 |
|
|
|
| SafeNet Sentinel License Manager buffer overflow | | Published: |  | 09.03.2005 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 4560 | | Type: |  | remote | | Level: |  | 5/10 | | Description: |  | SentinelLM service buffer overflow. |
| Affected: |  | SAFENET : Sentinel License Manager 7.2 |
| Original document |  | CIRT Advisory, CIRT.DK Advisory - SafeNet Inc Sentinel License Manager 7.2.0.2 Buffer Overflow (09.03.2005) |
| Oracle database UTL_FILE object directory traversal | | Published: | | 09.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4561 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Directory traversal in UTL_FILE methods. |
| Affected: | | ORACLE : Oracle 9i | | | | ORACLE : Oracle 8i |
| Original document | | c c, - Argeniss - Oracle Database Server Directory transversal (09.03.2005) |
| Gene6 FTP Server privilege escalation | | Published: | | 09.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4562 | | Type: | | local | | Level: | | 5/10 | | Description: | | Administration interface has no access restriction, allowsing any local user to execute commands with SYSTEM privileges. |
| Affected: | | GENE6 : Gene6 FTP Server 3.4 |
| Original document | | Sowhat, Gene6 FTP Server Local Privilege Escalation Vulnerability (09.03.2005) |
| Microsoft Exchange 2003 multiple nested folders DoS | | Published: | | 09.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4563 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Renaming or moving folder with large number of sub-folder causes service to stop. |
| Affected: | | MICROSOFT : Exchange 2003 |
| Original document | | Danny, Moving or removing folders with Outlook -- Exchange IS stops responding (09.03.2005) |
Multiple bugs in trillian instant messaging client
updated since 03.08.2002 | | Published: | | 09.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2204 | | Type: | | client | | Level: | | 6/10 | | Description: | | Buffer overflows, format string bugs. |
| Affected: | | CERULIANSTUDIOS : trillian 0.73 | | | | CERULIANSTUDIOS : Trillian 0.74 | | | | CERULIANSTUDIOS : Trillian 1.0 | | | | CERULIANSTUDIOS : Trillian 2.0 | | | | CERULIANSTUDIOS : Trillian 2.01 |
| Original document | | tal zeltzer, See-security advisory: Trillian Basic 3.0 PNG Processing Buffer overflow (09.03.2005) |
| | | Komrade, [Full-Disclosure] Cerulean Studios Trillian 0.74i buffer overflow in MSN module (08.09.2004) |
| | | Stefan Esser, Advisory 02/2004: Trillian remote overflows (25.02.2004) |
| | | Spikeman , Trillian Remote DoS Attack - AIM (28.09.2002) |
| | | Lance Fitz-Herbert, *sigh* Trillian multiple DoS's flaws. (28.09.2002) |
| | | Lance Fitz-Herbert, And Again. Trillian 'raw 221' Overflow. (28.09.2002) |
| | | Lance Fitz-Herbert, Yet Another. Trillian 'JOIN' Overflow. (21.09.2002) |
| | | Lance Fitz-Herbert, Trillian .73 & .74 "PRIVMSG" Overflow. (19.09.2002) |
| | | Jose Nazario, trillian DoS: trillian 1.0 pro also vulnerable (19.09.2002) |
| | | Lance Fitz-Herbert, Trillian .74 and below, ident flaw. (19.09.2002) |
| | | John C. Hennessy, trillian buffer overflow (03.08.2002) |
| | | josh_(at)_pulltheplug.com, Two more exploitable holes in the trillian irc module (03.08.2002) |
| Yahoo Messenger Instang messaging agent buffer overflow | | Published: | | 09.03.2005 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 4566 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow during offline status message displaying. |
| Affected: | | YAHOO : Yahoo! Messenger 5.6 | | | | YAHOO : Yahoo! Messenger 6.0 |
| Original document | | Rudra Kamal Sinha Roy, [Full-disclosure] Yahoo! Messenger Offline Mode Status Remote Buffer Overflow Vulnerability (09.03.2005) |
| Libexif buffer overflow | | Published: | | 09.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4567 | | Type: | | library | | Level: | | 5/10 | | Description: | | Buffer overflow during EXIF tags parsing. |
| Affected: | | LIBEXIF : libexif 0.6 |
| Original document | | UBUNTU, [USN-91-1] EXIF library vulnerability (09.03.2005) |
| Multiple Xerox WorkCentre products unauthorized access | | Published: | | 09.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4568 | | Type: | | remote | | Level: | | 5/10 | | Description: | | It's possible to bypass authentication for Web interface access. |
| Affected: | | XEROX : WorkCentre 35 | | | | XEROX : WorkCentre 45 | | | | XEROX : WorkCentre 55 | | | | XEROX : WorkCentre 65 | | | | XEROX : WorkCentre 75 | | | | XEROX : WorkCentre 90 | | | | XEROX : WorkCentre 165 | | | | XEROX : WorkCentre 175 | | | | XEROX : WorkCentre 32 | | | | XEROX : WorkCentre 40 | | | | XEROX : WorkCentre Color 2128 | | | | XEROX : WorkCentre Color 2636 | | | | XEROX : WorkCentre Color 3545 |
| Original document | | SECUNIA, [SA14507] Xerox MicroServer Web Server Unauthorised Access Vulnerability (09.03.2005) |
PHP, ASP, CGI web applications security vulnerabilities
updated since 09.03.2005 | | Published: | | 13.03.2005 | | Source: | | | | SecurityVulns ID: | | 4559 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, etc. |
| Affected: | | PHPBB : phpBB 2.0 | | | | XOOPS : xoops 2.0 | | | | PAFILEDB : paFileDB 3.1 | | | | MCNEWS : mcNews 1.3 | | | | PHPBB : UBBThreads 6.2 | | | | PHORUM : Phorum 5.0 | | | | PHPMYFAQ : phpMyFAQ 1.4 | | | | HOSTINGCONTROLLE : Hosting Controller 6.1 | | | | STADTAUS : Form Mail Script 2.3 | | | | WFSECTIONS : wfsections 1.07 | | | | PHPFUSION : PHP-Fusion 5.01 | | | | PHPWEBLOG : phpWebLog 0.5 | | | | PROJECTBB : ProjectBB 0.4 | | | | OUTSTART : PE | | | | EXPERIENCE2 : eXPerience2 | | | | SOCIALMPN : SocialMPN 1.2 | | | | BERLIOS : iPhoto 0.2 | | | | WEBINSTA : WEBInsta 1.3 | | | | PHOTOPOST : Photopost 5.0 | | | | HOLACMS : Hola CMS 1.4 | | | | ACTIVECAMPAIGN : KnowledgeBase | | | | SPINWORKS : Spinworks Application Server 3.0 |
| Original document | | SECUNIA, [SA14579] Spinworks Application Server Web Server Denial of Service (14.03.2005) |
| | | Francisco Alisson, KnowledgeBase (14.03.2005) |
| | | farhad koosha, aeNovo Database Content Disclosure Vulnerability (14.03.2005) |
| | | sp3x_(at)_securityreason.com, [SECURITYREASON.COM] Mass Full Path Disclosure in paFileDB (14.03.2005) |
| | | Virginity Security, Virginity Security Advisory 2005-001 : Hola CMS - File destruction and System access (13.03.2005) |
| | | mozako, [badroot.org] The Includer remote commands execution exploit (13.03.2005) |
| | | Igor Franchuk, PhotoPost PHP 5.0 RC3, and later, multiple vulnerabilities (13.03.2005) |
| | | sp3x_(at)_securityreason.com, [SECURITYREASON.COM] SQL injection and XSS in paFileDB (13.03.2005) |
| | | Maksymilian Arciemowicz, [SECURITYREASON.COM][phpBB 2.0.13 SQL error in session cXIb8O3.8] (13.03.2005) |
| | | kreon, UBB.threads 6 SQL Injection (13.03.2005) |
| | | SECUNIA, [SA14554] Phorum Unspecified Cross-Site Scripting Vulnerability (11.03.2005) |
| | | kreon, Wfsection 1.07 vulnerabilities (11.03.2005) |
| | | SECUNIA, [SA14550] WEBInsta Mailing list manager "absolute_path" Arbitrary File Inclusion (10.03.2005) |
| | | SECUNIA, [SA14401] iPhoto CopperExport Plugin "xp_publish.php" SQL Injection (09.03.2005) |
| | | SECUNIA, [SA14516] phpMyFaq "username" SQL Injection Vulnerability (09.03.2005) |
| | | ahmad muammar, Remote Testing SocialMPN Remote File Inclusion by y3dips (09.03.2005) |
| | | Francisco Alisson, Multiples Vulnerabilities (09.03.2005) |
| | | Altrus Wollesen, PE Multiple Remote Access Validation Vulnerabilities (Participate Systems Inc. / Outstart Inc.) (09.03.2005) |
| | | benjilenoob_(at)_hotmail.com, failles dans ProjectBB v0.4.5.1 (09.03.2005) |
| | | sp3x_(at)_securityreason.com, Multiple vulnerabilities in paFileDB (09.03.2005) |
| | | pokleyzz, [SCAN Associates Security Advisory] xoops 2.0.9.2 and below weak file extension validation (09.03.2005) |
| | | Filip Groszynski, phpWebLog <= 0.5.3 arbitrary file inclusion (VXSfx) (09.03.2005) |
| | | Filip Groszynski, PHP mcNews <= 1.3 arbitrary file inclusion (VXSfx) (09.03.2005) |
| | | FireSt0rm, PHP-FUSION 5.* XSS VULNERABILITY (09.03.2005) |
| | | Some one, phpBB 2.0.13 - user level exploit (09.03.2005) |
| | | mozako, PHP Form Mail Script <= 2.3 arbitrary file inclusion exploit exploit (09.03.2005) |
| | | small mouse, Hosting Controller Multiple Unauthenticated information disclose (09.03.2005) |
| |
|
| |
