| OSVDB ID | Disclosure Date | Title |
|---|
|
7435
Description:
TikiWiki contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate user-supplied input of description and comment fields for blogs and list pages. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity. No further details have been provided.
|
2003-03-31
|
TikiWiki Blogs/Lists Multiple Field XSS
|
|
3861
Description:
DCForum contains a flaw that allows a remote attacker to execute commands remotely. The issue is due to the dcboard.cgi file not properly sanitizing the "az=" hidden field. If an attacker changes this field to include an arbitrary file with perl commands, they will be executed by the vulnerable server during script processing.
|
2003-03-31
|
DCForum dcboard.cgi az Hidden Field Remote Execution
|
|
3862
Description:
DCForum contains a flaw that allows a remote attacker to upload arbitrary files to the server. The issue is due to improper sanity checking on the "az=" hidden field. By changing it to "az=upload_file", an attacker can specify arbitrary files to be uploaded.
|
2003-03-31
|
DCForum dcboard.cgi AZ Field Traversal Arbitrary File Upload
|
|
3867
Description:
DCForum contains a flaw that allows a remote attacker to execute commands remotely. The issue is due to the dcboard.cgi file not properly sanitizing the "az=" hidden field. By requesting a file using a standard traversal attack (../../) and %00 to truncate the URL, the attacker can view arbitrary files on the system.
|
2003-03-31
|
DCForum dcboard.cgi Arbitrary File Access
|
|
6666
Description:
(Description Provided by CVE) : hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop.
|
2003-03-31
|
HP Instant TopTools GoAhead WebServer hpnst.exe System DoS
|
|
8713
Description:
A local overflow exists in Solaris. The bsd_queue() function in lpq fails to valid user supplied input before copying it into a variable of fixed size, resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code with root privileges, resulting in a loss of integrity.
|
2003-03-31
|
Solaris lpq bsd_queue() Function Local Overflow
|
|
8714
Description:
(Description Provided by CVE) : Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.
|
2003-03-31
|
Solaris dtsession HOME Variable Local Overflow
|
|
10561
Description:
A local overflow exists in Quicktime Player for Windows. The program fails to validate long quicktime:// URLs resulting in a buffer overflow. With a specially crafted request, an attacker can cause the program to crash or execute arbitrary code resulting in a loss of integrity, and/or availability.
|
2003-03-31
|
Apple QuickTime Player for Windows URL Handling Overflow
|
|
11736
Description:
(Description Provided by CVE) : The RPM installation of SAP DB 7.x creates the (1) dbmsrv or (2) lserver programs with world-writable permissions, which allows local users to gain privileges by modifying those programs.
|
2003-03-31
|
SAP DB RPM Installation dbmsrv Weak Permission Privilege Escalation
|
|
11737
Description:
(Description Provided by CVE) : The RPM installation of SAP DB 7.x creates the (1) dbmsrv or (2) lserver programs with world-writable permissions, which allows local users to gain privileges by modifying those programs.
|
2003-03-31
|
SAP DB RPM Installation lserver Weak Permission Privilege Escalation
|
|
12324
Description:
(Description Provided by CVE) : Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long USER argument.
|
2003-03-31
|
Personal FTP Server Long USER Command Remote Overflow
|
|
42686
Description:
Splatt Forum Module for PHP-Nuke contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate 'subject' variables upon submission to the 'block-Forums.php' script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2003-03-31
|
Splatt Forum Module for PHP-Nuke block-Forums.php subject Parameter XSS
|
|
60470
Description:
Unknown / Incomplete
|
2003-03-31
|
Chindi Server Long Request Remote DoS
|
|
42314
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is reflected in an error message.
|
2003-03-30
|
Bajie Http Web Server Query String XSS
|
|
7332
Description:
IlohaMail contains a flaw related to the Spell Check Feature that may allow an attacker to gain privileges. No further details have been provided.
|
2003-03-29
|
IlohaMail Spell Check Feature Unspecified Issue
|
|
7333
Description:
IlohaMail contains a flaw related to the GPG feature that may allow an attacker to compromise security. No further details have been provided.
|
2003-03-29
|
IlohaMail GPG Feature Unspecified Issue
|
|
6480
Description:
(Description Provided by CVE) : The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data.
|
2003-03-29
|
Sendmail DNS Map Code Remote DoS
|
|
8294
Description:
A remote overflow exists in Sendmail. Due to a vulnerable char to int conversion it is possible to use the NOCHAR control value to bypass the length check done by the prescan function resulting in a buffer overflow. With a specially crafted request, an attacker can execute arbitrary code resulting in a loss of integrity.
|
2003-03-29
|
Sendmail NOCHAR Control Value prescan Remote Overflow
|
|
40589
Description:
(Description Provided by CVE) : Justice Guestbook 1.3 allows remote attackers to obtain the full installation path via a direct request to cfooter.php3, which leaks the path in an error message.
|
2003-03-29
|
Justice Guestbook cfooter.php3 Direct Request Error Message Remote Path Disclosure
|
|
40590
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice Guestbook 1.3 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) aim, (4) yim, (5) location, and (6) comment variables.
|
2003-03-29
|
Justice Guestbook jgb.php3 Multiple Parameter XSS
|
|
43916
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables.
|
2003-03-29
|
ScozBook scozbook/add.php Multiple Parameter XSS
|
|
43917
Description:
(Description Provided by CVE) : ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid PG parameter in view.php, which reveals the installation path in an error message.
|
2003-03-29
|
Scozbook view.php PG Variable Error Message Path Disclosure
|
|
44165
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI City CC GuestBook allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) homepage_title (webpage title) parameters.
|
2003-03-29
|
CC GuestBook cc_guestbook.pl Multiple Parameter XSS
|
|
15149
Description:
(Description Provided by CVE) : Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges.
|
2003-03-28
|
Solaris newtask Unspecified Local Privilege Escalation
|
|
19040
Description:
(Description Provided by CVE) : Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the Setup/Config functionality.
|
2003-03-28
|
phpGroupWare Setup/Config Unspecified Issue
|
|
53711
Description:
Unknown / Incomplete
|
2003-03-28
|
Beanwebbs Guestbook /guestbook/admin.php Unrestricted Admin Access
|
|
53710
Description:
Unknown / Incomplete
|
2003-03-28
|
Beanwebbs Guestbook add.php Multiple Parameter XSS
|
|
4563
Description:
Mod_survey contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the ENV variable upon submission. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2003-03-28
|
Mod_Survey ENV XSS
|
|
4568
Description:
Mod_survey contains a flaw that will allow an attacker to inject arbitrary SQL code. The problem is that the ENV variable is not verified properly and will allow an attacker to inject or manipulate SQL queries.
|
2003-03-28
|
mod_survey For Apache ENV Tags SQL Injection
|
|
49225
Description:
Unknown / Incomplete
|
2003-03-28
|
SourceForge (alexandria) docman/new.php Upload Spoofing Arbitrary File Access
|
|
49226
Description:
SourceForge (alexandria-dev) does not properly check if a supplied file was just uploaded in patch/index.php. This can be exploited to treat arbitrary files on the system as if they were just uploaded and thereby retrieve them.
|
2003-03-28
|
SourceForge (alexandria) patch/index.php Upload Spoofing Arbitrary File Access
|
|
49227
Description:
SourceForge (alexandria-dev) contains a flaw related to the message sending functionality as sendmessage.php improperly restricts "To" addresses to the domain of the current installation. The restrictions can be bypassed to send e-mails to arbitrary domains by supplying a RFC 2822 e-mail address that contains the current installation's domain followed by an arbitrary e-mail address encased by "<" and ">".
|
2003-03-28
|
SourceForge (alexandria) sendmessage.php Arbitrary Mail Relay
|
|
49228
Description:
SourceForge (alexandria-dev) does not sanitise CRLF character sequences in sendmessage.php. This allows adding new mail headers via CRLF injection to e.g. send HTML mails.
|
2003-03-28
|
SourceForge (alexandria) sendmessage.php CRLF Injection
|
|
49229
Description:
SourceForge (alexandria-dev) contains flaws that allow remote cross-site scripting (XSS) attacks. Th flaws exist because the application does not validate users' real names, users' resumes (under skills profile), short and long job descriptions, and short project descriptions. This may allow a user to create a specially crafted URL that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
|
2003-03-28
|
SourceForge (alexandria) Skills Profile Multiple Field XSS
|
|
6468
Description:
(Description Provided by CVE) : Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display.
|
2003-03-28
|
Eye Of Gnome (EOG) Format String Command Execution
|
|
11768
Description:
(Description Provided by CVE) : The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length.
|
2003-03-28
|
RealOne/RealPlayer PNG Deflate Algorithm Heap Corruption Arbitrary Code Execution
|
|
12261
Description:
(Description Provided by CVE) : Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.
|
2003-03-28
|
Mutt IMAP Capability Mail Folder Remote Overflow
|
|
58147
Description:
By default, DSL-500 uses with default SNMP community strings. The read only community string is 'public' and the read-write community string is 'private' which is publicly known and documented. This allows attackers to trivially access the program or system.
|
2003-03-27
|
D-Link DSL-500 Default SNMP Community Names
|
|
58148
Description:
DSL-500 contains a flaw that may lead to an unauthorized password exposure. It is possible to gain access to unencrypted ISP login name and password when queried via SNMP, which may lead to a loss of confidentiality.
|
2003-03-27
|
D-Link DSL-500 SNMP Cleartext ISP Credential Disclosure
|
|
2113
Description:
A remote overflow exists in PHP. The openlog() function fails to perform proper bounds checking resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.
|
2003-03-27
|
PHP openlog() Function Remote Overflow
|
