Crossite scripting in Falcon
Published:		12.08.2002
Source:		BUGTRAQ
SecurityVulns ID:		2221
Type:		remote
Level:		5/10
Description:		HTML symbols are not filtered in error messages.

Affected:

BLUEFACE : Falcon 2.0

Original document

Matthew Murphy, Cross-Site Scripting Issues in Falcon Web Server (12.08.2002)

Discuss:

Read or add your comments to this news (0 comments)

Unauthorized access in midicart
Published:		12.08.2002
Source:		BUGTRAQ
SecurityVulns ID:		2223
Type:		remote
Level:		5/10
Description:		It's possible to obtain full user's database in file midicart.mdb.

Original document

Dimitri Sekhniashvili, MidiCart Shopping Cart Software database vulnerability (12.08.2002)

Discuss:

Read or add your comments to this news (0 comments)

Windows Apache directory traversal updated since 12.08.2002
Published:		20.08.2002
Source:		BUGTRAQ
SecurityVulns ID:		2222
Type:		remote
Level:		5/10
Description:		It's possible to leave web rot folder by using backslash.

Affected:

APACHE : Apache 2.0

Original document		Auriemma Luigi, Apache 2.0.39 directory traversal and path disclosure bug (20.08.2002)
		APACHE, Apache 2.0 vulnerability affects non-Unix platforms (12.08.2002)

Discuss:

Read or add your comments to this news (0 comments)

Multiple bugs in Cisco VPN client updated since 12.08.2002
Published:		19.09.2002
Source:		BUGTRAQ
SecurityVulns ID:		2224
Type:		remote
Level:		6/10
Description:		Buffer overflows and DoS during IKE packet parsing.

Affected:		CISCO : Cisco VPN Client 3.5
		CISCO : Cisco VPN 5000 Client 5.2

Original document		CISCO, Cisco Security Advisory: Cisco VPN 5000 Client Multiple Vulnerabilities (19.09.2002)
		Niels Heinen, Cisco VPN 5000 client buffer overflow vulnerabilities. (18.09.2002)
		CISCO, Cisco Security Advisory: Cisco VPN Client Multiple Vulnerabilities - Second Set (06.09.2002)
		CISCO, Security Advisory: Cisco VPN Client Multiple Vulnerabilities (12.08.2002)

Discuss:

Read or add your comments to this news (0 comments)