APC PowerChute DoS
Published:		26.07.2004
Source:		BUGTRAQ
SecurityVulns ID:		3863
Type:		remote
Level:		5/10
Description:		It's possible to prevent access to server or agent.

Affected:		APC : PowerChute 6.0
		APC : PowerChute 7.0

Original document

APC, APC Security Advisory – Denial of Service Vulnerability with PowerChuteBusinessEdition (26.07.2004)

Discuss:

Read or add your comments to this news (0 comments)

MacOS X Internet Connect symbolic links
Published:		26.07.2004
Source:		FULL-DISCLOSURE
SecurityVulns ID:		3864
Type:		local
Level:		6/10
Description:		ppp.log is created in /tmp in unsafe way.

Affected:

APPLE : MacOS X 10.3

Original document

B-r00t, [Full-Disclosure] OSX Panther Internet Connect Vulnerability. (26.07.2004)

Discuss:

Read or add your comments to this news (0 comments)

Mozilla Firefox certificate spoofing
Published:		26.07.2004
Source:		FULL-DISCLOSURE
SecurityVulns ID:		3865
Type:		client
Level:		5/10
Description:		By using onunload() method it's possible to use certificate of any site.

Affected:

MOZILLA : Firefox 0.9

Original document

E.Kellinis, [Full-Disclosure] Mozilla Firefox Certificate Spoofing (26.07.2004)

Discuss:

Read or add your comments to this news (0 comments)

Microsoft Systems Management Server client memory corruption updated since 15.07.2004
Published:		26.07.2004
Source:		BUGTRAQ
SecurityVulns ID:		3850
Type:		remote
Level:		6/10
Description:		Malcrafted data to TCP/2702 port causes memory corruption.

Affected:

MICROSOFT : Systems Management Server 2.50

Original document		wang_(at)_readyresponse.org, MS SMS DOS Proof-of-concept code and Snort sig (26.07.2004)
		vuln_(at)_hexview.com, [HV-MED] DoS in Microsoft SMS Client (15.07.2004)

Files:		MS SMS DOS Proof-of-concept code
Discuss:		Read or add your comments to this news (0 comments)

HP-UX Xfs buffer overflow updated since 14.07.2004
Published:		26.07.2004
Source:		SECURITEAM
SecurityVulns ID:		3837
Type:		remote
Level:		6/10
Description:		Buffer overflow on oversized line in configuration file (sgid bin).

Affected:

HP : HP-UX 11.00

Original document		HP, [security bulletin] SSRT4773 HP-UX xfs and stmkfont remote unauthorized access (26.07.2004)
		SECURITEAM, [EXPL] HP-UX Xfs Daemon Port Buffer Overflow (14.07.2004)

Files:		Exploit xfs command of HPUX to get bin gid shell.
Discuss:		Read or add your comments to this news (0 comments)

eSeSIX Thintune backdoor
Published:		26.07.2004
Source:		BUGTRAQ
SecurityVulns ID:		3867
Type:		remote
Level:		6/10
Description:		Backdoor on port TCP/25702, it's possible to obtain ICA and RDP usernames/passwords.

Affected:

ESESIX : JSTREAM II 2.4

Original document

Loss, Dirk, eSeSIX Thintune thin client multiple vulnerabilities (26.07.2004)

Discuss:

Read or add your comments to this news (0 comments)

CGI bugs updated since 26.07.2004
Published:		30.07.2004
Source:
SecurityVulns ID:		3866
Type:		remote
Level:		5/10

Affected:		EASYWEB : EasyWeb FileManager 1.0
		EASYINS : Stadtportal 4
		ASPRUNNER : ASPRunner 2.4
		NUCLEUSCMS : Nucleus CMS 3.01
		RESEARCH : RiSearch
		ANTIBOARD : AntiBoard 0.7
		LINPHA : Linpha 0.9
		VERYLOST : lostBook 1.1
		JAWS : jaws 0.4
		POWERPORTAL : PowerPortal 1.3

Original document		SECURITEAM, [UNIX] PowerPortal XSS vulnerability (30.07.2004)
		Rubén Molina, Jaws 0.4: authentication bypass (30.07.2004)
		Joseph Moniz, lostBook v1.1 Javascript Execution (30.07.2004)
		Rubén Molina, Linpha 0.9.4: authentication bypass (30.07.2004)
		Josh Gilmour, AntiBoard <= 0.7.2 XSS/SQL Injection (29.07.2004)
		advisories_(at)_irmplc.com, IRM 009: RiSearch and RiSearch ProPro are vulnerable to open FTP/HTTP proxy, directory listings and file disclosure vulnerabilities (28.07.2004)
		acidbits_(at)_hotmail.com, NucleusCMS 3.01 SQL Injection Vulnerability (27.07.2004)
		Ferruh Mavituna, ASPRunner Multiple Vulnerabilities (27.07.2004)
		Francisco Alisson, Easyins Stadtportal (26.07.2004)
		sullo, EasyWeb FileManager Directory Traversal (26.07.2004)

Discuss:

Read or add your comments to this news (0 comments)