 |
|
|
|
| Symantec Enterprise Firewall/Symantec Gateway Security multiple bugs | | Published: |  | 27.09.2004 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 4024 | | Type: |  | remote | | Level: |  | 6/10 | | Description: |  | DoS, UDP filtering bypass, SNMP information leakage. |
| ON Command CCM default pasword | | Published: | | 27.09.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4026 | | Type: | | local | | Level: | | 5/10 | | Description: | | Few accounts with default passwords for Sybase database. |
| Multiple getmail bugs | | Published: | | 27.09.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4027 | | Type: | | local | | Level: | | 5/10 | | Description: | | Problems with file handling if application is executed with superuser privileges. |
| jabberd DoS | | Published: | | 27.09.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4028 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Server crashes on UTF8 data. |
| PopMessenger DoS | | Published: | | 27.09.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4029 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Program crashes on large number of characters outside base64 allowed range. |
| Pinnacle ShowCenter DoS | | Published: | | 27.09.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4030 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Web interface DoS with non-existant skin. |
| Sophos Small Business Suite special DOS devices access | | Published: | | 27.09.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4031 | | Type: | | remote | | Level: | | 5/10 | | Description: | | By using special device name as a filename it's possible to access DOS device and bypass protection. |
| FreeRADIUS DoS | | Published: | | 27.09.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4032 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Multiple bugs on malcrafted packet handling. |
| MDaemon buffer overflows | | Published: | | 27.09.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4033 | | Type: | | remote | | Level: | | 7/10 | | Description: | | Buffer overflows in multiple SMTP and IMAP commands. |
| Multiple ActivePost bugs | | Published: | | 27.09.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4034 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Buffer overflows, directory traversal, weak password encryption. |
| Canon imageRunner unauthorized access | | Published: | | 27.09.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4035 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Printer accepts and prints SMTP messages. |
| Zinf buffer overflow | | Published: | | 27.09.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4036 | | Type: | | client | | Level: | | 5/10 | | Description: | | Buffer overflow on parsing .jpg files. |
| Motorola Wireless Router WR850G unauthorized access | | Published: | | 27.09.2004 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 4037 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Authentication bypass through web interface. |
| OpenBSD wuth RADIUS authorization module unauthorized access | | Published: | | 27.09.2004 | | Source: | | VULNWATCH | | SecurityVulns ID: | | 4038 | | Type: | | remote | | Level: | | 5/10 | | Description: | | Response authenticator is not checked, it allows to spoof response from RADIUS server. |
CGI bugs
updated since 27.09.2004 | | Published: | | 02.10.2004 | | Source: | | | | SecurityVulns ID: | | 4025 | | Type: | | remote | | Level: | | 5/10 |
| Original document |  | SECUNIA, [SA12704] Silent Storm Portal Cross-Site Scripting and Security Bypass Vulnerabilities (02.10.2004) |
| | | SECUNIA, [SA12692] MediaWiki "raw" Page Output Mode Cross-Site Scripting Vulnerability (02.10.2004) |
| | | ahmad muammar, Multiple Vulnerabilities in AJ-Fork (02.10.2004) |
| | | tjomka1_(at)_navigator.lv, 1. Exploit for Cutenews 1.3 1.3.1 1.3.2, AND Bug in Cutenews v1.3.6 (01.10.2004) |
| | | James McGlinn, [Full-Disclosure] SQL Injection vulnerability in bBlog 0.7.3 (01.10.2004) |
| | | R00tCr4ck, Multiple Vulnerabilities in Silent Storm Portal (30.09.2004) |
| | | tjomka1_(at)_navigator.lv, PBLang v4.60 bug (30.09.2004) |
| | | Alexander Antipov, [Full-Disclosure] Multiple vulnerabilities in w-agora forum (30.09.2004) |
| | | Stuart Moore, Yahoo! Store Security Advisory (30.09.2004) |
| | | Thomas Waldegger, Multiple XSS Vulnerabilities in Wordpress 1.2 (30.09.2004) |
| | | L0PHT, [VulnWatch] Vignette Application Portal Unauthenticate Diagnostics (30.09.2004) |
| | | SECUNIA, [SA12662] PHP-Fusion "homepage address" Script Insertion Vulnerability (28.09.2004) |
| | | SECUNIA, [SA12654] PHP-Fusion Cross-Site Scripting and Identify Spoof Vulnerabilities (28.09.2004) |
| | | SECUNIA, [SA12609] YaBB Input Validation Vulnerabilities (28.09.2004) |
| | | SECUNIA, [SA12649] Baal Smart Forms "Admin Change Password" Security Bypass (28.09.2004) |
| | | Himeur Nourredine, @lex Guestbook (PHP) Include file (28.09.2004) |
| | | aCiDBiTS, [Full-Disclosure] Serendipity 0.7-beta1 SQL Injection PoC (28.09.2004) |
| | | pigrelax, [Full-Disclosure] SQL injection in BroadBoard Instant ASP Message Board (27.09.2004) |
| | | pigrelax, [Full-Disclosure] HTTP Response Splitting and SQL injection in megabbs forum (27.09.2004) |
| | | alireza hassani, New XSS vulnerabilities in paFileDB 3.1 final (27.09.2004) |
| | | Pedro Sanches, aspWebCalendar /aspWebAlbum: SQL injection (27.09.2004) |
| | | thomas adams, CA UniCenter Management Portal Username Enumeration Vulnerability (27.09.2004) |
| | | FAiN182, Multiple Full Disclosure Path in postnuke 0.750 phoenix (27.09.2004) |
| | | Jose Antonio, Vulnerabilities in Mambo (27.09.2004) |
| | | Jose Antonio, Vulnerabilities in TUTOS (27.09.2004) |
|
|
|
|
|
|
|
|
