Search:Vulnerability:29.08.2005 - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

ntpd incalid gid usage
Published: 29.08.2005
Source: BUGTRAQ
SecurityVulns ID: 5159
Type: local
Level: 4/10
Description: Invalid processing of -u parameter causes ntpd to start with invalid gid.

Affected: NTPD : ntpd 4.2

Original document SECUNIA, [SA16602] NTP Incorrect Group Permissions Security Issue (29.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Multiple BFCommand & Control Server Manager game servers management utility vulnerabilities
Published: 29.08.2005
Source: FULL-DISCLOSURE
SecurityVulns ID: 5158
Type: remote
Level: 5/10
Description: Authentication bypass, privilege escalation, DoS.

Affected: BFCOMMANDCONTROL : BFCommand & Control Server Manager 1.22
BFCOMMANDCONTROL : BFCommand & Control Server Manager 2.14

Original document Luigi Auriemma, [Full-disclosure] Multiple vulnerabilities in BFCommand & Control for Battlefield 1942 and Vietnam (29.08.2005)

Discuss: Read or add your comments to this news (0 comments)

Web applications security vulnerabilities (PHP, ASP, CGI, Perl, etc)
updated since 29.08.2005
Published: 03.09.2005
Source:
SecurityVulns ID: 5157
Type: remote
Level: 5/10
Description: PHP inclusions, SQL injections, directory traversals, crossite scripting, information leaks, etc.

Affected: PHPMYADMIN : phpMyAdmin 2.6
FLATNUKE : Flatnuke 2.5
PUNBB : PunBB 1.2
DAMEWARE : Mini Remote Control 4.8
FREESTYLEWIKI : FreeStyle Wiki 3.5
PHPFUSION : PHP-Fusion 6.0
SIMPLEPHPBLOG : SimplePHPBlog 0.4
NEOCROME : Land Down Under 801
FUDFORUM : Fud Forum 2.7
COSMOSHOP : cosmoshop 8.10
HELPDESK : Hesk 0.92
PUNBB : PunBB `.1
SCRIPTCENTER : AutoLinks Pro 2.1
PHPLDAPADMIN : phpLDAPadmin 0.9
E107 : e107 0.6
E107 : e107 0.7
SIMPLEMACHINE : Simple Machine Forum 1.0
WEBGUI : WebGUI 6.7

Original document SECUNIA, WebGUI Perl Code Execution Vulnerabilities (03.09.2005)

Mariano Nuсez Di Croce, CYBSEC - Multiple Vendor Web Vulnerability Scanner Arbitrary Script Injection Vulnerability (03.09.2005)

ad_(at)_class101.org, [Full-disclosure] Dameware critical hole (03.09.2005)

document Filip Groszynski, CMS Made Simple <= 0.10 - PHP injection (02.09.2005)

retrogod_(at)_aliceposta.it, Simple Machine Forum 1-0-5 (possibly prior versions) user IP address / information disclosure (02.09.2005)

poizon_(at)_securityinfo.ru, XSS in GreyMatter blog (02.09.2005)

document retrogod_(at)_aliceposta.it, Flatnuke 2.5.6 (possibly prior versions) Underlying system information disclosure / Administrative & users credentials disclosure (02.09.2005)

SECUNIA, FreeStyle Wiki Arbitrary Command Injection Vulnerability (31.08.2005)

Marc Ruef, e107 0.6 forum_post.php create new topics in non-existing forums (31.08.2005)

document retrogod_(at)_aliceposta.it, phpLDAPadmin 0.9.6 - 0.9.7/alpha5 (possibly prior versions) system disclosure, (31.08.2005)

laurent gaffié, AutoLinks Pro 2.1 (31.08.2005)

s2b_(at)_hotmail.com, PunBB BBCode IMG Tag Script Injection Vulnerability (31.08.2005)

s2b_(at)_hotmail.com, Vulnerability in Helpdesk software Hesk 0.92 (31.08.2005)

document 'ken'@FTU , SimplePHPBlog Arbitrary File Deletion and Sample Exploit (30.08.2005)

l0om, [cosmoshop <= 8.10.78] be the shopadmin in one step (30.08.2005)

riklaunim_(at)_gmail.com, FUD Forum < 2.7.1 PHP code injection vurnelability (30.08.2005)

h4cky0u, [Full-disclosure] Land Down Under 801 And Prior Multiple SQL Injection Vulnerabilities (29.08.2005)

document bendeniz_avci_(at)_hotmail.com, Land Down Under (29.08.2005)

slacker4ever_1_(at)_juno.com, PHP-Fusion <= v6.00.107 XSS exploit (29.08.2005)

pacifico", 0] //--></script>a, Multiple CMS/Forum Vulnablilties (29.08.2005)

SECUNIA, [SA16605] phpMyAdmin Two Cross-Site Scripting Vulnerabilities (29.08.2005)

Discuss: Read or add your comments to this news (0 comments)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

test server