 |
|
|
|
| Multiple bugs in Oracle Listener | | Published: |  | 15.08.2002 | | Source: |  | NTBUGTRAQ | | SecurityVulns ID: |  | 2228 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | Format string bug, DoS. |
| Affected: |  | ORACLE : Oracle 9i | | | | ORACLE : Oracle 8i |
| Original document |  | X-FORCE, Remote Denial of Service Vulnerability in Oracle9i SQL*NET (15.08.2002) |
| | | NGSSoftware Insight Security Research, Oracle Listener Control Format String Vulnerabilities (#NISR14082002) (15.08.2002) |
CGI bugs
updated since 15.08.2002 | | Published: | | 25.08.2002 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2229 | | Type: | | remote | | Level: | | 5/10 |
| Affected: | | CGI : L-Forum 2.4 | | | | CGI : mantisbt 0.17 | | | | CAFELOG : b2 Weblog Tool 2.06 | | | | CGI : php-affiliate 1.0 | | | | CGI : Web Shop Manager 1.1 | | | | ICEWARP : IceWarp Webmail 3.3 | | | | PHPNUKE : PHP-Nuke 5.6 | | | | CGI : Bonsai | | | | TOMAHAWK : SteelArrow | | | | PROHOST : FUDforum 2.0 | | | | ACHIEVO : Achievo 0.7 | | | | ACHIEVO : Achievo 0.8 | | | | ACHIEVO : Achievo 0.9 | | | | BLAZIX : Blazix 1.2 |
| Original document | | Auriemma Luigi, Blazix 1.2 jsp view and free protected folder access (25.08.2002) |
| | | Jeroen Latour, [Mantis Advisory/2002-07] Bugs in private projects listed on 'View Bugs' (25.08.2002) |
| | | Jeroen Latour, [Mantis Advisory/2002-06] Private bugs accessible in Mantis (25.08.2002) |
| | | Jeroen Latour, Arbitrary code execution problem in Achievo (23.08.2002) |
| | | Ulf Harnhammar, FUDforum file access and SQL Injection (20.08.2002) |
| | | NGSSoftware Insight Security Research, Multiple Buffer Overflow vulnerabilities in SteelArrow (#NISR19082002B) (20.08.2002) |
| | | Jeroen Latour, [Mantis Advisory/2002-03] Bug listings of private projects can be viewed through cookie manipulation (20.08.2002) |
| | | Jeroen Latour, [Mantis Advisory/2002-05] Arbitrary code execution and file reading vulnerability in Mantis (20.08.2002) |
| | | Jeroen Latour, [Mantis Advisory/2002-01] SQL poisoning vulnerability in Mantis (20.08.2002) |
| | | Jeroen Latour, [Mantis Advisory/2002-02] Limiting output to reporters can be bypassed (20.08.2002) |
| | | Jeroen Latour, [Mantis Advisory/2002-04] Arbitrary code execution vulnerability in Mantis (20.08.2002) |
| | | Stan Bubrouski, Advisory: Bonsai XSS and Physical Path Revealing Vulnerabilities (20.08.2002) |
| | | <-delusion->, PHP-Nuke v5.6 - Users can compromise admin accts. (16.08.2002) |
| | | Ulf Harnhammar, L-Forum XSS and upload spoofing (16.08.2002) |
| | | DarC KonQuesT, IceWarp Webmail XSS (16.08.2002) |
| | | Tacettin Karadeniz, Web Shop Manager Security Vulnerability (16.08.2002) |
| | | MOD, Input validation attack in php-affiliate-v1.0 (16.08.2002) |
| | | Matthew Murphy, Multiple Vulnerabilities in CafeLog Weblog Package (15.08.2002) |
| | | Joao Gouveia, mantisbt security flaw (15.08.2002) |
| | | Matthew Murphy, L-Forum Vulnerability - SQL Injection (15.08.2002) |
Internet explorer (and others) CA certificate attack
updated since 15.08.2002 | | Published: | | 29.11.2003 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2227 | | Type: | | m-i-t-m | | Level: | | 5/10 | | Description: | | For intermediate CA only signature is checked, missed check for basic constaint allows to use any valid certificate as CA certificate. |
|
|
|
|
|
| |
|
| |
