Search:Vulnerability:23.10.2003 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Caucho Resin Crossite Scripting
Published: 23.10.2003
Source: BUGTRAQ
SecurityVulns ID: 3190
Type: remote
Level: 5/10
Description: Crossite scipring in few CSS examples.

Affected: CAUCHO : Resin Httpd 2.0

Original document morning_wood, [Full-Disclosure] Caucho Resin 2.x - Cross Site Scripting (23.10.2003)

Discuss: Read or add your comments to this news (0 comments)

Oracle buffer overflow
Published: 23.10.2003
Source: SECURITEAM
SecurityVulns ID: 3191
Type: local
Level: 6/10
Description: Command line buffer overflow allows to obtain oracle uid.

Affected: ORACLE : Oracle 9i

Original document SECURITEAM, [EXPL] Oracle Command Line Overflow (Exploit) (23.10.2003)

Files: oracle command line buffer overflow exploit
Discuss: Read or add your comments to this news (0 comments)

/bin/ls integer overflow
Published: 23.10.2003
Source: FULL-DISCLOSURE
SecurityVulns ID: 3192
Type: remote
Level: 5/10
Description: Integer overflow allows DoS condition

Affected: GNU : fileutils 4.0
ANONFTP : anonftp 3.0

Original document Georgi Guninski, [Full-Disclosure] Fun with /bin/ls, yet still ls better than windows (23.10.2003)

Discuss: Read or add your comments to this news (0 comments)

Sylpheed-claws format string bug
Published: 23.10.2003
Source: BUGTRAQ
SecurityVulns ID: 3193
Type: remote
Level: 5/10
Description: Format string bug in SMTP client code.

Affected: SYLPHEED : Sylpheed-claws 0.9

Original document Georgi Guninski, [Full-Disclosure] Sylpheed-claws format string bug, yet still sylpheed much better than windows (23.10.2003)

Discuss: Read or add your comments to this news (0 comments)

SUN jdk crossite scripting
Published: 23.10.2003
Source: FULL-DISCLOSURE
SecurityVulns ID: 3194
Type: remote
Level: 5/10
Description: jdk undocumented static variable may allow data exchange between sites.

Affected: SUN : JDK 1.4
SUN : JRE 1.4
SUN : kre 1.4

Original document Marc Schönefeld, [Full-Disclosure] Cross Site Java applets (23.10.2003)

Discuss: Read or add your comments to this news (0 comments)

Gast Arbeiter unauthorized access
Published: 23.10.2003
Source: BUGTRAQ
SecurityVulns ID: 3195
Type: remote
Level: 5/10
Description: It's possible to access file of attackers choice.

Affected: GASTARBEITER : Gast Arbeiter 1.3

Original document natok_(at)_hush.com, Gast Arbeiter Privilege Escalation (23.10.2003)

Discuss: Read or add your comments to this news (0 comments)

eMule buffer overflow
updated since 23.10.2003
Published: 23.10.2003
Source: BUGTRAQ
SecurityVulns ID: 3196
Type: remote
Level: 6/10
Description: Buffer overflow on oversized password.

Affected: EMULE : eMule 2.2

Original document The-Insider, eMule 2.2 [0.29c] - Web Control Panel - DOS(Denial Of Service) (23.10.2003)

Discuss: Read or add your comments to this news (0 comments)

Origo ASR-8100 DoS
Published: 23.10.2003
Source: BUGTRAQ
SecurityVulns ID: 3197
Type: remote
Level: 5/10
Description: It's possible to reset device via WAN link.

Affected: ORIGO : ASR-8100

Original document Theo Markettos, Origo ASR-8100 ADSL router remote factory reset (23.10.2003)

Discuss: Read or add your comments to this news (0 comments)

Symlink problems in OpenServer
Published: 23.10.2003
Source: BUGTRAQ
SecurityVulns ID: 3198
Type: local
Level: 5/10
Description: Multiple scripts create files in /tmp in insecure way.

Affected: SCO : OpenServer 5.0

Original document SCO, OpenServer 5.0.5 : Insecure creation of files in /tmp (23.10.2003)

Discuss: Read or add your comments to this news (0 comments)

JRE/JDK sandbox breaking
Published: 23.10.2003
Source: BUGTRAQ
SecurityVulns ID: 3199
Type: client
Level: 8/10
Description: By using / instead of . in class name it's possible to bypass sandbox restrictions.

Affected: SUN : JDK 1.4
SUN : JRE 1.4

Original document LSD, [LSD] Security vulnerability in SUN's Java Virtual Machine implementation (23.10.2003)

Discuss: Read or add your comments to this news (0 comments)

mah-jong buffer overflow
Published: 23.10.2003
Source: BUGTRAQ
SecurityVulns ID: 3200
Type: remote
Level: 5/10
Description: Buffer overflow in SetPlayerOption

Affected: MAHJONG : mah-jong 1.4

Original document Vade 79, mah-jong[v1.4]: server/client remote buffer overflow exploit. (23.10.2003)

Files: mah-jong[v1.4]: server/client remote buffer overflow exploit.
Discuss: Read or add your comments to this news (0 comments)

Microsoft Exchange buffer overflow
updated since 16.10.2003
Published: 23.10.2003
Source: MICROSOFT
SecurityVulns ID: 3180
Type: remote
Level: 8/10
Description: Buffer overflow on XEXCH50 SMTP command processing.

Affected: MICROSOFT : Exchange 5.5
EXCHANGE : Exchange 2000

Original document H D Moore, MS03-046 Microsoft Exchange 2000 Heap Overflow (23.10.2003)

MICROSOFT, Microsoft Security Bulletin MS03-046 (16.10.2003)

Files: Microsoft Exchange 2000 Heap Overflow exploit
Discuss: Read or add your comments to this news (0 comments)