 |
|
|
|
| Palace buffer overflow | | Published: |  | 09.02.2004 | | Source: |  | WINTER-SMITH | | SecurityVulns ID: |  | 3425 | | Type: |  | client | | Level: |  | 5/10 | | Description: |  | Buffer overflow on parsing palace:// URL |
| DreamFTP formatstring bug | | Published: | | 09.02.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3426 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Format string bug in username. |
| Affected: |  | BOLINTECH : DreamFTP 1.02 | | CVE: |  | CVE-2007-0338 (Heap-based buffer overflow in Dream FTP Server allows remote attackers to execute arbitrary code via a USER command with a large number of format string specifiers, which triggers the overflow during processing of the Server Log.) |
| vserver virtual machine protection bypass | | Published: | | 09.02.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3427 | | Type: | | remote | | Level: | | 5/10 | | Description: | | it's possible to escape virtual root Catalog regardless of permission. |
| ApacheSSL protection bypass | | Published: | | 09.02.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3428 | | Type: | | remote | | Level: | | 5/10 | | Description: | | In basic authentication emulation mode it's possible to access server without certificate. |
| php.ini PHP protection bypass | | Published: | | 09.02.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3429 | | Type: | | remote | | Level: | | 5/10 | | Description: | | It's possible tyo bypass protection (register_globals = on for example) of virtual host by requestin host without protection in same HTTP keep-alive connection before. |
| TrackMania DoS | | Published: | | 09.02.2004 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 3430 | | Type: | | remote | | Level: | | 5/10 | | Description: | | random data to TCP/2350 causes program to crash. |
| clamav integer overflow | | Published: | | 09.02.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3431 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Integer overflow on UUENCODE parsing. |
CGI bugs
updated since 09.02.2004 | | Published: | | 12.02.2004 | | Source: | | | | SecurityVulns ID: | | 3424 | | Type: | | remote | | Level: | | 5/10 |
| Original document |  | GENTOO, [ GLSA 200402-04 ] Gallery <= 1.4.1 and below remote exploit vulnerability (12.02.2004) |
| | | ZetaLabs, ZH2004-05SA (security advisory): Sql Injection Vulnerability in BosDates (11.02.2004) |
| | | Cedric Cochin, PHP Code Injection Vulnerabilities in ezContents 2.0.2 and prior (11.02.2004) |
| | | pokleyzz, [SCAN Associates Sdn Bhd Security Advisory] PHPNuke 6.9 > and below SQL Injection in multiple module. (10.02.2004) |
| | | Janek Vind, [waraxe-2004-SA#003] - SQL injection in Php-Nuke 7.1.0 (10.02.2004) |
| | | Manuel López, XSS, Sql Injection and Avatar ScriptCode Injection in MaxWebPortal (10.02.2004) |
| | | Janek Vind, [waraxe-2004-SA#002] - Cross-Site Scripting (XSS) in Php-Nuke 7.1.0 (09.02.2004) |
| | | Himeur Nourredine, formmail (PHP) Upload file using CSS (09.02.2004) |
| | | Ferruh Mavituna, Dotnetnuke Multiple Vulnerabilities (09.02.2004) |
| | | trihuynh_(at)_zeeup.com, Open Journal Blog Authenticaion Bypassing Vulnerability (09.02.2004) |
|
|
|
|
|
|
|
|
