 |
|
|
|
BOA Web server directory traversal
updated since 09.10.2000 | | Published: |  | 22.03.2005 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 602 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | Directory traversal by using ESC sequences (/%2E%2E/) allows to access any system file. |
| Affected: |  | BOA : BOA web server 0.94 | | | | SAMSUNG : SMDK8947 |
| Original document |  | morning_wood, [Full-disclosure] Samsung ADSL Modem Vulnerability (22.03.2005) |
| | | FREEBSD, Ports Security Advisory: FreeBSD-SA-00:60.boa (31.10.2000) |
| | | Lluis Mora, Vulnerability in BOA web server v0.94.8.2 (09.10.2000) |
Multiple xloadimage image viewer bugs
updated since 10.07.2001 | | Published: | | 22.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 1316 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overflows, shell metacharacters problem. |
| Affected: | | XLOADIMAGE : xloadimage 4.1 | | | | XLI : xli 1.17 |
| Original document | | DEBIAN, [SECURITY] [DSA 695-1] New xli packages fix several vulnerabilities (22.03.2005) |
| | | GENTOO, [Full-Disclosure] [ GLSA 200503-05 ] xli, xloadimage: Multiple vulnerabilities (03.03.2005) |
| | | REDHAT, [RHSA-2001:088-04] New xloadimage packages available (10.07.2001) |
Buffer overflow in multiple IMAP clients
updated since 15.05.2003 | | Published: | | 22.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2821 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overflows on long replies, large message sizes, etc. |
| Affected: | | MICROSOFT : Internet Explorer 6.0 | | | | MUTT : mutt 1.4 | | | | MOZILLA : Mozilla 1.4 | | | | UW : imap-uw 2002 | | | | EVOLUTION : Evolution 1.2 | | | | MOZILLA : Mozilla 1.3 | | | | SYLPHEED : Sylpheed 0.8 | | | | QUALCOMM : Eudora 5.2 | | | | SYLPHEED : Sylpheed 1.0 | | | | SYLPHEED : Sylpheed-claws 1.0 |
| Original document | | GENTOO, [ GLSA 200503-26 ] Sylpheed, Sylpheed-claws: Message reply overflow (22.03.2005) |
| | | Timo Sirainen, Buffer overflows in multiple IMAP clients (15.05.2003) |
| dyndnsupdate dyndns.org DNS update program multiple buffer overflows | | Published: | | 22.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4598 | | Type: | | client | | Level: | | 5/10 | | Description: | | Multiple buffer overflows. |
| Affected: | | XZABITE : dyndnsupdate 0.6 |
| Original document | | GENTOO, [ GLSA 200503-27 ] Xzabite dyndnsupdate: Multiple vulnerabilities (22.03.2005) |
| Nortel VPN client weak encryption | | Published: | | 22.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4600 | | Type: | | local | | Level: | | 4/10 | | Description: | | Cleartext password is stored in memory. |
| Affected: | | NORTEL : Windows Contivity VPN client 5.01 |
| Original document | | Roy Hills, Nortel VPN Client Issue: Clear-text password stored in memory (22.03.2005) |
| rxvt-unicode terminal emulator buffer overflow | | Published: | | 22.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4595 | | Type: | | client | | Level: | | 6/10 |
| Affected: | | RXVTUNICODE : rxvt-unicode 5.2 | | | | RXVTUNICODE : rxvt-unicode 6.2 |
| Original document | | GENTOO, [ GLSA 200503-23 ] rxvt-unicode: Buffer overflow (22.03.2005) |
| PVDasm disassembler/debugger buffer overflow | | Published: | | 22.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4597 | | Type: | | local | | Level: | | 5/10 | | Description: | | Buffer overflow on oversized module name. |
| Affected: | | PVDASM : PVDasm 1.6 |
| Original document | | HaCkZaTaN, -==PVDasm Long Name Debug Vulnerability==- (22.03.2005) |
| Apple MacOS X environment variable buffer overflow | | Published: | | 22.03.2005 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4599 | | Type: | | local | | Level: | | 7/10 | | Description: | | Buffer overflow on oversized CF_CHARSET_PATH variable. |
| Affected: | | APPLE : MacOS X 10.3 |
| Original document | | IDEFENSE, iDEFENSE Security Advisory 03.21.05: Mac OS X CF_CHARSET_PATH Buffer Overflow Vulnerability (22.03.2005) |
| Ocean FTP Server DoS | | Published: | | 22.03.2005 | | Source: | | SECUNIA | | SecurityVulns ID: | | 4601 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Large number of established conenction causes server to crash. |
| Affected: | | CODEOCEAN : Ocean FTP Server 1.0 |
| Original document | | SECUNIA, [SA14662] Ocean FTP Server Multiple Connections Denial of Service (22.03.2005) |
PHP, ASP, CGI web applications security vulnerabilities
updated since 22.03.2005 | | Published: | | 26.03.2005 | | Source: | | | | SecurityVulns ID: | | 4596 | | Type: | | remote | | Level: | | 5/10 | | Description: | | PHP inclusions, SQL injections, directory traversals, crossite scripting, etc. |
| Affected: | | INVISION : Invision Power Board 2.0 | | | | PHORUM : Phorum 5.0 | | | | COOLFORUM : CoolForum 0.8 | | | | BETAPRACTICE : BetaParticle 3.0 | | | | KAYAKO : eSupport 2.3 | | | | CZARNEWS : CzarNews 1.13 | | | | TRG : TRG News 3.0 | | | | BETAPRACTICE : betaparticle 4.0 | | | | FILEZILLA : Filezilla 0.9 | | | | ARTICLELIVE : ArticleLive 2005 | | | | VORTEXPORTAL : VortexPortal | | | | PHPSYSINFO : phpSysInfo 2.3 | | | | PHPBB : Topic Calendar 1.0 | | | | DOUBLECHOCOLATTE : Double Choco Latte 0.9 | | | | DREAM4 : Koobi CMS 4.2 | | | | PHPMYDIRECTORY : phpMyDirectory 10.1 | | | | DIGITALHIVE : DigitalHive 2.0 | | | | NUKEBOOKMARKS : NukeBookmarks 0.6 |
| Original document | | Astharot, [Full-disclosure] ZH2005-03SA -- multiple vulnerabilities in NukeBookmarks .6 (26.03.2005) |
| | | SECUNIA, [SA14702] DigitalHive Two Cross-Site Scripting Vulnerabilities (25.03.2005) |
| | | mircia mircia, phpMyDirectory 10.1.3-rel cross site scripting (25.03.2005) |
| | | mircia mircia, Multipe flaws in Koobi CMS 4.2.3 (25.03.2005) |
| | | SECUNIA, [SA14688] Double Choco Latte Cross-Site Scripting and PHP Code Execution (24.03.2005) |
| | | SECUNIA, [SA14679] MercuryBoard "title" Script Insertion Vulnerability (24.03.2005) |
| | | Woody, [Full-disclosure] Invision Iframe Bug (24.03.2005) |
| | | Alberto Trivero, Multiple vulnerabilities in Topic Calendar 1.0.1 for phpBB (24.03.2005) |
| | | Maksymilian Arciemowicz, [SECURITYREASON.COM] phpSysInfo 2.3 Multiple vulnerabilities cXIb8O3.11 (24.03.2005) |
| | | mircia mircia, Interspire ArticleLive 2005 (php version) is vulnerable to XSS (24.03.2005) |
| | | SECUNIA, [SA14664] FileZilla Server Denial of Service Vulnerabilities (22.03.2005) |
| | | SECUNIA, [SA14668] betaparticle blog Exposure of Sensitive Information and Security Bypass (22.03.2005) |
| | | SECUNIA, [SA14669] TRG News Script "dir" File Inclusion Vulnerability (22.03.2005) |
| | | SECUNIA, [SA14670] CzarNews "tpath" File Inclusion Vulnerability (22.03.2005) |
| | | Alexander Anisimov, [ Positive Technologies #SA] Phorum "location" HTTP Response Splitting Vulnerability (22.03.2005) |
| | | JeiAr, Kayako eSupport Cross Site Scripting (22.03.2005) |
| | | farhad koosha, 2 vulnerabilities in BetaParticle (22.03.2005) |
| | | HaCkZaTaN, -==CoolForum Path Disclosure & Possible SQL Injection==- (22.03.2005) |
|
|
|
|
|
| |
|
| |
