Antiviral protection bypasswith file permissions
Published:		07.10.2004
Source:		BUGTRAQ
SecurityVulns ID:		4075
Type:		remote
Level:		5/10
Description:		With execute only permission it's possible to bypass antiviral scanner and in some cases antiviral monitor.

Affected:		SYMANTEC : Norton AntiVirus 2003
		LAVASOFT : Ad-Aware 6.0
		KASPERSKY : Kaspersky Antivirus 4.5
		MCAFEE : Virus Scan 8.0

Original document

bipin gautam, Antivirus, Trojan, Spy ware scanner, Nested file manual scan bypass bug (07.10.2004)

Discuss:

Read or add your comments to this news (0 comments)

Neoteris IVE password bruteforcing
Published:		07.10.2004
Source:		BUGTRAQ
SecurityVulns ID:		4072
Type:		remote
Level:		4/10
Description:		Change password page doesn't limit the number of attempts.

Affected:		JUNIPER : Neoteris Instant Virtual Extranet 4.0
		JUNIPER : Neoteris Instant Virtual Extranet 3.3

Original document

Jian Hui Wang, [Gosecure Adivsory] Neoteris IVE Vulnerability (07.10.2004)

Discuss:

Read or add your comments to this news (0 comments)

MaxDB DoS
Published:		07.10.2004
Source:		BUGTRAQ
SecurityVulns ID:		4073
Type:		remote
Level:		5/10
Description:		Invalid non-ASCII characters handling in IsAscii7 function.

Affected:

SAP : MaxDB 7.5

Original document

IDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 10.06.04a: MySQL MaxDB Web Agent WebDBM Server Name Denial of Service Vulnerability (07.10.2004)

Discuss:

Read or add your comments to this news (0 comments)

Apache mod_ssl format string bug updated since 16.07.2004
Published:		07.10.2004
Source:		ENGELSCHALL
SecurityVulns ID:		3851
Type:		remote
Level:		6/10
Description:		Format string bug if mod_ssl is used in conjunction with mod_proxy for SSL proxing (https://foo%s.example.com/).

Affected:		APACHE : mod_ssl 2.8
		HP : VirtualVault 4.5
		HP : VirtualVault 4.6
		HP : VirtualVault 4.7
		HP : HP Webproxy 2.0
		HP : HP Webproxy 2.1

Original document		SECUNIA, [SA12745] HP VirtualVault / Webproxy mod_ssl Format String Vulnerability (07.10.2004)
		Ralf S. Engelschall, Re: mod_ssl-2.8.18-1.3.31 Format string vulnerability (16.07.2004)

Discuss:

Read or add your comments to this news (0 comments)

Tridcomm directory traversal updated since 07.10.2004
Published:		15.10.2004
Source:		BUGTRAQ
SecurityVulns ID:		4071
Type:		remote
Level:		5/10

Affected:

TRIDCOMM : Tridcomm 1.3

Original document		lkelemen_(at)_kolumbus.fi, directory traversal vulberability in TriDComm (15.10.2004)
		Luigi Auriemma, Directory traversal in Tridcomm 1.3 (07.10.2004)

Discuss:

Read or add your comments to this news (0 comments)

Multiple AtHoc toolbar bugs updated since 07.10.2004
Published:		20.01.2005
Source:		BUGTRAQ
SecurityVulns ID:		4070
Type:		client
Level:		5/10
Description:		Buffer overflows, format string bugs in ActiveX components.

Affected:

ATHOC : AtHoc toolbar

Original document		NGSSoftware Insight Security Research, Multiple vulnerabilities in the AtHoc Toolbar (#NISR19012005c) (20.01.2005)
		NGSSoftware Insight Security Research, Patch available for high risk flaws in the AtHoc Toolbar (07.10.2004)

Discuss:

Read or add your comments to this news (0 comments)

Microsoft Word integer overflow updated since 07.10.2004
Published:		13.04.2005
Source:		BUGTRAQ
SecurityVulns ID:		4074
Type:		remote
Level:		5/10
Description:		Integer overflow in signed/unsigned conversion during .doc file parsing.

Affected:		MICROSOFT : Office 2000
		MICROSOFT : Office XP

Original document		MICROSOFT, Microsoft Security Bulletin MS05-023 Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169) (13.04.2005)
		vuln_(at)_hexview.com, [Full-Disclosure] [HV-HIGH] MS Word multiple exceptions, at least one exploitable (07.10.2004)

Files:		Microsoft Security Bulletin MS05-023 Vulnerabilities in Microsoft Word May Lead to Remote Code Execution (890169)
Discuss:		Read or add your comments to this news (0 comments)