NetBSD IPSec DoS Published: 23.10.2002 Source: BUGTRAQ SecurityVulns ID: 2364 Type: remote Level: 5/10 Description: Short packet causes system to halt. Affected: NETBSD : NetBSD 1.5 NETBSD : NetBSD 1.6 Original document NETBSD , NetBSD Security Advisory 2002-016: Insufficient length check in ESP authentication data (23.10.2002 )
Microsoft RPC null reference DoS Published: 23.10.2002 Source: BUGTRAQ SecurityVulns ID: 2359 Type: remote Level: 5/10 Description: NULL pointer reference during processing of RPC packet (TCP/135) Affected: MICROSOFT : Windows 2000 Server MICROSOFT : Windows 2000 Advanced Server MICROSOFT : Windows 2000 Professional Original document Joe Testa , Reproducing the MS DCE-RPC DOS. (23.10.2002 ) Dave Aitel , [Immunity, Inc.]Vulnerability: RPC Service DoS (port 135/tcp) on Windows 2000 SP3 (19.10.2002 )
Program execution via AIM Published: 23.10.2002 Source: BUGTRAQ SecurityVulns ID: 2361 Type: client Level: 5/10 Description: If user clicks on link to local executable it will be launched. Affected: AOL : Instant Messenger 4.8 Original document Blud Clot , AIM 4.8.2790 remote file execution vulnerability (23.10.2002 )
Unixware/Open Unix rcp DoS Published: 23.10.2002 Source: BUGTRAQ SecurityVulns ID: 2363 Type: local Level: 5/10 Description: rcp of /prog causes system to hang. Affected: SCO : UnixWare 7.1 SCO : Open UNIX 8.0 Original document CALDERA , Security Update: [CSSA-2002-SCO.41] UnixWare 7.1.1 Open UNIX 8.0.0 : rcp of /proc causes denial-of-service (23.10.2002 )
Microsoft Internet Explorer saved references and identifiers crossite scripting Published: 23.10.2002 Source: BUGTRAQ SecurityVulns ID: 2314 Type: remote Level: 6/10 Description: By saving location.assign method of parent window it's possible to access it content any time. It's also possible to reference frame by it's identifier. Affected: MICROSOFT : Internet Explorer 6.0 Original document GreyMagic Software , Vulnerable cached objects in IE (9 advisories in 1) (23.10.2002 ) GreyMagic Software , Internet Explorer : The D-Day (15.10.2002 ) Liu Die Yu , MSIE:"SaveRef" turns Zone off (02.10.2002 )
Buffer overflow in WebServer 4 Everyone Published: 23.10.2002 Source: BUGTRAQ SecurityVulns ID: 2352 Type: remote Level: 5/10 Description: Buffer overflow on oversized GET request. Affected: RADIOBIRD : WebServer 4 Everyone 1.27 RADIOBIRD : WebServer 4 Everyone 1.28 Original document Tamer Sahin , [SecurityOffice] Web Server 4 Everyone v1.28 Host Field Denial of Service Vulnerability (23.10.2002 ) IDEFENSE , iDEFENSE Security Advisory 10.15.02: DoS and Directory Traversal Vulnerabilities in WebServer 4 Everyone (16.10.2002 )
CGI bugs Published: 14.11.2002 Source: BUGTRAQ SecurityVulns ID: 2362 Type: remote Level: 5/10 Affected: W3MAIL : W3Mail 1.0 PHPBB : phpBB 2.0 NOCC : NOCC 0.9 ICEWARP : IceWarp Webmail 3.3 PHPNUKE : PHP-Nuke 5.6 XOOPS : Xoops RC3.0 GULFTECH : PAFileDB GBOOK : gBook 1.4 MYMARKET : MyMarket 1.71 CGI : Mojo Bug Tracker CGI : vpopmail-CGIApps PROMETHEUS : Prometheus 6.0 CGI : ion-p ZONEEDIT : ZoneEdit CGI : networking_utils.php SNORTCENTER : SnortCenter 0.9 CUTECAST : Cutecast Forum 1.2 POSTNUKE : Postnuke 0.72 EZ : httpbench 1.1 APBOARD : APBoard 2.02 APBOARD : APBoard 2.03 Original document DarC KonQuesT , IceWarp 3.4.5 XSS *AGAIN* (14.11.2002 ) Hai Nam Luke , Code Injection in phpBB Advanced Quick Reply Mod (13.11.2002 ) ProXy , APBoard - post threads to protected forums and possibility to hijack forum-password (13.11.2002 ) Tim Brown , Fresh hole in W3Mail (13.11.2002 ) VALDEUX_(at)_aol.com , WebChat for XOOPS RC3 SQL INJECTION (12.11.2002 ) magistrat , xoops Quizz Module IMG bug (12.11.2002 ) Tacettin Karadeniz , benchmark tool for HTTP pages. (11.11.2002 ) Muhammad Faisal Rauf Danka , XSS in Postnuke Rogue release (0.72) (10.11.2002 ) Zero-X ScriptKiddy , Vulnerability in Cutecast Forum v1.2 (08.11.2002 ) Clint Byrum , SnortCenter 0.9.5 temp file naming problems... (06.11.2002 ) Tacettin Karadeniz , networking_utils.php (06.11.2002 ) [secondmotion]-Matt Thompson , ZoneEdit Account Hijack Vulnerability (06.11.2002 ) Zero-X ScriptKiddy , ion-p.exe allows Remote File Retrieving (02.11.2002 ) IDEFENSE , iDEFENSE Security Advisory 10.31.02c: PHP-Nuke SQL Injection Vulnerability (02.11.2002 ) IDEFENSE , iDEFENSE Security Advisory 10.31.02b: Prometheus Application Framework Code Injection (02.11.2002 ) Ignacio Vazquez , vpopmail CGIapps vadddomain multiple vulnerabilities (25.10.2002 ) Ignacio Vazquez , vpopmail CGIapps vpasswd vulnerabilities (25.10.2002 ) Daniel Boland , XSS vulnerability in Mojo Mail Sign-Up Form (25.10.2002 ) qber66 , XSS bug in MyMarket 1.71 (24.10.2002 ) frog frog , gBook (23.10.2002 ) ersatz_(at)_unixhideout.com , XSS vulnerabilites in Pafiledb (23.10.2002 ) Ulf Harnhammar , NOCC: XSS (23.10.2002 )
