(Description Provided by CVE) : The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as database usernames and passwords via a direct HTTP GET request.
BSDIi is prone to an overflow condition. The /usr/contrib/mh/bin/inc binary fails to properly sanitize user-supplied input resulting in a buffer overflow. With a specially crafted request, a local attacker can potentially execute arbitrary code with increased privileges.
Linux Kernel contains a flaw that is triggered when ptrace is used to track a child process, which will result in the program not properly checking permissions of the user. This may allow a remote attacker to bypass restrictions and gain access to potentially sensitive information stored within executable files.
(Description Provided by CVE) : Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service by flooding a target host with TCP connection attempts and completing the TCP/IP handshake without maintaining the connection state on the attacker host, aka the "NAPTHA" class of vulnerabilities. NOTE: this candidate may change significantly as the security community discusses the technical nature of NAPTHA and learns more about the affected applications. This candidate is at a higher level of abstraction than is typical for CVE.
(Description Provided by CVE) : Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input.
fshd contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when an attacker creates a symbolic link to a file owned by the user running fshd. Standard unix commands can be used to exploit this issue. This flaw may lead to a loss of Confidentiality, Integrity and/or Availability.
SonicWALL SOHO2 Firewall contains a flaw that may allow a remote denial of service. The issue is triggered when a remote attacker provides an overly long username to the web server, and will result in loss of availability for the firewall.
Sun JDK (Java Development Kit) and JRE (Java Runtime Environment) contains a flaw that may allow a malicious user to acces restricted resources. The issue is triggered when an untrusted java class loads other disallowed java classes, which will escape the Java sandbox and conduct unauthorized activities, resulting in a loss of confidentiality and integrity.
(Description Provided by CVE) : document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program.
Cisco CBOS contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a malicous GET request occurs, and will result in loss of availability for the router.
(Description Provided by CVE) : Trend Micro InterScan VirusWall creates an "Intscan" share to the "InterScan" directory with permissions that grant Full Control permissions to the Everyone group, which allows attackers to gain privileges by modifying the VirusWall programs.
(Description Provided by CVE) : in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash.
(Description Provided by CVE) : Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.
(Description Provided by CVE) : BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.
(Description Provided by CVE) : Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack.
(Description Provided by CVE) : Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer.
BSD contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the rcvtty component fails to properly drop SGID privileges before executing arbitrary commands contained within incoming messages. A malicious user can prepare a shell script containing the commands, which will execute with the privileges of the tty group. This flaw may lead to a loss of integrity.
(Description Provided by CVE) : Twig webmail system does not properly set the "vhosts" variable if it is not configured on the site, which allows remote attackers to insert arbitrary PHP (PHP3) code by specifying an alternate vhosts as an argument to the index.php3 program.
(Description Provided by CVE) : The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method.
Phorum contains a flaw that allows a remote attacker to traverse and access files outside of the web path. The issue is due to the support/common.php not properly sanitizing user input, specifically directory traversal style attacks (../../) supplied via the 'ForumLang' variable.
(Description Provided by CVE) : Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others.
(Description Provided by CVE) : Balabit syslog-ng allows remote attackers to cause a denial of service (application crash) via a malformed log message that does not have a closing > in the priority specifier.
(Description Provided by CVE) : Buffer overflows in Microsoft Windows Media Player 7 and earlier allow remote attackers to execute arbitrary commands via (1) a long version tag in an .ASX file, or (2) a long banner tag, a variant of the ".ASX Buffer Overrun" vulnerability as discussed in MS:MS00-090.
Phorum contains a flaw that is triggered when certain input passed via the 'f' parameter is not properly sanitized before being used in the list.php script. This may allow a remote attacker to gain access to arbitrary files.
(Description Provided by CVE) : Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow remote attackers to gain privileges via a skin that contains a malicious script, aka the ".WMS Script Execution" vulnerability.
(Description Provided by CVE) : Buffer overflow in Microsoft Windows Media Player allows remote attackers to execute arbitrary commands via a malformed Active Stream Redirector (.ASX) file, aka the ".ASX Buffer Overrun" vulnerability.
(Description Provided by CVE) : Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sniff network traffic and obtain this sensitive information.
(Description Provided by CVE) : Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO
warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright
holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.