playmidi buffer overflow
Published:		18.01.2005
Source:		BUGTRAQ
SecurityVulns ID:		4372
Type:		remote
Level:		5/10

Original document

DEBIAN, [SECURITY] [DSA 641-1] New playmidi packages fix local root exploit (18.01.2005)

Discuss:

Read or add your comments to this news (0 comments)

NodeManager Professional SNMP trap buffer overflow
Published:		18.01.2005
Source:		BUGTRAQ
SecurityVulns ID:		4373
Type:		remote
Level:		6/10
Description:		Stack based buffer overflow on SNMPv1 trap processing.

Affected:

NODEMANAGER : NodeManager Professional 2.0

Original document

chewkeong_(at)_security.org.sg, [SIG^2 G-TEC] NodeManager Professional V2.00 Buffer Overflow Vulnerability (18.01.2005)

Discuss:

Read or add your comments to this news (0 comments)

Multiple Kazaa P2P agent sig2dat protocol bugs
Published:		18.01.2005
Source:		FULL-DISCLOSURE
SecurityVulns ID:		4375
Type:		remote
Level:		5/10
Description:		Integer overflow, directory traversal.

Affected:

KAZAA : kazaa lite k++

Original document

Rafel Ivgi, [Full-Disclosure] Kazaa Sig2Dat Protocol Remote Integer Overflow and Denial Of Service by creating files in arbitrary locations (18.01.2005)

Discuss:

Read or add your comments to this news (0 comments)

queue buffer overflow
Published:		18.01.2005
Source:		BUGTRAQ
SecurityVulns ID:		4379
Type:		remote
Level:		6/10

Affected:

QUEUE : queue 1.30

Original document

DEBIAN, [SECURITY] [DSA 643-1] New queue packages fix buffer overflows (18.01.2005)

Discuss:

Read or add your comments to this news (0 comments)

chbg buffer overflow
Published:		18.01.2005
Source:		BUGTRAQ
SecurityVulns ID:		4377
Type:		client
Level:		5/10
Description:		Malcrafted background picture change scenario leads to buffer overflow.

Affected:

CHBG : chbg 1.5

Original document

DEBIAN, [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution (18.01.2005)

Discuss:

Read or add your comments to this news (0 comments)

Multiple Oracle Database Server security problems updated since 18.01.2005
Published:		22.01.2005
Source:		BUGTRAQ
SecurityVulns ID:		4378
Type:		local
Level:		7/10
Description:		SQL injection, privilege escalation, buffer overflows.

Affected:		ORACLE : Oracle 9i
		ORACLE : Oracle E-Business Suite 11.0
		ORACLE : Oracle E-Business Suite 11.5
		ORACLE : Oracle 10g
		ORACLE : Oracle Application Server 1.0

Original document		Jose Antonio, Various Buffer Overflows in Oracle 10g Tools (22.01.2005)
		Integrigy Security Alerts, [Full-Disclosure] Integrigy Security Advisory - High Risk Security Issues in the Oracle Database and Oracle Applications (20.01.2005)
		SECUNIA, [SA13862] Oracle Products 23 Vulnerabilities (19.01.2005)
		Pete Finnigan, PeteFinnigan.com - Oracle security advisory (19.01.2005)
		NGSSoftware Insight Security Research, Multiple high risk vulnerabilities in Oracle RDBMS 10g/9i (18.01.2005)

Discuss:

Read or add your comments to this news (0 comments)

PHP/ASP/CGI web applications security vulnerabilities updated since 18.01.2005
Published:		23.01.2005
Source:
SecurityVulns ID:		4374
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, etc.

Affected:		GALLERY : Gallery 1.3
		GALLERY : Gallery 1.4
		TIKIWIKI : TikiWiki 1.8
		JSBOARD : jsboard 2.0
		GALLERY : Gallery 2.0
		AWSTATS : AWStats 6.1
		GFORGE : GForge 3.3
		SITEMAN : Siteman 1.0
		SWORD : sword 1.5
		COMERSUS : Comersus ASP Shopping Cart 6.0
		COMERSUS : Comersus ASP Shopping Cart 6.01

Original document		shoalie sefid, Siteman User Database Line Insertion Vulnerability (23.01.2005)
		SECUNIA, [SA13948] TikiWiki "temp" Arbitrary Script Execution Vulnerability (22.01.2005)
		raf somers, bug report comersus Back Office Lite 6.0 and 6.0.1 (22.01.2005)
		DEBIAN, [SECURITY] [DSA 650-1] New sword packages fix arbitrary command execution (22.01.2005)
		Pedram hayati, God Admin Injection Vulnerability in Siteman 1.0.x (22.01.2005)
		SSR Team, STG Security Advisory: [SSA-20050120-22] JSBoard file disclosure vulnerability (22.01.2005)
		SSR Team, STG Security Advisory: [SSA-20050120-24] GForge 3.x directory traversal vulnerability (22.01.2005)
		IDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 01.17.05: AWStats Remote Command Execution Vulnerability (18.01.2005)
		Rafel Ivgi, [Full-Disclosure] Gallery v1.3.4-pl1, v1.4.4-pl2, 2.0 Alpha Cross Site Scripting Vulnerability (18.01.2005)

Discuss:

Read or add your comments to this news (0 comments)

ImageMagic PSD files buffer overflow updated since 18.01.2005
Published:		24.01.2005
Source:		BUGTRAQ
SecurityVulns ID:		4376
Type:		library
Level:		5/10
Description:		Integer array overflow in psd.c

Affected:		IMAGEMAGIC : ImageMagick 6.1
		GRAPHICSMAGIC : GraphicsMagick 1.1

Original document		SECUNIA, [SA13960] GraphicsMagick PSD Image Decoding Buffer Overflow (24.01.2005)
		IDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 01.17.05: Multiple Vendor ImageMagick .psd Image File Decode Heap Overflow Vulnerability (18.01.2005)

Discuss:

Read or add your comments to this news (0 comments)