MacOS X Apple iSync buffer overflow
Published:		23.01.2005
Source:		BUGTRAQ
SecurityVulns ID:		4393
Type:		local
Level:		5/10
Description:		Buffer overflow on -a argument parsing in suid root mRouter binary.

Affected:

APPLE : iSync 1.5

Original document

Braden Thomas, Mac OS X 10.3 iSync Privilege Escalation (23.01.2005)

Files:		overflow in mRouter, suid binary used by iSync, on OSX <= 10.3.7
Discuss:		Read or add your comments to this news (0 comments)

Multiple enscript ASCII to Postscript convertor vulnerabilities
Published:		23.01.2005
Source:		BUGTRAQ
SecurityVulns ID:		4394
Type:		remote
Level:		5/10
Description:		Shell characters filtering problems, multiple buffer overflows.

Affected:

GNU : enscript 1.6

Original document

DEBIAN, [SECURITY] [DSA 654-1] New enscript packages fix several vulnerabilities (23.01.2005)

Discuss:

Read or add your comments to this news (0 comments)

PHP/ASP/CGI web applications security vulnerabilities updated since 18.01.2005
Published:		23.01.2005
Source:
SecurityVulns ID:		4374
Type:		remote
Level:		5/10
Description:		PHP inclusions, SQL injections, directory traversals, crossite scripting, etc.

Affected:		GALLERY : Gallery 1.3
		GALLERY : Gallery 1.4
		TIKIWIKI : TikiWiki 1.8
		JSBOARD : jsboard 2.0
		GALLERY : Gallery 2.0
		AWSTATS : AWStats 6.1
		GFORGE : GForge 3.3
		SITEMAN : Siteman 1.0
		SWORD : sword 1.5
		COMERSUS : Comersus ASP Shopping Cart 6.0
		COMERSUS : Comersus ASP Shopping Cart 6.01

Original document		shoalie sefid, Siteman User Database Line Insertion Vulnerability (23.01.2005)
		SECUNIA, [SA13948] TikiWiki "temp" Arbitrary Script Execution Vulnerability (22.01.2005)
		raf somers, bug report comersus Back Office Lite 6.0 and 6.0.1 (22.01.2005)
		DEBIAN, [SECURITY] [DSA 650-1] New sword packages fix arbitrary command execution (22.01.2005)
		Pedram hayati, God Admin Injection Vulnerability in Siteman 1.0.x (22.01.2005)
		SSR Team, STG Security Advisory: [SSA-20050120-22] JSBoard file disclosure vulnerability (22.01.2005)
		SSR Team, STG Security Advisory: [SSA-20050120-24] GForge 3.x directory traversal vulnerability (22.01.2005)
		IDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 01.17.05: AWStats Remote Command Execution Vulnerability (18.01.2005)
		Rafel Ivgi, [Full-Disclosure] Gallery v1.3.4-pl1, v1.4.4-pl2, 2.0 Alpha Cross Site Scripting Vulnerability (18.01.2005)

Discuss:

Read or add your comments to this news (0 comments)

Golden FTP Server buffer overflow updated since 23.01.2005
Published:		26.12.2005
Source:		BUGTRAQ
SecurityVulns ID:		4395
Type:		remote
Level:		5/10
Description:		Buffer overflow during APPE, RNTO and USER FTP commands processing.

Affected:

GOLDENFTPSERVER : GoldenFTP Server 2.0

Original document		SECURITEAM, [EXPL] GoldenFTPd APPE Stack Overflow (Exploit) (26.12.2005)
		Carlos Ulver, Golden Ftp server 1.29 Username remote Buffer Overflow (03.03.2005)
		barabas mutsonline, [Full-Disclosure] several BO's in goldenftpd (23.01.2005)

Files:		XPSP2 goldenftpserver sploit - bind 4444
		Golden Ftp Server 1.29(Freeware Version) Username Remote Buffer Overflow exploit
		GoldenFTPd APPE <= 1.92 Stack Overflow
Discuss:		Read or add your comments to this news (0 comments)