 |
|
|
|
| CiscoSecure ACS crossite scripting | | Published: |  | 17.06.2002 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 2094 | | Type: |  | remote | | Level: |  | 4/10 | | Description: |  | Crossite scripting in web interface (requires authentication) |
| Affected: |  | CISCO : Secure ACS 3.0 |
| Original document |  | Dave Palumbo, XSS in CiscoSecure ACS v3.0 (17.06.2002) |
| Xitami GSL problems | | Published: | | 17.06.2002 | | Source: | | | | SecurityVulns ID: | | 2095 |
| Affected: | | XITAMI : Xitami 2.5 |
| Original document | | Matthew Murphy, ALERT: Xitami 2.5b5 (17.06.2002) |
| IGMP DoS | | Published: | | 17.06.2002 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2096 | | Type: | | remote | | Level: | | 4/10 | | Description: | | By sending unicast membership report to attacked host it's possible to prevent one from registering in group. |
| Original document | | Krishna N. Ramachandran, IGMP denial of service vulnerability (17.06.2002) |
Buffer overflow in Apache
updated since 17.06.2002 | | Published: | | 18.06.2002 | | Source: | | X-FORCE | | SecurityVulns ID: | | 2097 | | Type: | | remote | | Level: | | 10/10 | | Description: | | Signed/unsigned conversion bug on CHUNKed POST. |
| Affected: | | APACHE : Apache 1.3 | | | | APACHE : Apache 2.0 |
| Original document | | X-FORCE, ISS X-Force response (18.06.2002) |
| | | CERT, Advisory CA-2002-17 Apache Web Server Chunk Handling Vulnerability (18.06.2002) |
| | | APACHE, Apache httpd: vulnerability with chunked encoding (17.06.2002) |
| | | X-FORCE, ISS Advisory: Remote Compromise Vulnerability in Apache HTTP Server (17.06.2002) |
CGI bugs
updated since 17.06.2002 | | Published: | | 11.07.2002 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2093 | | Type: | | remote | | Level: | | 5/10 |
| Affected: | | CGI : whois.cgi | | | | YABB : YaBB 1 | | | | PHPBB : phpBB 2.0 | | | | CGI : Penguin Traceroute 1.0 | | | | MEWSOFT : Mewsoft Auction 3.0 | | | | CGI : PHP Classifieds 6.05 | | | | ZEROBOARD : Zeroboard 4.1 | | | | WOLFRAM : webMathematica | | | | CGI : PHP Address 0.2 | | | | OSCOMMERCE : osCommerce 2.1 | | | | METALINKS : MetaCart | | | | CGI : WebBBS 5.0 | | | | BASILIX : BasiliX 1.1 | | | | CGI : Duma Photo Gallery System | | | | CGI : phpsquidpass 0.11 | | | | CGI : Salescart | | | | CGI : htsearch.cgi | | | | NOGUSHKA : Nola 1.1 | | | | SUMMIT : urlcount.cgi |
| Original document | | Matthew Murphy, Lil'HTTP Pbcgi.cgi XSS Vulnerability (11.07.2002) |
| | | Matthew Murphy, ALERT: Lil'HTTP Server (Summit Computer Networks) (28.06.2002) |
| | | Zeux, [sp00fed packet] Whois vulnerability (28.06.2002) |
| | | sindhi_(at)_hushmail.com, Noguska Nola 1.1.1 [ Intranet Business Management Software ] (27.06.2002) |
| | | Tom Micklovitch, XSS in HTDIG (27.06.2002) |
| | | Tacettin Karadeniz, Salescart vuln. (26.06.2002) |
| | | Jens Liebchen, phpsquidpass: unauthorized user deleting (26.06.2002) |
| | | methodic, [AP] YaBB Cross-Site Scripting vulnerability (22.06.2002) |
| | | b0iler, DPGS allows any file to be overwritten (22.06.2002) |
| | | Ulf Harnhammar, BasiliX multiple vulnerabilities (20.06.2002) |
| | | NERF, WebBBS 5.0 (andlater versions) vulnerable: allow commands execution via "followup" bug (19.06.2002) |
| | | Tacettin Karadeniz, Metacart vuln. (18.06.2002) |
| | | I'm I, malicious PHP source injection in phpBB (18.06.2002) |
| | | tim vandermeersch, PHP source injection in osCommerce (18.06.2002) |
| | | tim vandermeersch, PHP source injection in PHPAddress (18.06.2002) |
| | | Andrew Badr, Directory Traversal in Wolfram Research's webMathematica (18.06.2002) |
| | | Marco van Berkum, Another small metacharacter bug in Penguin Traceroute v1.0 (18.06.2002) |
| | | I'm I, malicious PHP source injection (17.06.2002) |
| | | § o m e 1, Mewsoft Auction, PHP Classifieds and eFax.com - CrossSiteScripting issues (17.06.2002) |
|
|
|
|
|
| |
|
| |
