Search:Vulnerability:26.08.2005 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

BEA WebLogic crossite scripting
Published: 26.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5145
Type: remote
Level: 5/10
Description: Crossite scripting in administration console.

Affected: BEA : Weblogic 8.1

Original document GomoR, Cross-site scripting vulnerability in BEA WebLogic administration console (26.08.2005)

Discuss: Read or add your comments to this news (0 comments)

LapFTP FTP client buffer overflow
Published: 26.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5146
Type: client
Level: 5/10
Description: Buffer overflow on .LSQ filees parsing.

Affected: LEAPFTP : LeapFTP 2.7

Original document Sowhat ., LeapFTP .lsq Buffer Overflow Vulnerability (26.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Astaro security Linux default configuration multiple vulnerabilities
Published: 26.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5147
Type: remote
Level: 5/10
Description: It's possible to access 127.0.0.1 with CONNECT proxy, Webmin directory traversal, crossite scripting.

Affected: ASTARO : Astaro Security Linux 6.0

Original document Oliver Karow, Astaro Security Linux 6.0 - HTTP CONNECT Access Localhost Weakness (26.08.2005)

Discuss: Read or add your comments to this news (0 comments)

simpleproxy proxy server format string vulnerability
Published: 26.08.2005
Source: FULL-DISCLOSURE
SecurityVulns ID: 5153
Type: client
Level: 5/10
Description: Format string bug on parent HTTP proxy server reply parsing.

Affected: SIMPLEPROXY : simpleproxy 3.2

Original document DEBIAN, [Full-disclosure] [SECURITY] [DSA 786-1] New simpleproxy packages fix arbitrary code execution (26.08.2005)

Files: SimpleProxy Local Format String Exploit
Discuss: Read or add your comments to this news (0 comments)

Sophos antiviral applications and libraries buffer overflow
Published: 26.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5154
Type: remote
Level: 7/10
Description: Heap overflow on parsing Visio files data.

Original document list_(at)_rem0te.com, [Full-disclosure] Sophos Antivirus Library Remote Heap Overflow (26.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Home FTP Server directory traversal
Published: 26.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5144
Type: remote
Level: 5/10
Description: It's possible to obtain any file from remote system.

Affected: DOWNSTAIRS : Home Ftp Server 1.0

Original document Donato Ferrante, Multiple Vulnerabilities in Home Ftp Server 1.0.7 (26.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Apache web server DoS
Published: 26.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5149
Type: remote
Level: 6/10
Description: Wide HTTP request byterange paramters for CGI application leads to memory exhaustion.

Affected: APACHE : Apache 2.0

Original document GENTOO, [ GLSA 200508-15 ] Apache 2.0: Denial of Service vulnerability (26.08.2005)

Discuss: Read or add your comments to this news (0 comments)

libpam-ldap authentication bypass
Published: 26.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5150
Type: remote
Level: 5/10
Description: Result of an attempt to authenticate against an LDAP server that does not set an optional data field is ignored.

Affected: LIBPAMLDAP : libpam-ldap 178

Original document DEBIAN, [SECURITY] [DSA 785-1] New libpam-ldap packages fix authentication bypass (26.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Quake 2 Lithium mode format string bug
Published: 26.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5152
Type: remote
Level: 5/10
Description: Format string bug on parsing player's nickname.

Affected: LITHIUMMOD : Lithium mod 1.24

Original document nukemmeister_(at)_gmail.com, Quake 2 Lithium Mod V 1.24 Macro Expansion Vuln? (26.08.2005)

Discuss: Read or add your comments to this news (0 comments)

CVS concurent versions system symbolic links vulnerability
Published: 26.08.2005
Source: SECUNIA
SecurityVulns ID: 5155
Type: local
Level: 5/10
Description: cvsbug.in script symbolic links problem during temporary files creation.

Affected: CVS : CVS 1.12

Original document SECUNIA, [SA16553] CVS Insecure Temporary File Usage Security Issue (26.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Sun Solaris DHCP utilities and DHCP client privilege escalation
updated since 27.01.2005
Published: 26.08.2005
Source: SECUNIA
SecurityVulns ID: 4415
Type: local
Level: 6/10

Affected: ORACLE : Solaris 8

Original document SECUNIA, [SA16521] Sun Solaris DHCP Client Arbitrary Code Execution Vulnerability (26.08.2005)

SECUNIA, [SA13992] Sun Solaris DHCP Administration Utilities Vulnerability (27.01.2005)

Discuss: Read or add your comments to this news (0 comments)

HP OpenView unfiltered shell characters
updated since 26.08.2005
Published: 28.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5148
Type: remote
Level: 6/10
Description: It's possible to execute code with request like http://[host]:3443/OvCgi/connectedNodes.ovpl?node=a| [your command] |

Affected: HP : OpenView Network Node Manager 6.41
HP : OpenView Network Node Manager 7.5

Original document HP, [security bulletin] SSRT051023 rev.0 - HP Openview Network Node Manager (OV NNM) Remote Unauthorized Access (28.08.2005)

Paul J Docherty, Portcullis Security Advisory 05-014 HP Openview Remote Command Execution Vulnerability (26.08.2005)

Discuss: Read or add your comments to this news (0 comments)

test server