 |
|
|
|
| rsnapshot file system backup utility symbolic links problem | | Published: |  | 11.04.2005 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 4658 | | Type: |  | local | | Level: |  | 5/10 | | Description: |  | During symbolic links resotration file permissions are applied to file instead of link. |
| Affected: |  | RSNAPSHOT : rsnapshot 1.1 | | | | RSNAPSHOT : rsnapshot 1.2 |
| Original document |  | security_(at)_rsnapshot.org, [Full-disclosure] rsnapshot Security Advisory 001 (11.04.2005) |
| KMail mail agent signed content spoofing | | Published: | | 11.04.2005 | | Source: | | SECURITEAM | | SecurityVulns ID: | | 4660 | | Type: | | client | | Level: | | 5/10 | | Description: | | Invalid HTML part handling allows to spoof signed text. |
| Affected: | | KDE : KDE 3.3 | | | | KDE : KMAIL 1.7 |
| Original document | | SECURITEAM, [UNIX] Kmail HTML Support Allows Spoofing of Emails' Content (11.04.2005) |
| HP OpenView Network Node Manager DoS | | Published: | | 11.04.2005 | | Source: | | SECUNIA | | SecurityVulns ID: | | 4661 | | Type: | | remote | | Level: | | 5/10 |
| Affected: | | HP : OpenView Network Node Manager 7.50 | | | | HP : OpenView Network Node Manager 7.01 | | | | HP : OpenView Network Node Manager 6.4 | | | | HP : OpenView Network Node Manager 6.31 | | | | HP : OpenView Network Node Manager 6.2 |
| Original document | | SECUNIA, [SA14865] HP OpenView Network Node Manager Unspecified Denial of Service (11.04.2005) |
| Novell Netware TCP/IP null pointer DoS | | Published: | | 11.04.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4662 | | Type: | | remote | | Level: | | 7/10 |
| Affected: | | NOVELL : NetWare 6.5 |
| Original document | | SECUNIA, [SA14874] Novell NetWare Unspecified TCP Packet Handling Denial of Service (11.04.2005) |
| Lotus Notes, Lotus Domino multiple vulnerabilities | | Published: | | 11.04.2005 | | Source: | | SECUNIA | | SecurityVulns ID: | | 4663 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflows, format string bugs, crossite scripting. |
| Affected: | | IBM : Lotus Domino 6.5 | | | | IBM : Lotus Notes 6.5 | | | | IBM : Lotus Notes 6.0 | | | | IBM : Lotus Domino 6.0 |
| Original document | | SECUNIA, [SA14879] Lotus Notes/Domino Multiple Vulnerabilities (11.04.2005) |
| OpenOffice buffer overflow | | Published: | | 11.04.2005 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 4664 | | Type: | | local | | Level: | | 5/10 | | Description: | | Buffer overflow on Microsoft Word files parsing. |
| Affected: | | OPENOFFICE : OpenOffice 1.1 |
| Original document | | adlab, [Full-disclosure] OpenOffice DOC document Heap Overflow (11.04.2005) |
| Multiple AN HTTPD Web Server vulnerabilities | | Published: | | 11.04.2005 | | Source: | | SECUNIA | | SecurityVulns ID: | | 4665 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Buffer overflows, crossite scripting. |
| Affected: | | ANHTTPD : AN HTTPD 1.42 |
| Original document | | SECUNIA, [SA14861] AN HTTPD cmdIS.DLL Buffer Overflow and Log File Injection (11.04.2005) |
| DC++ direct connect file sharing agent unauthorized files access | | Published: | | 11.04.2005 | | Source: | | SECUNIA | | SecurityVulns ID: | | 4666 | | Type: | | remote | | Level: | | 5/10 |
| Affected: | | DCPLUSPLUS : DC++ 0.673 |
| Original document | | SECUNIA, [SA14880] DC++ Unspecified Manipulation of Arbitrary Files (11.04.2005) |
| Linux kernel multiple vulnerabilities | | Published: | | 11.04.2005 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 4659 | | Type: | | local | | Level: | | 5/10 | | Description: | | sysfs_write_file() integer overflow, futex functions DoS, ext3 and jfs race conditions. |
| Affected: | | LINUX : kernel 2.6 |
| Original document | | UBUNTU, [Full-disclosure] [USN-110-1] Linux kernel vulnerabilities (11.04.2005) |
PHP, ASP, CGI web applications security vulnerabilities
updated since 11.04.2005 | | Published: | | 17.04.2005 | | Source: | | | | SecurityVulns ID: | | 4657 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, etc. |
| Affected: | | INVISION : Invision Power Board 1.3 | | | | WEBCT : WebCT 4.1 | | | | PHPNUKE : PHP-Nuke 7.6 | | | | ACNEWS : ACNews 1.0 | | | | TOWERBLOG : TowerBlog 0.6 | | | | RABIDS : RadBids 2 | | | | LOGICSSOFTWARE : LOG-FT | | | | UMMAGUMMA : zOOm Image Gallery 2.1 | | | | JPORTAL : Jportal 2.3 | | | | AZDG : AzDGDatingPlatinum 1.1 | | | | XAMPP : XAMPP 1.4 | | | | CENTRA : Centra 7 | | | | SPLITBRAIN : DokuWiki | | | | WORDPRESS : WordPress 1.5 | | | | EGROUPWARE : eGroupWare 1.006 | | | | PHPBB2 : phpBB Plus 1.52 | | | | S9Y : serentdipity 0.8 | | | | ALL4WWW : All4WWW 1.0 | | | | ONEWORLDSTORE : OneWorldStore | | | | RSA : RSA Authentication Agent for Web for IIS 5.2 | | | | MYBLOGGIE : myBloggie 2.1 | | | | SPHPBLOG : sphpblog 0.4 | | | | CHRISNOWAK : Mafia Blog 0.4 |
| Original document | | tom cruise, phpBB datenbank mod has XSS/SQL Injection in the id variable (16.04.2005) |
| | | dcrab_(at)_hackerscenter.com, Http Response Splitting Vulnerability In PHP-NUKE 7.6 and below (16.04.2005) |
| | | Francisco Alisson, Mafia Blog (16.04.2005) |
| | | ahmad muammar, Vulnerabilities in sphpblog (16.04.2005) |
| | | Francisco Alisson, myBloggie 2.1.1 (16.04.2005) |
| | | SECUNIA, [SA14954] RSA Authentication Agent for Web for IIS Cross-Site Scripting (15.04.2005) |
| | | dcrab_(at)_hackerscenter.com, Multiple multiple sql injection/errors and xss vulnerabilities in OneWorldStore (15.04.2005) |
| | | Francisco Alisson, All4WWW-Homepagecreator Remote Command Execution (15.04.2005) |
| | | kreon, serendipity SQL Injection vulnerability (14.04.2005) |
| | | dcrab_(at)_hackerscenter.com, Multiple Sql injection and XSS vulnerabilities in phpBB Plus v.1.52 and below and some of its modules. (14.04.2005) |
| | | Gerald Quakenbush, eGroupWare Leaks Files (13.04.2005) |
| | | Nicolas Montoza, WordPress XSS and HTML injection (13.04.2005) |
| | | kreon, DoKuWiki file-upload vulnerabilities (13.04.2005) |
| | | Andreas Constantinides, zOOM Media Gallery - Simple SQL Injection discovery (13.04.2005) |
| | | Clorox, Centra 7 XSS Exploit (13.04.2005) |
| | | lacertosum_(at)_yahoo.com, WebCT 4.1 vulnerable to XSS attacks (12.04.2005) |
| | | morning_wood, [Full-disclosure] XAMPP (12.04.2005) |
| | | kreon, AzDGDatingPlatinum multiple vulnerabilities (12.04.2005) |
| | | Marcin "CiNU5" Krupowicz, Sql injection in jPortal version 2.3.1 (module banner) (12.04.2005) |
| | | dcrab_(at)_hackerscenter.com, Invision board 1.3.1 and below are vulnerable to a sql injection vulnerability [PATCH INCLUDED] (12.04.2005) |
| | | JeiAr, Multiple ModernBill 4.3.0 And Earlier Vulnerabilities (11.04.2005) |
| | | Andreas Constantinides, [VulnWatch] zOOM Media Gallery - Simple SQL Injection discovery (11.04.2005) |
| | | SECUNIA, [SA14851] Logics Software LOG-FT File Transfer Arbitrary File Disclosure (11.04.2005) |
| | | SECURITEAM, [UNIX] RadBids Multiple Vulnerabilities (11.04.2005) |
| | | CorryL, [Full-disclosure] TowerBlog <= 0.6 Admin Account View [x0n3-h4ck] (11.04.2005) |
| | | BilDos, Exploti... (11.04.2005) |
|
|
|
|
|
| |
|
| |
