| OSVDB ID | Disclosure Date | Title |
|---|
|
4561
Description:
(Description Provided by CVE) : Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the decode_uuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing attachments with filenames.
|
2004-03-25
|
Emil Email Overflow
|
|
4562
Description:
A remote overflow exists in Emil. Emil fails to construct error messages properly resulting in a string overflow. With a specially crafted request, an attacker can cause Emil to print error messages resulting in a loss of confidentiality and integrity.
|
2004-03-25
|
Emil Error String Overflow
|
|
4556
Description:
(Description Provided by CVE) : Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.
|
2004-03-25
|
CDE dtlogin XDMCP Parsing
|
|
4581
Description:
oftpd contains a flaw that may allow a remote denial of service. The issue is triggered when the server receives a port command with a number that is higher than 255, and will result in loss of availability for the service.
|
2004-03-25
|
oftpd PORT Command Remote DoS
|
|
4549
Description:
Trend Micro InterScan VirusWall contains a flaw that allows a remote attacker to view files outside of the web path. The issue is due to the Java Telewindow feature not properly sanitizing user input, specifically traversal style attacks (../../) supplied via URI data.
|
2004-03-25
|
Trend Micro InterScan VirusWall Traversal Arbitrary File Access
|
|
10627
Description:
(Description Provided by CVE) : Etherlords I 1.07 and earlier and Etherlords II 1.03 and earlier allows remote attackers to cause a denial of service (crash) by sending a packet that specifies the size for the next packet, then sending a larger packet than specified, which causes Etherlords to read unallocated memory.
|
2004-03-25
|
Nival Etherlords Crafted Packet Unallocated Memory Access Remote DoS
|
|
7455
Description:
Unknown / Incomplete
|
2004-03-24
|
TikiWiki tiki-install.php Database Overwrite Local DoS
|
|
4542
Description:
(Description Provided by CVE) : Ipswitch WS_FTP Server 4.0.2 allows remote attackers to cause a denial of service (disk consumption) and bypass file size restrictions via a REST command with a large size argument, followed by a STOR of a smaller file.
|
2004-03-24
|
WS_FTP Server Crafted REST / STOR Commands Disk Consumption DoS
|
|
6420
Description:
MySQL contains a flaw that may allow a malicious user to arbitrary overwrite files. The problem is that the "mysqlbug" script creates files with insecure permissions. It is possible that the flaw may allow a malicious user to create a symlink to this file, which could allow arbitrary files to be overwriten on the system, resulting in a loss of integrity.
|
2004-03-24
|
MySQL mysqlbug Symlink Arbitrary File Overwrite
|
|
6421
Description:
MySQL contains a flaw that may allow a malicious user to arbitrary overwrite files. The problem is that the "mysqld_multi" script creates files with insecure permissions. It is possible that the flaw may allow a malicious user to create a symlink to this file, which could allow arbitrary files to be overwriten on the system, resulting in a loss of integrity.
|
2004-03-24
|
MySQL mysqld_multi Symlink Arbitrary File Overwrite
|
|
4539
Description:
(Description Provided by CVE) : Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to execute arbitrary programs as SYSTEM by using the SITE command to modify certain iFtpSvc options that are handled by iftpmgr.exe.
|
2004-03-24
|
WS_FTP Server SITE Arbitrary Remote Command Execution
|
|
4540
Description:
(Description Provided by CVE) : Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred.
|
2004-03-24
|
WS_FTP Server ALLO Command Remote Overflow
|
|
4541
Description:
(Description Provided by CVE) : Multiple buffer overflows in Ipswitch WS_FTP Server 4.0.2 (1) allow remote authenticated users to execute arbitrary code by causing a large error string to be generated by the ALLO handler, or (2) may allow remote FTP administrators to execute arbitrary code by causing a long hostname or username to be inserted into a reply to a STAT command while a file is being transferred.
|
2004-03-24
|
WS_FTP Server STAT Command Remote Overflow
|
|
4546
Description:
Unknown / Incomplete
|
2004-03-24
|
Kerio WinRoute HTTP Header Parser DoS
|
|
4547
Description:
(Description Provided by CVE) : DameWare Mini Remote Control 3.x before 3.74 and 4.x before 4.2 transmits the Blowfish encryption key in plaintext, which allows remote attackers to gain sensitive information.
|
2004-03-24
|
DameWare Mini Remote Control Weak Encryption Implementation
|
|
4514
Description:
(Description Provided by CVE) : Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords.
|
2004-03-24
|
Novell NetWare Admin/Install Password Disclosure
|
|
4513
Description:
Unknown / Incomplete
|
2004-03-24
|
Microsoft Visual C++ Constructed ISAPI Extensions
DoS
|
|
4515
Description:
(Description Provided by CVE) : xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.
|
2004-03-24
|
Xine Insecure Temporary File Creation
|
|
4516
Description:
VP-ASP Shopping Cart contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'shopreviewlist.asp' script not properly sanitizing user-supplied input to the 'catalogid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2004-03-24
|
VP-ASP Shopping Cart shopreviewlist.asp catalogid Parameter SQL Injection
|
|
18001
Description:
VP-ASP Shopping Cart contains a flaw that may allow an attacker to carry out an SQL injection attack. The issue is due to the 'shopreviewadd.asp' script not properly sanitizing user-supplied input to the 'catalogid' parameter. This may allow an attacker to inject or manipulate SQL queries in the back-end database.
|
2004-03-24
|
VP-ASP Shopping Cart shopreviewadd.asp catalogid Parameter SQL Injection
|
|
4412
Description:
Check Point FireWall-1 contains a flaw that may allow a remote authenticated attacker to execute arbitrary commands with elevated privileges. The issue is due to the SmartDashboard software (the policy and security management interface) not properly checking the "filter" or "details" columns. If an attacker supplied a specially crafted string for these fields, they may be able to execute arbitrary code with elevated privileges.
|
2004-03-24
|
Check Point FireWall-1 SmartDashboard Overflow
|
|
4529
Description:
cPanel contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "email" variable upon submission to the "dodelautores.html" script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-03-24
|
cPanel dodelautores.html email Parameter XSS
|
|
4530
Description:
cPanel contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "handle" variable upon submission to the "addhandle.html" script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-03-24
|
cPanel addhandle.html handle Parameter XSS
|
|
4550
Description:
(Description Provided by CVE) : Buffer overflow in the logging function in Picophone 1.63 and earlier allows remote attackers to execute arbitrary code via a large packet.
|
2004-03-24
|
PicoPhone Logging Functionality Remote Overflow
|
|
4557
Description:
Nexgen FTP Server contains a flaw that allows a remote attacker to view directories and files outside of the web path. The issue is due to the program not properly sanitizing user input, specifically traversal style attacks (../../) supplied via NLST (ls), LIST (dir), RETR (get), RNFR and RNTO ftp commands.
|
2004-03-24
|
Nexgen FTP Server Multiple Commands Traversal Arbitrary File Access
|
|
5441
Description:
Unknown / Incomplete
|
2004-03-24
|
DirList Excessive Search DoS
|
|
45572
Description:
Unknown / Incomplete
|
2004-03-23
|
IBM DB2 Universal Database db2service Section Dump Collection Query Overflow DoS
|
|
4472
Description:
(Description Provided by CVE) : Multiple SQL injection vulnerabilities in index.php in Invision Gallery 1.0.1 allow remote attackers to execute arbitrary SQL via the (1) img, (2) cat, (3) sort_key, (4) order_key, (5) user, or (6) album parameters.
|
2004-03-23
|
Invision Gallery Module index.php Multiple Parameter SQL Injection
|
|
4491
Description:
(Description Provided by CVE) : Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key.
|
2004-03-23
|
SSH Tectia Server ssh-passwd-plugin Private Host Key
Exposure
|
|
4336
Description:
OpenBSD contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted isakmp packet, and will result in loss of availability for the service.
|
2004-03-23
|
OpenBSD isakmpd Zero-length Payload Handling DoS
|
|
5698
Description:
OpenBSD contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially-crafted ISAKMP packet containing a malformed IPSEC SA payload, and will result in loss of availability for the service.
|
2004-03-23
|
OpenBSD isakmpd IPSEC SA Payload Handling DoS
|
|
5699
Description:
OpenBSD contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially-crafted ISAKMP packet containing a malformed Cert Request payload, and will result in loss of availability for the service.
|
2004-03-23
|
OpenBSD isakmpd Cert Request Payload Handling DoS
|
|
5700
Description:
OpenBSD contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially-crafted ISAKMP packet containing a malformed delete payload with a large number of Security Parameter Indexes (SPI), and will result in loss of availability for the service.
|
2004-03-23
|
OpenBSD isakmpd Delete Payload Handling DoS
|
|
5701
Description:
OpenBSD contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends specially-crafted packets which take advantage of memory leaks in isakmpd, and will result in loss of availability for the service.
|
2004-03-23
|
OpenBSD isakmpd Various Memory Leaks DoS
|
|
4471
Description:
phpBB contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "avitarselect" variable upon submission to the profile.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-03-23
|
phpBB profile.php avitarselect Parameter XSS
|
|
4683
Description:
Unknown / Incomplete
|
2004-03-23
|
Hibyte HiGuest Message Text XSS
|
|
4470
Description:
FirstClass contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate the "TargetName" variable upon submission to the upload.shtml script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-03-23
|
FirstClass TargetName XSS
|
|
4460
Description:
(Description Provided by CVE) : Directory traversal vulnerability in xweb 1.0 allows remote attackers to download arbitrary files via a .. (dot dot) in the URL.
|
2004-03-23
|
XWeb URL Traversal Arbitrary File Download
|
|
4490
Description:
A remote overflow exists in Ethereal. The NetFlow v9 Dissector fails to check the bounds of the template_entry variable resulting in a caching overflow. With a specially crafted request, an attacker can cause a buffer overflow resulting in a loss of integrity.
|
2004-03-23
|
Ethereal NetFlow v9 Dissector Template Caching Overflow
|
|
5937
Description:
FreeBSD contains a flaw that may allow a local denial of service. The issue is triggered when a user allocates an unbounded amount of wired memory, and will result in loss of availability for the platform. The issue is due to the kernel copying vm_exitingcnt to the new vmspace in vmspace_exec().
|
2004-03-23
|
FreeBSD vm_map.c Memory Exhaustion DoS
|
