microsoft Internet Explorer buffer overflow updated since 03.11.2004   Buffer overflow in FRAME and IFRAME tags parameters. 6! Solaris ping buffer overflow         Cisco CNS Network Registrar DoS   Invalid packets sequence causes CPU exhaustion or crash.

nfs statd DoS   Client connection termination causes server to shutdown.

FreeBSD procfs information leak   Kernel memory disclosure, DoS.

Multiple Mercury/32 buffer overflows   Multiple overflows in IMAP commands.