Search:Vulnerability:20.01.2005 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Cisco IOS Telephony Services DoS
Published: 20.01.2005
Source: BUGTRAQ
SecurityVulns ID: 4381
Type: remote
Level: 5/10
Description: DoS on SCCP control protocol parsing if configured tobe used with Cisco IOS Telephony Service (ITS), Cisco CallManager Express (CME) or Survivable Remote Site Telephony (SRST)

Affected: CISCO : IOS 12.1
CISCO : IOS 12.2
CISCO : IOS 12.3

Original document CISCO, Cisco Security Advisory: Vulnerability in Cisco IOS Embedded Call Processing Solutions (20.01.2005)

Discuss: Read or add your comments to this news (0 comments)

Multiple Darwin/MacOS X kernel bugs
Published: 20.01.2005
Source: BUGTRAQ
SecurityVulns ID: 4382
Type: local
Level: 5/10
Description: DoS on parsing executable format, access behind array boundaries.

Affected: APPLE : MacOS X 10.3
DARWIN : Darwin 7.5

Original document nemo_(at)_felinemenace.org, Darwin Kernel Vulnerability (20.01.2005)

Files: DoS for Darwin Kernel Version < 7.5.0
Discuss: Read or add your comments to this news (0 comments)

squid proxy server access control lists protection bypass
Published: 20.01.2005
Source: SECUNIA
SecurityVulns ID: 4384
Type: remote
Level: 5/10
Description: If LDAP authentication is used space can be added to username to bypass ACL restrictuions.

Affected: SQUID : squid 2.5

Original document SECUNIA, [SA13843] Squid Username Whitespace Security Bypass Issue (20.01.2005)

Discuss: Read or add your comments to this news (2 comments)

Multiple Internet Explorer bugs
updated since 13.10.2004
Published: 20.01.2005
Source: MICROSOFT
SecurityVulns ID: 4091
Type: client
Level: 9/10
Description: CSS buffer overflow, local zone scripting, buffer overflow in Install Engine, writing file to any location with drag and drop or scripting in <img> tag, address bar spoofing, SSL crossite scripting.

Affected: MICROSOFT : Internet Explorer 5.5
MICROSOFT : Internet Explorer 6.0

Original document NGSSoftware Insight Security Research, Microsoft Internet Explorer Install Engine Control Buffer Overflow (#NISR19012005a) (20.01.2005)

NGSSoftware Insight Security Research, MSN Heartbeat Control Buffer Overflow (20.01.2005)

CERT, US-CERT Technical Cyber Security Alert TA04-293A -- Multiple Vulnerabilities in Microsoft Internet Explorer (22.10.2004)

document NGSSoftware Insight Security Research Advisory (NISR), MSN Gaming Heartbeat Component Buffer Overflow (15.10.2004)

ACROS Security, ACROS Security: Poisoning Cached HTTPS Documents in Internet Explorer (13.10.2004)

NGSSoftware Insight Security Research Advisory (NISR), Microsoft Internet Explorer Install Engine Control Buffer Overflow (13.10.2004)

MICROSOFT, Microsoft Security Bulletin MS04-038 Cumulative Security Update for Internet Explorer (834707) (13.10.2004)

Files: Buffer Overflow In Internet Explorer CSS Parsing (mshtml.dll) exploit
Microsoft Security Bulletin MS04-038 Cumulative Security Update for Internet Explorer (834707)
Discuss: Read or add your comments to this news (0 comments)

Multiple AtHoc toolbar bugs
updated since 07.10.2004
Published: 20.01.2005
Source: BUGTRAQ
SecurityVulns ID: 4070
Type: client
Level: 5/10
Description: Buffer overflows, format string bugs in ActiveX components.

Affected: ATHOC : AtHoc toolbar

Original document NGSSoftware Insight Security Research, Multiple vulnerabilities in the AtHoc Toolbar (#NISR19012005c) (20.01.2005)

NGSSoftware Insight Security Research, Patch available for high risk flaws in the AtHoc Toolbar (07.10.2004)

Discuss: Read or add your comments to this news (0 comments)

Multiple Real products multiple bugs
updated since 30.09.2004
Published: 20.01.2005
Source: SECUNIA
SecurityVulns ID: 4057
Type: client
Level: 6/10
Description: RealPlayer ActiveX 'ShowPreferences' Buffer Overflow Vulnerability. Malcrafted RMP files arbitrary files deletion.

Affected: REAL : RealPlayer 8
REAL : RealPlayer 10
REAL : RealOne Player 2
REAL : RealOne Player 1
HELIXCOMMUNITY : Helix Player 1.0
REAL : RealPlayer 10.5
REAL : Helix Server 9.0

Original document NGSSoftware Insight Security Research, RealPlayer Miscellaneous Vulnerabilities (#NISR19012005g) (20.01.2005)

NGSSoftware Insight Security Research, RealPlayer Arbitrary File Deletion Vulnerability (#NISR19012005f) (20.01.2005)

NGSSoftware Insight Security Research, RealPlayer 'ShowPreferences' Buffer Overflow Vulnerability (#NISR19012005e) (20.01.2005)

document IDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 10.07.04: RealNetworks Helix Server Content-Length Denial of Service Vulnerability (08.10.2004)

NGSSoftware Insight Security Research, Patch available for multiple high risk vulnerabilities in RealPlayer (07.10.2004)

EEYE, EEYE: RealPlayer pnen3260.dll Heap Overflow (02.10.2004)

document SECUNIA, [SA12672] RealOne Player / RealPlayer / Helix Player Multiple Vulnerabilities (30.09.2004)

Discuss: Read or add your comments to this news (0 comments)

Konversation KDE IRC client multiple vulnerabilities
updated since 20.01.2005
Published: 24.01.2005
Source: BUGTRAQ
SecurityVulns ID: 4383
Type: client
Level: 5/10
Description: Special characters filtering problem.

Affected: KONVERSATION : Konversation 0.15

Original document SECURITEAM, [EXPL] Multiple Vulnerabilities in Konversation (Exploit) (24.01.2005)

Wouter Coekaerts, [Full-Disclosure] Multiple vulnerabilities in Konversation (20.01.2005)

Discuss: Read or add your comments to this news (0 comments)

test server