Search:Vulnerability:13.01.2005 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

bmv PostScript viewer symbolic links problem
Published: 13.01.2005
Source: BUGTRAQ
SecurityVulns ID: 4358
Type: remote
Level: 5/10
Description: Symbolic links problem on temporary files creation.

Affected: BMV : bmv 1.2

Original document DEBIAN, [SECURITY] [DSA 633-1] New bmv package fixes insecure temporary file creation (13.01.2005)

Discuss: Read or add your comments to this news (0 comments)

Unixware mountd DoS
Published: 13.01.2005
Source: BUGTRAQ
SecurityVulns ID: 4359
Type: remote
Level: 5/10
Description: Multiple connections lead to system resources exhaustion.

Affected: SCO : UnixWare 7.1
SCO : UnixWare 7.0

Original document Jonglim Yun, [NILESA-20050101]: Denial of Service vulnerability due to the mountd bug (13.01.2005)

Discuss: Read or add your comments to this news (0 comments)

Hitachi Directory Server LDAP protocol buffer overflow
Published: 13.01.2005
Source: SECUNIA
SecurityVulns ID: 4360
Type: remote
Level: 5/10

Affected: HITACHI : Hitachi Directory Server 2

Original document SECUNIA, [SA13801] Hitachi Directory Server LDAP Request Handling Buffer Overflow (13.01.2005)

Discuss: Read or add your comments to this news (0 comments)

Apache mod_dosevasive symbolic links problem
updated since 07.01.2005
Published: 13.01.2005
Source: SECUNIA
SecurityVulns ID: 4339
Type: local
Level: 5/10
Description: Symbolic links problem on temporary files creation.

Affected: APACHE : mod_dosevasive 1.9
GUESTSERVER : Guestserver 5

Original document SECUNIA, [SA13795] Guestserver "message" Script Insertion Vulnerability (13.01.2005)

LSS Security, Mod_dosevasive symlink and race vulnerability (13.01.2005)

SECUNIA, [SA13725] Apache mod_dosevasive Insecure Temporary File Creation (07.01.2005)

Discuss: Read or add your comments to this news (0 comments)

HylaFAX hfaxd unauthorized fax access
Published: 13.01.2005
Source: BUGTRAQ
SecurityVulns ID: 4350
Type: remote
Level: 6/10
Description: During authorization of fax access by hostname, hostname sent by remote side is used.

Affected: HYLAFAX : hylafax 4.2

Original document Lee Howard, HylaFAX hfaxd unauthorized login vulnerability (13.01.2005)

Discuss: Read or add your comments to this news (0 comments)

Microsoft Indexing Service buffer overflow
Published: 13.01.2005
Source: MICROSOFT
SecurityVulns ID: 4352
Type: remote
Level: 6/10
Description: Buffer overflow on search request processing.

Affected: MICROSOFT : Windows XP
MICROSOFT : Windows 2003 Server

Original document MICROSOFT, Microsoft Security Bulletin MS05-003 Vulnerability in the Indexing Service Could Allow Remote Code Execution (871250) (13.01.2005)

Discuss: Read or add your comments to this news (0 comments)

Squirrelmail vacation plugin shell characters problem
Published: 13.01.2005
Source: BUGTRAQ
SecurityVulns ID: 4353
Type: local
Level: 5/10
Description: Unfiltered shell characters on ftpfile external program invocation.

Affected: SQUIRRELMAIL : vacation 0.15

Original document LSS Security, Squirrelmail vacation v0.15 local root exploit (13.01.2005)

Discuss: Read or add your comments to this news (0 comments)

Apache mod_auth_radius integer overflow
Published: 13.01.2005
Source: BUGTRAQ
SecurityVulns ID: 4355
Type: m-i-t-m
Level: 4/10
Description: Integer overflow on RADIUS server reply parsing.

Affected: FREERADIUS : mod_auth_radius 1.5

Original document LSS Security, Apache mod_auth_radius remote integer overflow (13.01.2005)

Files: Apache mod_auth_radius Remote Integer Overflow Exploit
Discuss: Read or add your comments to this news (0 comments)

poppassd_pam unauthorized password change
Published: 13.01.2005
Source: BUGTRAQ
SecurityVulns ID: 4357
Type: remote
Level: 5/10
Description: Old password is never checked before setting new one.

Affected: POPPASSDPAM : poppassd_pam 1.8

Original document GENTOO, [ GLSA 200501-22 ] poppassd_pam: Unauthorized password changing (13.01.2005)

Discuss: Read or add your comments to this news (0 comments)

Apple iTunes playlist buffer overflow
updated since 13.01.2005
Published: 14.01.2005
Source: BUGTRAQ
SecurityVulns ID: 4356
Type: remote
Level: 5/10
Description: Overflow on multiple playlists format parsing (.m3u, .pls).

Affected: APPLE : iTunes 4.7

Original document IDEFENSE, iDEFENSE Security Advisory 01.13.05 - Apple iTunes Playlist Parsing Buffer Overflow Vulnerability (14.01.2005)

APPLE, APPLE-SA-2005-01-11 iTunes 4.7.1 (13.01.2005)

Files: PoC for iTunes on OS X 10.3.7
Discuss: Read or add your comments to this news (0 comments)

Knox Arkeia Network Backup multiple vulnerabilities
updated since 13.01.2005
Published: 24.02.2005
Source: BUGTRAQ
SecurityVulns ID: 4354
Type: remote
Level: 6/10
Description: Database files and password file have weak security premossions by default. Default root password is empty. Buffer overflow.

Affected: KNOX : Arkeia Backup 4.2
KNOX : Arkeia Backup 5.2
KNOX : Arkeia Backup 5.3

Original document ARKEIA, Release of Arkeia Network Backup 5.3.5 fixes security issue [bugtraq id 12594] (24.02.2005)

Maciej Bogucki, Arkeia Possible remote root & information leakage (13.01.2005)

Files: Knox Arkeia remote root/system exploit
Discuss: Read or add your comments to this news (0 comments)

Apple Airport Express / Apple Airport Extreme DoS
updated since 13.01.2005
Published: 07.01.2006
Source: FULL-DISCLOSURE
SecurityVulns ID: 4361
Type: remote
Level: 5/10
Description: Inivalid data to UDP/161 cause device to crash.

Affected: APPLE : Airport Extreme
APPLE : Airport Express

Original document APPLE, APPLE-SA-2006-01-05 AirPort firmware update (07.01.2006)

Dylan Griffiths, [Full-Disclosure] Apple Airport WDS DoS (13.01.2005)

Discuss: Read or add your comments to this news (0 comments)