Search:Vulnerability:25.02.2003 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Multiple webmin bugs
Published: 25.02.2003
Source: BUGTRAQ
SecurityVulns ID: 2613
Type: remote
Level: 6/10
Description: Crossite scripting, session cookie hijacking.

Affected: WEBMIN : webmin 1.05
WEBMIN : webmin 1.06
WEBTOOL : WebTool 1.2

Original document CALDERA, Security Update: [CSSA-2003-002.0] Linux: Webmin Cross-site Scripting and Session ID Spoofing Vulnerabilities (25.02.2003)

Files: Webmin 1.050 - 1.060 remote exploit
Discuss: Read or add your comments to this news (0 comments)

sircd buffer overflow
Published: 25.02.2003
Source: BUGTRAQ
SecurityVulns ID: 2615
Type: remote
Level: 5/10
Description: Buffer overflow on DNS resolution, default operator account of *!*@*

Affected: SIRCD : sircd 0.4

Original document Knud Erik Højgaard, sircd proof-of-concept / advisory (25.02.2003)

Files: sircd proof-of-concept
Discuss: Read or add your comments to this news (0 comments)

Multiple bugs in Webmin/Usermin
updated since 10.05.2002
Published: 25.02.2003
Source: BUGTRAQ
SecurityVulns ID: 2000
Type: remote
Level: 6/10
Description: Crossite scripting, session ID spoofing.

Affected: WEBMIN : Webmin 0.96
USERMIN : Usermin 0.90

Original document SNS, [SNS Advisory No.52] Webmin/Usermin Cross-site Scripting Vulnerability (10.05.2002)

SNS, [SNS Advisory No.53] Webmin/Usermin Session ID Spoofing Vulnerability (10.05.2002)

Discuss: Read or add your comments to this news (0 comments)

Multiple terminal emulators problems
Published: 25.02.2003
Source: BUGTRAQ
SecurityVulns ID: 2614
Type: remote
Level: 6/10
Description: By inserting secape sequences into terminal session (via log files, e-mail, etc) it's possible to force client into performing a set of operation, like sending control command to server, create a file, etc.

Affected: ETERM : eterm 0.9
XFREE : XFree86 4.2
PUTTY : putty 0.53
ATERM : aterm 0.42
RXVT : rxvt 2.7
KONSOLE : konsole 3.1
VANDYKE : SecureCRT 3.4
HANTERM : hanterm-xf 2.0
GNOME : gnome-terminal 2.0
VTE : vte 0.10

Original document H D Moore, Terminal Emulator Security Issues (25.02.2003)

Discuss: Read or add your comments to this news (0 comments)

CGI bugs
updated since 25.02.2003
Published: 28.02.2003
Source: BUGTRAQ
SecurityVulns ID: 2612
Type: remote
Level: 5/10

Affected: ECARTIS : ecartis 1.0
CUTEPHP : CuteNews 0.88
WIHSY : WihPhoto 0.86
GONICUS : GOnicus System Administrator 1.0
INVISIONBOARD : Invisionboard 1.0
CVE: CVE-2007-0313 (Unspecified vulnerability in GONICUS System Administration (GOsa) before 2.5.8 allows remote authenticated users to modify certain settings, including the admin password, via crafted POST requests.)

Original document frog frog, Invision Power Board (PHP) (28.02.2003)

Haluk AYDIN, Ecardis Password Reseting Vulnerability (28.02.2003)

Karol Wiêsek, GOnicus System Administrator php injection (27.02.2003)

frog frog, WihPhoto (PHP) (25.02.2003)

Over_G, PHP code injection in CuteNews (25.02.2003)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin