Search:Vulnerability:18.08.2005 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

bluez-utils unauthorized bluethooth access
updated since 17.08.2005
Published: 18.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5111
Type: remote
Level: 5/10
Description: Improper validation of bluetooth device name.

Affected: BLUEZUTILS : bluez-utils 2.19

Original document Kevin Finisterre, [Full-disclosure] Bluez hcid popen() explained. (18.08.2005)

GENTOO, [Full-disclosure] [ GLSA 200508-09 ] bluez-utils: Bluetooth device name validation vulnerability (17.08.2005)

Discuss: Read or add your comments to this news (0 comments)

SafeHTML content filtering bypass
Published: 18.08.2005
Source: SECUNIA
SecurityVulns ID: 5116
Type: remote
Level: 5/10
Description: It's possible to bypass content filtering by using UTF-7 encoding.

Affected: SECUNIA : SafeHTML 1.3

Original document SECUNIA, [SA16427] SafeHTML UTF-7 XSS and CSS Comments Handling Security Bypass (18.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Unauthorized Linksys wireless access points access
Published: 18.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5117
Type: remote
Level: 6/10
Description: Clients without WPA Personal/TKIP authentication can access device with authentication enabled.

Affected: LINKSYS : WRT54GS

Original document Steve Scherf, Serious flaw in Linksys wireless AP password security (18.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Juniper Netscreen VPN user enumeration
Published: 18.08.2005
Source: FULL-DISCLOSURE
SecurityVulns ID: 5120
Type: remote
Level: 5/10
Description: Different reply for existing user in IKE.

Affected: JUNIPER : ScreenOS 5.2

Original document Roy Hills, [Full-disclosure] Juniper Netscreen VPN Username Enumeration Vulnerability (18.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Adobe Acrobat / Adobe Acrobat Reader buffer overflow
Published: 18.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5121
Type: client
Level: 6/10
Description: Buffer overflow in plugin module.

Affected: ADOBE : Acrobat Reader 5.0
ADOBE : Acrobat Reader 6.0
ADOBE : Acrobat 6.0
ADOBE : Acrobat 7.0
ADOBE : Acrobat 5.0
ADOBE : Reader 7.0

Original document SECUNIA, [SA16466] Adobe Acrobat / Reader Plug-in Buffer Overflow Vulnerability (18.08.2005)

Discuss: Read or add your comments to this news (0 comments)

osh restricted shell buffer overflow
updated since 17.02.2005
Published: 18.08.2005
Source: SECURITEAM
SecurityVulns ID: 4492
Type: remote
Level: 5/10
Description: Buffer overflow during command parsing.

Affected: OSH : osh 1.7

Original document Charles 'core' Stevenson, [Full-disclosure] Operator Shell (osh) Stack-based Buffer Overflow (18.08.2005)

SECURITEAM, [UNIX] Buffer Overflow in OSH (16.02.2005)

Files: OSH 1.7 Exploit
OSH 1.7 Exploit #2
Discuss: Read or add your comments to this news (0 comments)

Novell GroupWise client memory cleartext passwords
Published: 18.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5115
Type: local
Level: 4/10
Description: Cahed password is stored cleartext in memory.

Affected: NOVELL : GroupWise 6.5

Original document NOVELL, NOVL-2005010098073 GroupWise Password Caching (18.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Open DC Hub buffer overflow
Published: 18.08.2005
Source: SECURITEAM
SecurityVulns ID: 5118
Type: client
Level: 5/10
Description: $RedirectAll command buffer overflow.

Affected: OPENDCHUB : Open DC hub 0.7

Original document SECURITEAM, [UNIX] Open DC hub Buffer Overflow ($RedirectAll) (18.08.2005)

Files: Open Dc Hub (0.7.14) - Buffer Overflow - Proof Of Concept
Discuss: Read or add your comments to this news (0 comments)

Multiple Microsoft Internet Explorer vulnerabilities
updated since 09.08.2005
Published: 18.08.2005
Source: MICROSOFT
SecurityVulns ID: 5081
Type: client
Level: 9/10
Description: Memory corruption on JPEG files parsing, memory corruption on COM object installation, crossite scripting with Web folders.

Affected: MICROSOFT : Internet Explorer 5.5
MICROSOFT : Internet Explorer 6.0

Original document Berend-Jan Wever, [Full-disclosure] COM objects and MSIE vulnerabilities recap + additional fix (18.08.2005)

Nsfocus Security Team, [VulnWatch] NSFOCUS SA2005-02 : Microsoft IE Devenum.dll COM Instantiation Remote Code Execution Vulnerability (10.08.2005)

MICROSOFT, Microsoft Security Bulletin MS05-038 Cumulative Security Update for Internet Explorer (896727) (09.08.2005)

Files: Ms05 038 exploit POC
Microsoft Internet Explorer COM Objects Instantiation Exploit, MS05-038
Microsoft Internet Explorer "Msdds.dll" Remote Code Execution Exploit (0day)
Microsoft Security Bulletin MS05-038 Cumulative Security Update for Internet Explorer (896727)
Discuss: Read or add your comments to this news (0 comments)

Sun StorEdge 6130 disk array unauthorized access
updated since 13.05.2005
Published: 18.08.2005
Source: SECUNIA
SecurityVulns ID: 4792
Type: remote
Level: 5/10

Affected: SUN : StorEdge 6130
SUN : StorEdge Enterprise Backup 7.2
SUN : StorEdge Enterprise Backup 7.1
SUN : StorEdge Enterprise Backup 7.0
SUN : Solstice Backup 6.1
SUN : Solstice Backup 6.0

Original document SECUNIA, [SA16470] Sun StorEdge Enterprise Backup Vulnerabilities (18.08.2005)

SECUNIA, [SA15306] Sun StorEdge 6130 Array Unspecified Unauthorised Access (13.05.2005)

Discuss: Read or add your comments to this news (0 comments)

Multiple MacOS X vulnerabilities
updated since 18.08.2005
Published: 22.08.2005
Source: CERT
SecurityVulns ID: 5114
Type: remote
Level: 7/10
Description: Apple Mac OS X Directory Services contains a buffer overflow, Apple Mac OS X Server servermgrd authentication vulnerable to buffer overflow, Apple Mac OS X AppKit vulnerable to buffer overflow via the handling of maliciously crafted rich text files, Apple Mac OS X AppKit vulnerable to buffer overflow via maliciously crafted Microsoft Word files, Apple Mac OS X Safari vulnerable to arbitrary command execution via URLs in PDF files, Apple Safari fails to perform security checks on links in rich text content.

Affected: APPLE : MacOS X 10.3
APPLE : Mac OS X 10.4

Original document Kevin Finisterre, [Full-disclosure] DMA[2005-0818a] - 'Apple OSX dsidentity privilege abuse' (22.08.2005)

advisories, [Full-disclosure] [ Suresec Advisories ] - Several MacOS X vulnerabilities (22.08.2005)

CERT, US-CERT Technical Cyber Security Alert TA05-229A -- Apple Mac Products are Affected by Multiple Vulnerabilities (18.08.2005)

Discuss: Read or add your comments to this news (0 comments)

mutt mail agent buffer overflow
updated since 18.08.2005
Published: 23.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5119
Type: client
Level: 6/10
Description: Buffer overflow on parsing messages from mailbox.

Affected: MUTT : mutt 1.4
MUTT : Mutt 1.5

Original document SECUNIA, [SA16485] mutt Attachment Decoding Buffer Overflow Vulnerability (23.08.2005)

Peter Valchev, [Full-disclosure] mutt buffer overflow (18.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Legato Networker multiple vulnerabilities
updated since 18.08.2005
Published: 18.01.2006
Source: SECUNIA
SecurityVulns ID: 5122
Type: remote
Level: 5/10
Description: Security bypass, DoS, information leak, code execution.

Affected: EMC : Legato NetWorker 7.1
EMC : Legato NetWorker 7.2

Original document IDEFENSE, [VulnWatch] iDefense Security Advisory 01.17.06: EMC Legato Networker nsrd.exe Heap Overflow Vulnerability (18.01.2006)

IDEFENSE, [VulnWatch] iDefense Security Advisory 01.17.06: EMC Legato Networker nsrexecd.exe Heap Overflow Vulnerability (18.01.2006)

IDEFENSE, [VulnWatch] iDefense Security Advisory 01.17.06: EMC Legato Networker nsrd.exe DoS Vulnerability (18.01.2006)

document SECUNIA, [SA18495] EMC NetWorker Unspecified Code Execution Vulnerability (17.01.2006)

SECUNIA, [SA16464] Legato NetWorker Multiple Vulnerabilities (18.08.2005)

Discuss: Read or add your comments to this news (0 comments)

test server