 |
|
|
|
| FreeBSD jailed process routing table protection bypass | | Published: |  | 08.06.2004 | | Source: |  | FREEBSD | | SecurityVulns ID: |  | 3736 | | Type: |  | local | | Level: |  | 6/10 | | Description: |  | Jailed process can manipulate with routing table. |
| Affected: |  | FREEBSD : FreeBSD 4.8 | | | | FREEBSD : FreeBSD 4.9 |
| Original document |  | FREEBSD, FreeBSD-SA-04:12.jailroute (08.06.2004) |
| PHP for Windows shell characters filtration protection bypass | | Published: | | 08.06.2004 | | Source: | | 3APA3A | | SecurityVulns ID: | | 3737 | | Type: | | library | | Level: | | 6/10 | | Description: | | escapeshellcmd()/escapeshellarg() do not work under Windows. |
| Affected: | | PHP : PHP 4.2 | | | | PHP : PHP 4.3 |
| Original document | | IDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 06.07.04: PHP Win32 escapeshellcmd() and escapeshellarg() Input Validation Vulnerability (08.06.2004) |
| | | 3APA3A, PHP for Windows all version shell filtering bug (08.06.2004) |
Multiple MacOS X bugs
updated since 08.06.2004 | | Published: | | 08.06.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3739 | | Type: | | client | | Level: | | 6/10 | | Description: | | Problems with launching of download application. |
| Affected: | | APPLE : MacOS X 10.2 | | | | APPLE : MacOS X 10.3 |
| Original document | | APPLE, [product-security@apple.com: APPLE-SA-2004-06-07 Security Update 2004-06-07] (08.06.2004) |
| Linksys BEFSR41 information leak | | Published: | | 08.06.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3741 | | Type: | | remote | | Level: | | 5/10 | | Description: | | DHCP reply contains random information from memory. |
| Affected: | | LINKSYS : BEFSR41 |
| Original document | | Lance Armstrong, Linksys BEFSR41 DHCP vulnerability server leaks network data (08.06.2004) |
| Linksys Web Camera directory traversal | | Published: | | 08.06.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3742 | | Type: | | remote | | Level: | | 5/10 |
| Affected: | | LINKSYS : WVC11B |
| Original document | | John Doe, Linksys Web Camera File Inclusion Vuln (08.06.2004) |
CGI bugs
updated since 08.06.2004 | | Published: | | 11.06.2004 | | Source: | | | | SecurityVulns ID: | | 3740 | | Type: | | remote | | Level: | | 5/10 |
| Affected: | | MAILMAN : Mailman 2.1 | | | | INVISION : Invision Power Board 1.3 | | | | PHPNUKE : PHP-Nuke 7.2 | | | | PHPNUKE : Php-Nuke 7.3 | | | | CPANEL : cPanel 9.3 | | | | BLOSXOM : Blosxom writeback 2.0 | | | | DISCOVERY : AspDotNetStorefront 3.3 | | | | BLACKBOARD : Blackboard Learning System 6 |
| Original document | | Janek Vind, [Full-Disclosure] [waraxe-2004-SA#032 - Multiple security flaws in PhpNuke 6.x - 7.3] (11.06.2004) |
| | | Maarten Verbeek, Blackboard Learning System - Stealing documents out of the digital dropbox (11.06.2004) |
| | | JvdR, Multiple Vulnerabilities in Invision Power Board v1.3.1 Final. (10.06.2004) |
| | | Virtual Nova Web Hosting services virtualnova.net, Major Cpanel Expliot HTML Injection (10.06.2004) |
| | | Tom, [FULL DISCLOSURE] ASPDOTNETSTOREFRONT Improper Session Validation (10.06.2004) |
| | | Tom, [FULL DISCLOSURE] ASPDOTNETSTOREFRONT Cross-Site Scripting Vulnerability (10.06.2004) |
| | | Tom, ADVISORY: ASPDOTNETSTOREFRONT Improper Upload Validation (10.06.2004) |
| | | Kyle Maxwell, KM-2004-01: Cross-Site Scripting in Blosxom writeback (09.06.2004) |
| | | Kurt Lieber, [Full-Disclosure] [ GLSA 200406-04 ] Mailman: Member password disclosure vulnerability (09.06.2004) |
| | | Rob Brown, cPanel mod_php suEXEC Taint Vulnerability (08.06.2004) |
| | | k1LL3r B0y, Multiple vulnerabilities PHP-Nuke (08.06.2004) |
New Internet Explorer crossite scripting problems
updated since 08.06.2004 | | Published: | | 14.06.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3738 | | Type: | | client | | Level: | | 7/10 | | Description: | | Location: URL: HTTP header in conjuection with ms-its: handler allows to save file to known location. Crossite scripting with modal dialogs. |
|
|
|
|
|
| |
|
| |
