Microsoft ISA 2000 DNS cache poisoning
Published:		10.11.2004
Source:		BUGTRAQ
SecurityVulns ID:		4168
Type:		remote
Level:		5/10
Description:		Content spoofing by DNS cache poisoning.

Affected:		MICROSOFT : Proxy Server 2.0
		MICROSOFT : ISA Server 2000

Original document

MICROSOFT, Microsoft Security Bulletin MS04-039 (10.11.2004)

Discuss:

Read or add your comments to this news (0 comments)

Kerio Firewall DoS
Published:		10.11.2004
Source:		BUGTRAQ
SecurityVulns ID:		4169
Type:		remote
Level:		6/10
Description:		Problem with IP options processing allow to crash firewall with single packet.

Affected:

KERIO : Kerio Personal Firewall 4.1

Original document

EEYE, EEYE: Kerio Personal Firewall Multiple IP Options Denial of Service (10.11.2004)

Files:		Kerio Personal Firewall Multiple IP Options Denial of Service PoC
Discuss:		Read or add your comments to this news (0 comments)

mtink symbolic links problem
Published:		10.11.2004
Source:		BUGTRAQ
SecurityVulns ID:		4171
Type:		local
Level:		5/10
Description:		Symboli links problem on temporary files creation.

Affected:

MTINK : mtink 1.0

Original document

GENTOO, [ GLSA 200411-17 ] mtink: Insecure tempfile handling (10.11.2004)

Discuss:

Read or add your comments to this news (0 comments)

Samba DoS
Published:		10.11.2004
Source:		FULL-DISCLOSURE
SecurityVulns ID:		4172
Type:		remote
Level:		5/10
Description:		Accessing directory with large number of '*' in the name lead to smbd CPU exhastion.

Affected:

SAMBA : Samba 3.0

Original document

IDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 11.08.04: Samba SMBD Remote Denial of Service Vulnerability (10.11.2004)

Discuss:

Read or add your comments to this news (0 comments)

CGI bugs updated since 10.11.2004
Published:		13.11.2004
Source:
SecurityVulns ID:		4170
Type:		remote
Level:		5/10

Affected:		WEBCALENDAR : WebCalendar 0.9
		PHPBB : phpBB 2.0
		VBULLETIN : vBulletin 3.0
		PHPWEBSITE : phpWebSite 0.9
		PHORUM : Phorum 5.0
		MANTIS : Mantis 0.19
		EGROUPWARE : eGroupWare 1.0
		JAF : JAF CMS 3.0
		NUCLEUS : Nucleus 3.1
		INFUSEUM : Infuseum ASP Message Board 2.2
		PHPBT : PHP Bug Traq 0.9
		TWIKI : TWiki 20030201

Original document		Hans Ulrich Niedermann, [Full-Disclosure] TWiki search function allows arbitrary shell command execution (13.11.2004)
		jessica soules, phpBB Code EXEC (v2.0.10) (13.11.2004)
		jessica soules, SQL Injection in phpBT (bug.php) (13.11.2004)
		VBULLETIN, Vulnerability not with vBulletin (13.11.2004)
		Janek Vind, [waraxe-2004-SA#037 - Sql injection bug in Phorum 5.0.12 and older versions] (13.11.2004)
		Maestro De-Seguridad, security hole (http response splitting) in phpwebsite (13.11.2004)
		Dr. Death, SQL injection in vBulletin forums (last10.php) (13.11.2004)
		MANTIS, [SA13111] Mantis Information Disclosure Vulnerabilities (11.11.2004)
		SECUNIA, [SA13137] Infuseum ASP Message Board Unspecified Cross-Site Scripting and SQL Injection (11.11.2004)
		SECUNIA, [SA13136] Nucleus Unspecified Cross-Site Scripting and SQL Injection (11.11.2004)
		SECUNIA, [SA13110] eGroupWare Unspecified "JiNN" Vulnerability (11.11.2004)
		Jose Antonio, Multiple Vulnerabilities in WebCalendar (11.11.2004)
		y3dips_(at)_www.securityfocus.com, Vulnerabilities in JAF CMS (10.11.2004)

Discuss:

Read or add your comments to this news (0 comments)