Serv-U privilege escalation
Published:		09.08.2004
Source:		AT4R
SecurityVulns ID:		3894
Type:		local
Level:		5/10
Description:		With SITE EXEC command from local interface it's possible to execute any command with system privileges.

Affected:

RHINOSOFT : Serv-U 5.1

Original document

aT4r InsaN3, Serv-U 3.x, 4.x, 5.x local privilege escalation (09.08.2004)

Files:		Serv-u Local Exploit >v3.x. (tested also against last version 5.1.0.0)
Discuss:		Read or add your comments to this news (0 comments)

VentaFax Privilege escalation
Published:		09.08.2004
Source:		DRWAX
SecurityVulns ID:		3896
Type:		local
Level:		5/10
Description:		VentaEngine (available via systray) runs with Local System privilege. On double click file selsction meny is open. It allows "Execute" command to be choosen for executable files.

Affected:

VENTAFAX : VentaFax 5.4

Discuss:

Read or add your comments to this news (0 comments)

AOL Instant Messenger buffer overflow
Published:		09.08.2004
Source:		FULL-DISCLOSURE
SecurityVulns ID:		3897
Type:		remote
Level:		5/10
Description:		Buffer overflow in aim:goaway URI handler.

Affected:

AOL : Instant Messenger 5.5

Original document

IDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 08.09.04: AOL Instant Messenger aim:goaway URI Handler Buffer Overflow Vulnerability (09.08.2004)

Files:		AIM Away Message Buffer Overflow Exploit
Discuss:		Read or add your comments to this news (0 comments)

CGI bugs updated since 09.08.2004
Published:		12.08.2004
Source:
SecurityVulns ID:		3895
Type:		remote
Level:		5/10

Affected:		MOODLE : Moodle 1.3
		HORDE : Horde-IMP 3.2

Original document		GENTOO, [ GLSA 200408-09 ] Roundup filesystem access vulnerability (12.08.2004)
		Javier Ubilla Brenni, xss in moodle (post.php) (09.08.2004)

Discuss:

Read or add your comments to this news (0 comments)