 |
|
|
|
gld / postgrey antispam greylisting daemon for Postfix multiple vulnerabilities
updated since 13.04.2005 | | Published: |  | 17.04.2005 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 4682 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | Multiple buffer overflows, format string bugs. |
| Affected: |  | GLD : gld 1.4 | | | | POSTGREY : postgrey 1.18 |
| Original document |  | SECUNIA, [SA14958] Postgrey Format String Denial of Service Vulnerability (17.04.2005) |
| | | dong-h0un U, GLD (Greylisting daemon for Postfix) multiple vulnerabilities. (13.04.2005) |
| monkeyd web server format string vulnerability | | Published: | | 17.04.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4698 | | Type: | | remote | | Level: | | 5/10 |
| Affected: | | MONKEYD : monkeyd 0.9 |
| Original document | | GENTOO, [ GLSA 200504-14 ] monkeyd: Multiple vulnerabilities (16.04.2005) |
| libsafe stack protection library protection bypass | | Published: | | 17.04.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4700 | | Type: | | library | | Level: | | 5/10 | | Description: | | In multithread application there are race doncition before protection becomes active. |
| Affected: | | LIBSAFE : libsafe 2.0 |
| Original document | | Overflow.pl, [Overflow.pl] Libsafe - Safety Check Bypass Vulnerability (16.04.2005) |
| Solaris GSS API privilege escalation | | Published: | | 17.04.2005 | | Source: | | SECUNIA | | SecurityVulns ID: | | 4702 | | Type: | | library | | Level: | | 6/10 | | Description: | | Ralative part is used to load library. |
| Affected: | | SUN : Solaris 8 | | | | SUN : Solaris 7 | | | | SUN : Solaris 9 |
| Original document | | SECUNIA, [SA14971] Solaris Unspecified Generic Security Services Library Vulnerability (17.04.2005) |
| Multiple Musicmatch Jukebox bugs | | Published: | | 17.04.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4697 | | Type: | | client | | Level: | | 5/10 | | Description: | | Unauthorized files access, information leak. |
| Affected: | | YAHOO : Musicmatch 10.00 |
| Original document | | Hyperdose Security, Trojan file issue in Musicmatch software (16.04.2005) |
| | | Hyperdose Security, Trusted Site Cross Site Scripting Elevation of Privilege in Musicmatch (16.04.2005) |
| | | Hyperdose Security, Improper log file storage in Musicmatch software (16.04.2005) |
| | | Hyperdose Security, Arbitrary file overwrite possible by Musicmatch ActiveX control (16.04.2005) |
| MacOS multiple browsers unauthorized local files access | | Published: | | 17.04.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4699 | | Type: | | client | | Level: | | 6/10 | | Description: | | By using AppleWebKit XMLHttpRequest it's possible to mount disk image with HTML documents to known location. |
| Affected: | | APPLE : Safari 1.2 | | | | OMNIGROUP : OmniWeb 5.1 | | | | APPLE : Safari RSS 2.0 |
| Original document | | David Remahl, [DR001] AppleWebKit XMLHttpRequest arbitrary file disclosure vulnerability (16.04.2005) |
| Sun ONE Directory Server buffer overflow | | Published: | | 17.04.2005 | | Source: | | SECUNIA | | SecurityVulns ID: | | 4701 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow on parsing LDAP request. |
| Affected: | | SUN : Sun ONE Directory Server 5.1 |
| Original document | | SECUNIA, [SA14960] Sun Java System Directory Server LDAP Request Buffer Overflow (16.04.2005) |
PHP, ASP, CGI web applications security vulnerabilities
updated since 11.04.2005 | | Published: | | 17.04.2005 | | Source: | | | | SecurityVulns ID: | | 4657 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, etc. |
| Affected: | | INVISION : Invision Power Board 1.3 | | | | WEBCT : WebCT 4.1 | | | | PHPNUKE : PHP-Nuke 7.6 | | | | ACNEWS : ACNews 1.0 | | | | TOWERBLOG : TowerBlog 0.6 | | | | RABIDS : RadBids 2 | | | | LOGICSSOFTWARE : LOG-FT | | | | UMMAGUMMA : zOOm Image Gallery 2.1 | | | | JPORTAL : Jportal 2.3 | | | | AZDG : AzDGDatingPlatinum 1.1 | | | | XAMPP : XAMPP 1.4 | | | | CENTRA : Centra 7 | | | | SPLITBRAIN : DokuWiki | | | | WORDPRESS : WordPress 1.5 | | | | EGROUPWARE : eGroupWare 1.006 | | | | PHPBB2 : phpBB Plus 1.52 | | | | S9Y : serentdipity 0.8 | | | | ALL4WWW : All4WWW 1.0 | | | | ONEWORLDSTORE : OneWorldStore | | | | RSA : RSA Authentication Agent for Web for IIS 5.2 | | | | MYBLOGGIE : myBloggie 2.1 | | | | SPHPBLOG : sphpblog 0.4 | | | | CHRISNOWAK : Mafia Blog 0.4 |
| Original document | | tom cruise, phpBB datenbank mod has XSS/SQL Injection in the id variable (16.04.2005) |
| | | dcrab_(at)_hackerscenter.com, Http Response Splitting Vulnerability In PHP-NUKE 7.6 and below (16.04.2005) |
| | | Francisco Alisson, Mafia Blog (16.04.2005) |
| | | ahmad muammar, Vulnerabilities in sphpblog (16.04.2005) |
| | | Francisco Alisson, myBloggie 2.1.1 (16.04.2005) |
| | | SECUNIA, [SA14954] RSA Authentication Agent for Web for IIS Cross-Site Scripting (15.04.2005) |
| | | dcrab_(at)_hackerscenter.com, Multiple multiple sql injection/errors and xss vulnerabilities in OneWorldStore (15.04.2005) |
| | | Francisco Alisson, All4WWW-Homepagecreator Remote Command Execution (15.04.2005) |
| | | kreon, serendipity SQL Injection vulnerability (14.04.2005) |
| | | dcrab_(at)_hackerscenter.com, Multiple Sql injection and XSS vulnerabilities in phpBB Plus v.1.52 and below and some of its modules. (14.04.2005) |
| | | Gerald Quakenbush, eGroupWare Leaks Files (13.04.2005) |
| | | Nicolas Montoza, WordPress XSS and HTML injection (13.04.2005) |
| | | kreon, DoKuWiki file-upload vulnerabilities (13.04.2005) |
| | | Andreas Constantinides, zOOM Media Gallery - Simple SQL Injection discovery (13.04.2005) |
| | | Clorox, Centra 7 XSS Exploit (13.04.2005) |
| | | lacertosum_(at)_yahoo.com, WebCT 4.1 vulnerable to XSS attacks (12.04.2005) |
| | | morning_wood, [Full-disclosure] XAMPP (12.04.2005) |
| | | kreon, AzDGDatingPlatinum multiple vulnerabilities (12.04.2005) |
| | | Marcin "CiNU5" Krupowicz, Sql injection in jPortal version 2.3.1 (module banner) (12.04.2005) |
| | | dcrab_(at)_hackerscenter.com, Invision board 1.3.1 and below are vulnerable to a sql injection vulnerability [PATCH INCLUDED] (12.04.2005) |
| | | JeiAr, Multiple ModernBill 4.3.0 And Earlier Vulnerabilities (11.04.2005) |
| | | Andreas Constantinides, [VulnWatch] zOOM Media Gallery - Simple SQL Injection discovery (11.04.2005) |
| | | SECUNIA, [SA14851] Logics Software LOG-FT File Transfer Arbitrary File Disclosure (11.04.2005) |
| | | SECURITEAM, [UNIX] RadBids Multiple Vulnerabilities (11.04.2005) |
| | | CorryL, [Full-disclosure] TowerBlog <= 0.6 Admin Account View [x0n3-h4ck] (11.04.2005) |
| | | BilDos, Exploti... (11.04.2005) |
Dameware NT Utilities / Mini Remote Control privilege escalation
updated since 07.04.2005 | | Published: | | 17.04.2005 | | Source: | | SECUNIA | | SecurityVulns ID: | | 4648 | | Type: | | local | | Level: | | 5/10 |
|
|
|
|
|
| |
|
| |
