 |
|
|
|
| telnetd-ssl format string bug | | Published: |  | 24.12.2004 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 4303 | | Type: |  | remote | | Level: |  | 5/10 |
| Affected: |  | TELNETSSL : telnet-ssl 0.17 | | | | TELNETSSL : telnetd-ssl 0.17 |
| Original document |  | DEBIAN, [SECURITY] [DSA 616-1] New telnetd-ssl packages fix arbitrary code execution (24.12.2004) |
| Windows ANI files DoS | | Published: | | 24.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4304 | | Type: | | local | | Level: | | 5/10 | | Description: |  | Installing ANI file with incorrect parameters causes syste, to freeze or crash. |
| Affected: | | MICROSOFT : Windows NT 4.0 Workstation | | | | MICROSOFT : Windows NT 4.0 Server | | | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server |
| Original document | | flashsky fangxing, Microsoft Windows Kernel ANI File Parsing Crash and DOS Vulnerability (24.12.2004) |
| Windows LoadImage integer overflow | | Published: | | 24.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4305 | | Type: | | library | | Level: | | 6/10 | | Description: | | Integer overflow on bitmap size calculation. |
| Affected: | | MICROSOFT : Windows NT 4.0 Workstation | | | | MICROSOFT : Windows NT 4.0 Server | | | | MICROSOFT : Windows 2000 Server | | | | MICROSOFT : Windows 2000 Professional | | | | MICROSOFT : Windows XP | | | | MICROSOFT : Windows 2003 Server |
| Original document | | flashsky fangxing, Microsoft Windows LoadImage API Integer Buffer overflow (24.12.2004) |
| SHOUTCast format string bug | | Published: | | 24.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4306 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Format string bug in filename. |
| Affected: | | SHOUTCAST : SHOUTcast 1.9 |
| Original document | | Damian Put, SHOUTcast remote format string vulnerability (24.12.2004) |
| HP-UX SAM privilege escalation | | Published: | | 24.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4307 | | Type: | | local | | Level: | | 5/10 |
| Affected: | | HP : HP-UX 11.00 | | | | HP : HP-UX 11.11 | | | | HP : HP-UX 11.22 | | | | HP : HP-UX 11.23 |
| Original document | | HP, [ Security Bulletin ] SSRT4699 rev.0 HP-UX SAM local privilege increase (24.12.2004) |
Netscape Directory Server buffer overflow
updated since 24.12.2004 | | Published: | | 24.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4308 | | Type: | | remote | | Level: | | 6/10 | | Description: | | LDAP buffer overflow. |
| Affected: | | HP : HP-UX 11.00 | | | | HP : HP-UX 11.11 | | | | HP : HP-UX 11.22 | | | | HP : HP-UX 11.23 | | | | NETSCAPE : Netscape Directory Server 6.2 |
| Original document | | SECUNIA, [SA13809] Netscape Directory Server LDAP Request Handling Buffer Overflow (13.01.2005) |
| | | HP, [Security Bulletin] SSRT4867 rev.0 Netscape Directory Server on HP-UX LDAP remote buffer overflow (24.12.2004) |
| Linux kernel Capability LSM privilege escalation | | Published: | | 24.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4309 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Aplication started before module load have elevated privileges. |
| Affected: | | LINUX : kernel 2.6 |
| Original document | | flashsky fangxing, Linux 2.6 Kernel Capability LSM Module Local Privilege Elevation (24.12.2004) |
| Tru64 TCP DoS | | Published: | | 24.12.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4310 | | Type: | | remote | | Level: | | 5/10 |
| Affected: | | HP : Tru64 5.1 | | | | HP : Tru64 4.0 |
| Original document | | HP, [Security Bulletin] SSRT4696 rev.0 - HP Tru64 UNIX TCP Stack Remote Denial of Service (DoS) (24.12.2004) |
Multiple Orcale bugs
updated since 01.09.2004 | | Published: | | 24.12.2004 | | Source: | | VULNWATCH | | SecurityVulns ID: | | 3957 | | Type: | | remote | | Level: | | 9/10 | | Description: | | Buffer overflows, DoS, SQL injections, etc. |
| Affected: | | ORACLE : Oracle 9i | | | | ORACLE : Oracle 8i | | | | ORACLE : Oracle 10g |
| Original document | | NGSSoftware Insight Security Research, Oracle wrapped procedure overflow (#NISR2122004J) (24.12.2004) |
| | | NGSSoftware Insight Security Research, Oracle multiple PL/SQL injection vulnerabilities (#NISR2122004H) (24.12.2004) |
| | | NGSSoftware Insight Security Research, Oracle TNS Listener DoS (#NISR2122004F) (24.12.2004) |
| | | NGSSoftware Insight Security Research, Oracle extproc local command execution (#NISR23122004C) (24.12.2004) |
| | | NGSSoftware Insight Security Research, Oracle extproc directory traversal (#NISR23122004B) (24.12.2004) |
| | | NGSSoftware Insight Security Research, Oracle extproc buffer overflow (#NISR23122004A) (24.12.2004) |
| | | NGSSoftware Insight Security Research, Oracle Character Conversion Bugs (#NISR2122004G) (24.12.2004) |
| | | NGSSoftware Insight Security Research, Oracle ISQLPlus file access vulnerability (#NISR2122004E) (24.12.2004) |
| | | NGSSoftware Insight Security Research, Oracle clear text passwords (#NISR2122004D) (24.12.2004) |
| | | NGSSoftware Insight Security Research, Oracle Trigger Abuse (#NISR2122004I) (24.12.2004) |
| | | Kornbrust, Alexander, [Full-Disclosure] SQL Injection via CTXSYS.DRILOAD in Oracle 8i/9i (06.09.2004) |
| | | Kornbrust, Alexander, [Full-Disclosure] Buffer Overflow in SYS_CONTEXT() in Oracle 9i Rel.2 (06.09.2004) |
| | | Kornbrust, Alexander, [Full-Disclosure] Buffer Overflow in DBMS_SYSTEM.KSDWRT() in Oracle8i - 9i (06.09.2004) |
| | | IDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 09.02.04b: Oracle Database Server ctxsys.driload Access Validation Vulnerability (03.09.2004) |
| | | IDEFENSE, [Full-Disclosure] iDEFENSE Security Advisory 09.02.04a: Oracle Database Server dbms_system.ksdwrt Buffer Overflow Vulnerability (03.09.2004) |
| | | CERT, US-CERT Technical Cyber Security Alert TA04-245A -- Multiple Vulnerabilities in Oracle Products (02.09.2004) |
| | | SHATTER, [Full-Disclosure] [SHATTER Team Security Alert] Multiple vulnerabilities in Oracle Database Server (02.09.2004) |
| | | NGSSoftware Insight Security Research, [VulnWatch] Patch available for multiple critical flaws in Oracle (01.09.2004) |
rpf multiple bugs
updated since 24.12.2004 | | Published: | | 25.12.2004 | | Source: | | SECUNIA | | SecurityVulns ID: | | 4311 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overflow, symboli links problem. |
|
|
|
|
|
| |
|
| |
