HP-UX stmkfonts privilege escalation
Published:		23.10.2004
Source:		BUGTRAQ
SecurityVulns ID:		4111
Type:		local
Level:		5/10
Description:		External program is called with relative path.

Affected:		HP : HP-UX 11.00
		HP : HP-UX 11.11
		HP : HP-UX 11.22
		HP : HP-UX 11.23

Original document		HP, [Security Bulletin] SSRT4807 HP-UX stmkfont local unauthorized privileged access (23.10.2004)
		NSFOCUS, NSFOCUS SA2004-02 : HP-UX stmkfont Local Privilege Escalation Vulnerability (23.10.2004)

Discuss:

Read or add your comments to this news (0 comments)

CGI bugs updated since 22.10.2004
Published:		23.10.2004
Source:
SecurityVulns ID:		4104
Type:		remote
Level:		5/10

Affected:		S9Y : Serendipity 0.7
		CPANEL : cPanel 9.4
		SAGE : SalesLogix 6.1
		PSCRIPT : pscript 1.26
		UBBCENTRAL : UBB.threads 3.4

Original document		Chaotic Evil, HTTP Response Splitting in Serendipity 0.7-beta4 (23.10.2004)
		Florian Rock, SQL Injection in UBB.threads 3.4.x (23.10.2004)
		Christoph Jeschke, [Powie's PSCRIPT Forum] Multiple SQL-Injection Vulnerabilities (22.10.2004)
		Carl, Multiple vulnerabilities in Sage Saleslogix (22.10.2004)
		Andrey Bayora, [Full-Disclosure] cPanel check only the first 8 characters of webmail password (22.10.2004)

Discuss:

Read or add your comments to this news (0 comments)

Altiris Deployment Server server spoofing
Published:		23.10.2004
Source:		BUGTRAQ
SecurityVulns ID:		4112
Type:		remote
Level:		5/10
Description:		Mutual authentication absence and multicast based server detection allow to spoof server and obtain full control under managed network.

Affected:		ALTRIS : Altiris Deployment Server 6.0
		ALTRIS : Altiris Deployment Server 6.1

Original document

Brian Gallagher, Critical Vulnerability in Altiris Deployment Server architecture (23.10.2004)

Discuss:

Read or add your comments to this news (0 comments)