 |
|
|
|
| Unuathorized Webes file access | | Published: |  | 28.09.2002 | | Source: |  | BUGTRAQ | | SecurityVulns ID: |  | 2296 | | Type: |  | remote | | Level: |  | 6/10 |
| Original document |  | COMPAQ, [security bulletin] SSRT2362 WEBES Service Tools (HP Tru64 UNIX, HP OpenVMS, Windows) Potential File Access Vulnerability (28.09.2002) |
| | | COMPAQ, [security bulletin] SSRT2362 WEBES Service Tools (HP Tru64 UNIX, HP OpenVMS, Windows) Potential File Access Vulnerability (28.09.2002) |
| Apache stderr DoS | | Published: | | 28.09.2002 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2297 | | Type: | | local | | Level: | | 5/10 | | Description: |  | Large CGI application stderr output causes Apache to hang. |
| Affected: |  | APACHE : Apache 2.0 |
| Original document | | shaddup_(at)_hush.com, Apache 2.0.(39|40) DOS (PHP!) (28.09.2002) |
| Unauthorized HP Procurve reboot | | Published: | | 28.09.2002 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2298 | | Type: | | remote | | Level: | | 5/10 | | Description: | | It's possible to reboot device via http://<IP ADDRESS>/sw2/cgi/device_reset? URL without authorization. |
| Affected: | | HP : Procurve 4000M |
| Original document | | Brook Powers , HP Procurve 4000M Stacked Switch HTTP Reset Vulnerability (28.09.2002) |
| Unauthorizaed Apache Tomcat JSP source code disclosure | | Published: | | 28.09.2002 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2299 | | Type: | | remote | | Level: | | 5/10 | | Description: | | org.apache.catalina.servlets.DefaultServ
let allows to access any JSP code. |
| Affected: | | APACHE : Tomcat 4.0 | | | | APACHE : Tomcat 4.1 |
| Original document | | Rossen Raykov , JSP source code exposure in Tomcat 4.x (28.09.2002) |
| Information leakage in Shana | | Published: | | 28.09.2002 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2300 | | Type: | | local | | Level: | | 5/10 | | Description: | | Document may contain sensitive rendom data from memory. |
| Affected: | | SHANA : Informed 3.05 |
| Original document | | sullo, Shana Informed 3.05 information disclosure (28.09.2002) |
| Buffer overflow in Null HTTPd | | Published: | | 28.09.2002 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2294 | | Type: | | remote | | Level: | | 6/10 | | Description: | | Heap overflow because of signed/yubsugbed cibversion. |
| Affected: | | NULLHTTPD : NULLhttpd 0.5 |
| Original document | | Bert Vanmanshoven , remote exploitable heap overflow in Null HTTPd 0.5.0 (28.09.2002) |
CGI bugs
updated since 28.09.2002 | | Published: | | 04.10.2002 | | Source: | | BUGTRAQ | | SecurityVulns ID: | | 2295 | | Type: | | remote | | Level: | | 5/10 |
| Affected: | | POSTNUKE : PostNuke 0.64 | | | | PHPMYNEWSLETTER : phpMyNewsletter 0.6 | | | | POSTNUKE : PostNuke 0.7 | | | | PACIFIC : Carello 1.3 | | | | PHPWEBSITE : phpWebSite 0.8 | | | | JAWMAIL : jawmail 1.0 | | | | XOOPS : Xoops RC3.0 | | | | PHPNUKE : PHP-Nuke 6.0 | | | | CGI : Invision Board | | | | NPDS : NPDS 4.8 | | | | DACODE : daCode 1.2 | | | | DRUPAL : Drupal 4.0 | | | | NULLOGIC : Null Webmail 0.6 | | | | MYNEWSGROUPS : MyNewsGroups :) 0.4 | | | | MYSIMPLENEWS : MySimpleNews 1.0 | | | | TIGHTPRICES : TightAuction 3.0 | | | | LEVILLAGE : PY-Membres 3.1 | | | | UPBPB : upb PB 1.0 | | | | MIDICART : MidiCart 1.0 | | | | PPHLOGGER : Pphlogger 2.0 | | | | PPHLOGGER : Pphlogger 2.2 | | | | PHPLINKAT : phpLinkat 0.1 |
| Original document | | Sp.IC, phpLinkat XSS Security Bug (04.10.2002) |
| | | frog frog, phpMyNewsletter (04.10.2002) |
| | | Pistone, The Books Module for the PostNuke CMS XSS Vulnerability (04.10.2002) |
| | | frog frog, Multiple Web Security Holes (03.10.2002) |
| | | Matt Moore, wp-02-0012: Carello 1.3 Remote File Execution (Updated 1/10/2002) (03.10.2002) |
| | | frog frog, MySimpleNews (PHP) (03.10.2002) |
| | | Sp.IC, phpWebSite XSS Vulnerability (03.10.2002) |
| | | Ulf Harnhammar, MyNewsGroups :) XSS patch (01.10.2002) |
| | | Pedro Inacio, PHP-Nuke x.x AND PostNuke SQL Injection (30.09.2002) |
| | | Pedro Inacio, PHP-Nuke x.x SQL Injection (30.09.2002) |
| | | DownBload, IIL Advisory: Format String bug in Null Webmail (0.6.3) (28.09.2002) |
| | | das_(at)_hush.com, ECHU Alert #2: IMG Attack in the news : 6 CMS vulnerables (28.09.2002) |
| | | Gossi The Dog , Information Disclosure with Invision Board installation (fwd) (28.09.2002) |
| | | Mark Grimes , PHPNUKE 6 XSS Vulnerabilities (28.09.2002) |
| | | das_(at)_hush.com, Xoops RC3 script injection vulnerability (28.09.2002) |
| | | Ulf Harnhammar, JAWmail XSS (28.09.2002) |
| | | tim vandermeersch, PHP source injection in phpWebSite (28.09.2002) |
|
|
|
|
|
| |
|
| |
