 |
|
|
|
Dr.Web for OpenBSD failure
updated since 02.07.2004 | | Published: |  | 03.07.2004 | | Source: |  | SECURITYFOCUS | | SecurityVulns ID: |  | 3809 | | Type: |  | remote | | Level: |  | 3/10 | | Description: |  | Small stack size causes daemon fail to start if LocalScan = no configured whth message stack overflow in function int scanMail(int, time_t *, int, int, const char *) |
| Multiple linux kernel bugs | | Published: | | 03.07.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3810 | | Type: | | local | | Level: | | 7/10 | | Description: | | chown: users can change the group affiliation of arbitrary files to the group they belong to, missing DAC check in chown(2): local privilege escalation, overflow with signals: local denial-of-service, pss, mpu401 sound driver: read/write to complete memory, airo driver: read/write to complete memory, ALSA: copy_from_user/copy_to_user confused, acpi_asus: read from random memory, decnet: write to memory without checking, e1000 driver: read complete memory
|
| IBM WebSphere Edge DoS | | Published: | | 03.07.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3811 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Server crashes on incomlete HTTP request. |
| BrightMail information leak | | Published: | | 03.07.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3812 | | Type: | | remote | | Level: | | 4/10 | | Description: | | Message classified as SPAM are available without authentication. |
| Multiple Netegrity products crossite scripting | | Published: | | 03.07.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3813 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Web interface crossite scripting. |
| Esearch symbolic links problem | | Published: | | 03.07.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3815 | | Type: | | local | | Level: | | 5/10 | | Description: | | eupdatedb creates files in /tmp without checking for symbolic links. |
CGI bugs
updated since 28.06.2004 | | Published: | | 03.07.2004 | | Source: | | | | SecurityVulns ID: | | 3792 | | Type: | | remote | | Level: | | 5/10 |
| Original document |  | Donato Ferrante, Multiple Vulnerabilities in Easy Chat Server 1.2 (03.07.2004) |
| | | Donato Ferrante, [Full-Disclosure] XSS in SCI Photo Chat Server 3.4.9 (02.07.2004) |
| | | Manip, [Full-Disclosure] Centre 1.0 PHP injection, bypass authentication + possible SQL injection. (02.07.2004) |
| | | Nasir Simbolon, php codes injection in phpMyAdmin version 2.5.7. (30.06.2004) |
| | | SECURITEAM, [UNIX] Artmedic Links File Inclusion Vulnerability (29.06.2004) |
| | | SECURITEAM, [NT] Cart32 Cross-Site Scripting (29.06.2004) |
| | | DarkBicho, Full path disclosure csFAQ (29.06.2004) |
| | | DarkBicho, [Full-Disclosure] Multiple vulnerabilities PowerPortal (28.06.2004) |
| | | DarkBicho, [Full-Disclosure] Cross-Site Scripting CuteNews (28.06.2004) |
| | | D'Amato Luigi, [Full-Disclosure] ZH2004-14SA (security advisory):Sql Injection in Infinity WEB (28.06.2004) |
D-Link DI-624/NetworkEverywhere NR041 crossite scripting
updated since 03.07.2004 | | Published: | | 27.08.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3814 | | Type: | | remote | | Level: | | 4/10 | | Description: | | Information from DFHCP request is shown on web administration page without filtering. |
|
|
|
|
|
|
|
|
