| OSVDB ID | Disclosure Date | Title |
|---|
|
45284
Description:
(Description Provided by CVE) : ParaChat Server 4.0 does not log users off if the browser's back button is used, which allows remote attackers to cause a denial of service by repeatedly logging into a chat room, hitting the back button, then logging into the same chat room as a different user, which fills the chat room with invalid users.
|
2002-07-31
|
ParaChat Server Session Persistence DoS
|
|
44047
Description:
Unknown / Incomplete
|
2002-07-31
|
Sympa src/tools.pl Unspecified Virus Scanning Bypass
|
|
10359
Description:
(Description Provided by CVE) : Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script.
|
2002-07-31
|
Gallery captionator.php GALLERY_BASEDIR Parameter Remote File Inclusion
|
|
16033
Description:
FreeBSD contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is triggered when the FreeBSD kernel allows a malicious user to direcly supply input to file descriptors during the execution of a setuid or setgid program. This flaw may lead to a loss of integrity.
|
2002-07-31
|
FreeBSD Kernel /dev/null File Descriptor Handling Local Privilege Escalation
|
|
16019
Description:
Unknown / Incomplete
|
2002-07-31
|
Mailreader Cookie-based Session Identification Issue
|
|
9682
Description:
(Description Provided by CVE) : IBM UniVerse with UV/ODBC allows attackers to cause a denial of service (client crash or server CPU consumption) via a query with an invalid link between tables, possibly via a buffer overflow.
|
2002-07-31
|
IBM UniVerse with UV/ODBC Invalid Link Query DoS
|
|
60224
Description:
(Description Provided by CVE) : Unspecified vulnerability in pprosetup in Sun PatchPro 2.0 has unknown impact and attack vectors related to "unsafe use of temporary files."
|
2002-07-31
|
Sun PatchPro pprosetup Temporary File Handling Unspecified Issue
|
|
45280
Description:
(Description Provided by CVE) : Buffer overflow in mplay32.exe of Microsoft Windows Media Player (WMP) 6.3 through 7.1 allows remote attackers to execute arbitrary commands via a long mp3 filename command line argument. NOTE: since the only known attack vector requires command line access, this may not be a vulnerability.
|
2002-07-30
|
Microsoft Windows Media Player (WMP) mplay32.exe MP3 Filename Handling Local Overflow
|
|
857
Description:
A remote overflow exists in OpenSSL. OpenSSL fails to correctly check the length of a client master key in SSLv2 negotiation, resulting in a buffer overflow. With a specially crafted request, an attacker can cause execution of arbitrary code, resulting in a loss of confidentiality, integrity, and/or availability.
|
2002-07-30
|
OpenSSL SSLv2 Negotiation Client Master Key Handling Remote Overflow
|
|
3940
Description:
A remote overflow exists in OpenSSL. OpenSSL fails to parse ASCII integers correctly on 64-bit platforms, resulting in an integer overflow. With a specially crafted request, an attacker can cause denial of service conditions, and possible code execution, resulting in a loss of availability and potentially also a loss of confidentiality and integrity.
|
2002-07-30
|
OpenSSL ASCII Integer Parsing Remote Integer Overflow
|
|
3943
Description:
OpenSSL's ASN.1 parser contains a flaw that may allow a malicious user to cause Denial of Service conditions. The issue is triggered when invalid ASN.1 encodings are supplied to the parser. It is possible that the flaw may allow crashing of OpenSSL, resulting in a loss of availability.
|
2002-07-30
|
OpenSSL ASN.1 Parser Invalid Encoding Handling Remote DoS
|
|
3941
Description:
A remote overflow exists in OpenSSL. OpenSSL fails to correctly check the length of a session ID in SSLv3 negotiation, resulting in a buffer overflow. With a specially crafted request, an attacker can cause execution of arbitrary code, resulting in a loss of confidentiality, integrity, and/or availability.
|
2002-07-30
|
OpenSSL SSLv3 Session ID Handling Remote Buffer Overflow
|
|
3942
Description:
A remote overflow exists in OpenSSL. OpenSSL fails to properly check the length of a master key in SSLv3 negotiation with Kerberos enabled, resulting in a stack-based buffer overflow. With a specially crafted request, an attacker can cause execution of arbitrary code, resulting in a loss of confidentiality, integrity, and/or availability.
|
2002-07-30
|
OpenSSL SSLv3 with Kerberos Master Key Handling Remote Overflow
|
|
9101
Description:
(Description Provided by CVE) : IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field.
|
2002-07-30
|
Ipswitch IMail Web Calendaring Content-Length DoS
|
|
9297
Description:
eBook Reader contains a flaw that may allow a malicious user to bypass Digital Rights Management (DRM). The issue is triggered a user restores a backup from one computer on to another computer, which is supposed to be restricted. eBook Reader implements this restriction using a weak encryption algorithm, which could be exploited resulting in a loss of integrity.
|
2002-07-30
|
Adobe eBook Reader Encryption Challenge Activation Bypass
|
|
59656
Description:
(Description Provided by CVE) : Dispair 0.1 and 0.2 allows remote attackers to execute arbitrary shell commands via certain form fields.
|
2002-07-30
|
Dispair open() Function Arbitrary Remote Command Execution
|
|
2070
Description:
The Compaq Insight Management Agents use a vulnerable version of OpenSSL, which contains many remotely-exploitable buffer overflows. The vendor lists the affected products and versions as "Insight Management Agents for Windows version 5.3 - 5.5, Insight Manager 7, Version Control Agents, Version Control Repository Manager, Array Configuration Utility, HP Survey Utility for Windows, and Intelligent Cluster Administrator." Insight Management Agents for non-Windows platforms are listed as non-vulnerable.
|
2002-07-30
|
Compaq Insight Agent SSL overflow
|
|
14492
Description:
(Description Provided by CVE) : eUpload 1.0 stores the password.txt password file in plaintext under the web document root, which allows remote attackers to overwrite arbitrary files by reading password.txt.
|
2002-07-30
|
eUpload Cleartext Password Disclosure
|
|
14537
Description:
(Description Provided by CVE) : Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters.
|
2002-07-30
|
Sympoll Unspecified PHP Variable Manipulation Arbitrary File Access
|
|
5002
Description:
HylaFAX faxgetty contains a flaw that may allow a remote denial of service. The issue is triggered when format string occurs via the TSI data element, which may allow for an attacker to casue the service to stop responding and or execute arbitrary code on the targeted host.
|
2002-07-29
|
HylaFAX faxgetty TSI Format String DoS
|
|
37815
Description:
(Description Provided by CVE) : Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers execute arbitrary code as root via a long request that is that is split into multiple packets.
|
2002-07-29
|
Fake Identd Fragmented Packet Request Remote Overflow
|
|
5164
Description:
The util-linux utilities contain a flaw that may allow a malicious user to gain elevated priviliges. The race condition can be triggered if the attacker is able to successfully execute a complex attack-sequence using /usr/bin/chfn or usr/bin/chsh. The attack requires that the system administrator interacts with the system. He specifically needs to remove /etc/ptmp before the attacker can complete the attack. The flaw, if executed successfully, will allow the attacker to create new entries in /etc/passwd.
|
2002-07-29
|
util-linux setpwnam.c Open File Descriptor Race
|
|
8034
Description:
Endity.com Shoutbox contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'site' variables upon submission. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2002-07-29
|
ShoutBOX board.php $site Variable XSS
|
|
20753
Description:
Multiple BSD OSs contain a flaw that may allow a malicious local user to manipulate arbitrary files on the system. The issue is due to pppd changing the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device, resulting in a loss of integrity.
|
2002-07-29
|
Multiple BSD pppd Race Condition Arbitrary File Permission Modification
|
|
14201
Description:
(Description Provided by CVE) : The Javascript "Same Origin Policy" (SOP), as implemented in (1) Netscape, (2) Mozilla, and (3) Internet Explorer, allows a remote web server to access HTTP and SOAP/XML content from restricted sites by mapping the malicious server's parent DNS domain name to the restricted site, loading a page from the restricted site into one frame, and passing the information to the attacker-controlled frame, which is allowed because the document.domain of the two frames matches on the parent domain.
|
2002-07-29
|
Multiple Browser Javascript "Same Origin Policy" Firewall Bypass
|
|
20142
Description:
Unknown / Incomplete
|
2002-07-29
|
lmtp2nntp lib_cfg Function Unspecified Issue
|
|
3591
Description:
dotProject contains a flaw that allows a remote user to obtain administrative priveleges remotely. The issue is due to index.php accepting a "user_cookie" variable which it trusts to authenticate the user. By changing this value to "1", the program will log you in as the administrator.
|
2002-07-28
|
dotProject User Cookie Authentication Bypass
|
|
60093
Description:
(Description Provided by CVE) : Integrity Protection Driver (IPD) 1.2 and earlier blocks access to \Device\PhysicalMemory by its name, which could allow local privileged processes to overwrite kernel memory by accessing the device through a symlink.
|
2002-07-28
|
Integrity Protection Driver (IPD) Symlink Physical Memory Access Restriction Bypass
|
|
11951
Description:
Unknown / Incomplete
|
2002-07-27
|
Microsoft IE/Outlook XML File Attachment Arbitrary Script Execution
|
|
32978
Description:
Unknown / Incomplete
|
2002-07-27
|
Apache Java Mail Enterprise Server (JAMES) POP3Server Log File Plaintext Password Disclosure
|
|
10862
Description:
(Description Provided by CVE) : HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow.
|
2002-07-27
|
HP ProCurve 4000M Switch SNMP Write Request Overflow
|
|
14531
Description:
(Description Provided by CVE) : Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.
|
2002-07-27
|
Easy Guestbook admin.cgi Unauthenticated Arbitrary Entry Deletion
|
|
14536
Description:
(Description Provided by CVE) : The print_html_to_file function in edit.cgi for Easy Homepage Creator 1.0 does not check user credentials, which allows remote attackers to modify home pages of other users.
|
2002-07-27
|
Easy Homepage Creator edit.cgi Arbitrary User Page Manipulation
|
|
2079
Description:
A problem with older (e.g. J3263A, J2591A, 300.0 X) JetDirect printers could make it possible for a remote user to gain administrative access to the printer which could allow a remote user to access and change configuration of the printer.
|
2002-07-27
|
HP JetDirect Device SNMP Request Cleartext Admin Credential Disclosure
|
|
9404
Description:
(Description Provided by CVE) : The web server for D-Link DP-300 print server allows remote attackers to cause a denial of service (hang) via a large HTTP POST request.
|
2002-07-27
|
D-Link DP-300 Web Server POST Request DoS
|
|
14483
Description:
(Description Provided by CVE) : Buffer overflow in administrative web server for Brother NC-3100h printer allows remote attackers to cause a denial of service via a long password.
|
2002-07-27
|
Brother NC-3100h Printer Admin Web Server Password Overflow
|
|
14486
Description:
(Description Provided by CVE) : Administrative web interface for IC9 Pocket Print Server Firmware 7.1.30 and 7.1.36f allows remote attackers to cause a denial of service (reboot and reset) via a long password, possibly due to a buffer overflow.
|
2002-07-27
|
IC9 Pocket Print Server Admin Web Server Long Password DoS
|
|
14532
Description:
(Description Provided by CVE) : Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.
|
2002-07-27
|
Easy Guestbook config.cgi Unauthenticated Configuration Change
|
|
59548
Description:
(Description Provided by CVE) : Rlaj whois CGI script (whois.cgi) 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain name field.
|
2002-07-27
|
Rlaj whois.cgi Domain Name Field Shell Metacharacter Arbitrary Remote Command Execution
|
|
16396
Description:
Unknown / Incomplete
|
2002-07-26
|
Mozilla wyciwyg:// URL Bar Spoofing
|
