PHP classical bugs in phpBB allows remote code execution Published: 28.05.2002 Source: BUGTRAQ SecurityVulns ID: 1383 Type: remote Level: 5/10 Description: Uninitialized PHP variables and ability to modify SQL query allow to execute code on server. Crossite scripting. Invalid NULL-byte handling leads to DoS. Affected: PHPBB : phpBB 1.4 PHPBB : phpBB 2.0 Original document Martijn Boerwinkel , Cross Site Scripting Vulnerability in phpBB2's [IMG] tag and remote avatar (28.05.2002 ) Whitecell Security Systems , (WSS-Advisories-02003) PHPBB BBcode Process Vulnerability (04.04.2002 ) Florian Hobelsberger / BlueScreen , [Advisory] phpBB 1.4.4 still suffers from Cross Site Scripting Vulnerability (28.03.2002 ) nullbyte , phpBB2 remote execution command (20.03.2002 ) Konrad Rieck , phpBB 1.4.2, Remote user is able to modify SQL query. (09.10.2001 ) kill-9_(at)_modernhackers.com , phpBB 1.4.0 bug leads to easy admin privileges (12.08.2001 ) kill-9_(at)_modernhackers.com , Easily and Remotely Pipe a Covert Shell on phpBB version 1.4.0 and below (12.08.2001 )
Code execution via Microsoft Office XP Published: 28.05.2002 Source: BUGTRAQ SecurityVulns ID: 1901 Type: local Level: 5/10 Description: It's possible to include scripting object which fill be activated in case user reply or forward e-mail message.
Host method of spreadsheet object allows creation and execution of arbitrary files. Affected: MICROSOFT : Office 2000 MICROSOFT : Outlook 2000 MICROSOFT : Outlook 2002 MICROSOFT : Office XP Original document Georgi Guninski , Excel XP xml stylesheet problems (28.05.2002 ) SECURITEAM , [NT] Excel XP XML Stylesheet Security Problem (27.05.2002 ) Georgi Guninski , More Office XP problems (version 3.0) (29.04.2002 ) MICROSOFT , Security Bulletin MS02-021: E-mail Editor Flaw Could Lead to Script Execution on Reply or Forward (Q321804) (26.04.2002 ) Georgi Guninski , More Office XP problems (Version 2.0) (04.04.2002 ) Georgi Guninski , More Office XP problems (01.04.2002 )
Multiple buffer overflows in amanda Published: 28.05.2002 Source: BUGTRAQ SecurityVulns ID: 2046 Type: remote Level: 6/10 Description: Local andremote buffer overflows. Affected: AMANDA : amanda 2.3 Original document zillion , AMANDA security issues (28.05.2002 )
Netscreen DoS Published: 28.05.2002 Source: BUGTRAQ SecurityVulns ID: 2048 Type: remote Level: 5/10 Description: Oversized username causes device to reboot. Affected: NETSCREEN : ScreenOS 3.0 Original document quentyn_(at)_fotango.com , Netscreen 25 unauthorised reboot issue (28.05.2002 )
Multiple bugs in Windows FTP servers Published: 28.05.2002 Source: BUGTRAQ SecurityVulns ID: 2049 Type: remote Level: 6/10 Description: Buffer overflows, directory traversal. Affected: TEXAS : WFTPd 3.00 TRANSSOFT : Broker FTP 5.0 FTPXQ : FtpXQ METEORSOFT : Meteor FTP 1.2 Original document SnakeByte / Eric Sesterhenn , Problems with various windows FTP servers (28.05.2002 )
CGI bugs Published: 04.06.2002 Source: BUGTRAQ SecurityVulns ID: 2045 Type: remote Level: 5/10 Affected: VPASP : VP-ASP CGI : MyPhpChat 1 LKCC : Achims Guestbook 2.51 BRENTC : InertiaNews 0.02 CGI : Pollen 1.4 CGI : mcPass 1 WBB : wbbboard 1.1 CGI : csPassword.cgi GAFWARE : CFXImage 1.6 TEEKAI : Tracking Online 1.0 TEEKAI : Teekai's forum full 1.2 Original document Akatosh , sql injection in Logisense software (04.06.2002 ) frog frog , Security holes in two Teekai's products + security hole in ncmail.netscape.com (04.06.2002 ) webmaster_(at)_procheckup.com , Gafware's CFXImage vulnerability (31.05.2002 ) Steve Gustin , CGIscript.net - csPassword.cgi - Multiple Vulnerabilities (31.05.2002 ) SeazoN , wbbboard 1.1.1 registration _new_users_vulnerability_ (28.05.2002 ) frog frog , Achims Guestbook, InertiaNews, Pollen, MyPhpChat, mcPass (28.05.2002 ) Noam Rathaus , Re: VP-ASP shopping cart software. (28.05.2002 ) hkvrg thdftghr , VP-ASP shopping cart software. (28.05.2002 )
Port translation bypass in 3Com OfficeConnect Remote 812 ADSL Published: 13.06.2002 Source: BUGTRAQ SecurityVulns ID: 2047 Type: remote Level: 5/10
