 |
|
|
|
Microsoft Systems Management Server client memory corruption
updated since 15.07.2004 | | Published: |  | 26.07.2004 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 3850 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | Malcrafted data to TCP/2702 port causes memory corruption. |
| Affected: |  | MICROSOFT : Systems Management Server 2.50 |
| Original document |  | wang_(at)_readyresponse.org, MS SMS DOS Proof-of-concept code and Snort sig (26.07.2004) |
| | | vuln_(at)_hexview.com, [HV-MED] DoS in Microsoft SMS Client (15.07.2004) |
| APC PowerChute DoS | | Published: | | 26.07.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3863 | | Type: | | remote | | Level: | | 5/10 | | Description: | | It's possible to prevent access to server or agent. |
| Affected: | | APC : PowerChute 6.0 | | | | APC : PowerChute 7.0 |
| Original document | | APC, APC Security Advisory – Denial of Service Vulnerability with PowerChuteBusinessEdition (26.07.2004) |
| MacOS X Internet Connect symbolic links | | Published: | | 26.07.2004 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 3864 | | Type: | | local | | Level: | | 6/10 | | Description: | | ppp.log is created in /tmp in unsafe way. |
| Affected: | | APPLE : MacOS X 10.3 |
| Original document | | B-r00t, [Full-Disclosure] OSX Panther Internet Connect Vulnerability. (26.07.2004) |
| Mozilla Firefox certificate spoofing | | Published: | | 26.07.2004 | | Source: | | FULL-DISCLOSURE | | SecurityVulns ID: | | 3865 | | Type: | | client | | Level: | | 5/10 | | Description: | | By using onunload() method it's possible to use certificate of any site. |
| Affected: | | MOZILLA : Firefox 0.9 |
| Original document | | E.Kellinis, [Full-Disclosure] Mozilla Firefox Certificate Spoofing (26.07.2004) |
| eSeSIX Thintune backdoor | | Published: | | 26.07.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 3867 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Backdoor on port TCP/25702, it's possible to obtain ICA and RDP usernames/passwords. |
| Affected: | | ESESIX : JSTREAM II 2.4 |
| Original document | | Loss, Dirk, eSeSIX Thintune thin client multiple vulnerabilities (26.07.2004) |
HP-UX Xfs buffer overflow
updated since 14.07.2004 | | Published: | | 26.07.2004 | | Source: | | SECURITEAM | | SecurityVulns ID: | | 3837 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Buffer overflow on oversized line in configuration file (sgid bin). |
| Affected: | | HP : HP-UX 11.00 |
| Original document | | HP, [security bulletin] SSRT4773 HP-UX xfs and stmkfont remote unauthorized access (26.07.2004) |
| | | SECURITEAM, [EXPL] HP-UX Xfs Daemon Port Buffer Overflow (14.07.2004) |
CGI bugs
updated since 26.07.2004 | | Published: | | 30.07.2004 | | Source: | | | | SecurityVulns ID: | | 3866 | | Type: | | remote | | Level: | | 5/10 |
| Affected: | | EASYWEB : EasyWeb FileManager 1.0 | | | | EASYINS : Stadtportal 4 | | | | ASPRUNNER : ASPRunner 2.4 | | | | NUCLEUSCMS : Nucleus CMS 3.01 | | | | RESEARCH : RiSearch | | | | ANTIBOARD : AntiBoard 0.7 | | | | LINPHA : Linpha 0.9 | | | | VERYLOST : lostBook 1.1 | | | | JAWS : jaws 0.4 | | | | POWERPORTAL : PowerPortal 1.3 |
| Original document | | SECURITEAM, [UNIX] PowerPortal XSS vulnerability (30.07.2004) |
| | | Rubén Molina, Jaws 0.4: authentication bypass (30.07.2004) |
| | | Joseph Moniz, lostBook v1.1 Javascript Execution (30.07.2004) |
| | | Rubén Molina, Linpha 0.9.4: authentication bypass (30.07.2004) |
| | | Josh Gilmour, AntiBoard <= 0.7.2 XSS/SQL Injection (29.07.2004) |
| | | advisories_(at)_irmplc.com, IRM 009: RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities (28.07.2004) |
| | | acidbits_(at)_hotmail.com, NucleusCMS 3.01 SQL Injection Vulnerability (27.07.2004) |
| | | Ferruh Mavituna, ASPRunner Multiple Vulnerabilities (27.07.2004) |
| | | Francisco Alisson, Easyins Stadtportal (26.07.2004) |
| | | sullo, EasyWeb FileManager Directory Traversal (26.07.2004) |
|
|
|
|
|
| |
|
| |
