| OSVDB ID | Disclosure Date | Title |
|---|
|
36976
Description:
Unknown / Incomplete
|
2004-06-05
|
3Proxy POP3 Proxy Password Local Disclosure
|
|
10658
Description:
A remote overflow exists in MySQL. MySQL fails to perform proper bounds checking on the 'mysql_real_connect' function resulting in a buffer overflow. With a specially crafted request, an attacker may cause a remote buffer overflow resulting in a loss of confidentiality and/or integrity.
|
2004-06-04
|
MySQL mysql_real_connect() Function Remote Overflow
|
|
6735
Description:
FoolPrint contains a flaw on Windows 98/98SE/Me platform that may lead to an unauthorized password exposure. The issue is due to bitwise XOR operator in the weak ADMINPW.EXE password recovery algorithm. By calculating the known "Control" password and password recovery key, a local attacker can gain access to administrator passwords, which may lead to a loss of confidentiality, integrity and/or availability.
|
2004-06-04
|
FoolProof Security ADMINPW.EXE Encryption Algorithm Weakness
|
|
10626
Description:
Unknown / Incomplete
|
2004-06-04
|
Colin McRae Rally Crafted numplayers Value DoS
|
|
15943
Description:
Unknown / Incomplete
|
2004-06-04
|
Horde IMP Email Content-type Header XSS
|
|
6729
Description:
Webmin contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious user attempts logon with bogus usernames or passwords, and may result in loss of availability for arbitrary Webmin users.
|
2004-06-03
|
Webmin Arbitrary Account Lock DoS
|
|
6744
Description:
CraftySyntax contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate variables upon submission to the "Live Help" script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-06-03
|
Crafty Syntax Live Help (CSLH) Live Help Name Field XSS
|
|
6590
Description:
Opera Web Browser contains a flaw that may allow a malicious user to spoof a trusted web site. The issue is triggered when a favicon.ico image is crafted to resemble the text of a trusted web site address. It is possible that the flaw may allow impersonation of a trusted web site resulting in a loss of integrity.
|
2004-06-03
|
Opera favicon.ico Address Bar Spoofing
|
|
6603
Description:
Oracle E-Business Suite and Oracle Applications contain several flaws that will allow an attacker to inject arbitrary SQL code. These vulnerabilities can be remotely exploited by using a browser to send a specially crafted URL to the web server. No further details are available.
|
2004-06-03
|
Oracle E-Business Suite Multiple Unspecified SQL Injection
|
|
6753
Description:
Unknown / Incomplete
|
2004-06-03
|
Trend Micro Anti-Virus Cross Application Scripting
|
|
6745
Description:
NetWin's SurgeMail and WebMail contain a flaw that may lead to an unauthorized information disclosure. The issue is triggered when no arguments or a non-existant file are provided to various HTTP requests, which will disclose the physical server path resulting in a loss of confidentiality.
|
2004-06-03
|
SurgeMail/WebMail Error Message Path Disclosure
|
|
6746
Description:
NetWin's SurgeMail and WebMail contain a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate input upon submission to the login script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-06-03
|
SurgeMail/WebMail Login Form XSS
|
|
6751
Description:
(Description Provided by CVE) : Unknown versions of Mozilla allow remote attackers to cause a denial of service (high CPU/RAM consumption) using Javascript with an infinite loop that continues to add input to a form, possibly as the result of inserting control characters, as demonstrated using an embedded ctrl-U.
|
2004-06-03
|
Mozilla Multiple Browser Ctrl-U Memory Leak DoS
|
|
6635
Description:
Lore contains a flaw that allows an attacker to run compiled templates out of context. No further details have been provided.
|
2004-06-03
|
Lore Unspecified Compiled Template Access
|
|
6743
Description:
By default, NetGear WG602 WAP contains a default administrative account which cannot be disabled. Depending on the firmware version, the default account "superman" or "super" has the password "21241036" or "5777364" respectively. Although some firmware versions may not be affected, both passwords are publicly known and documented. This allows attackers to trivially access the program or system.
|
2004-06-03
|
NETGEAR WG602 Wireless Access Point Hardcoded Default Account
|
|
6655
Description:
Linksys BEF series routers contains a flaw that may allow a remote denial of service. The issue is triggered when a long string (about 350 chars) is passed to the gozila.cgi script DomainName parameter, resulting in loss of availability for the Linksys router.
|
2004-06-03
|
Cisco Linksys BEF Series Routers Gozila.cgi Multiple Parameter Remote DoS
|
|
7974
Description:
PunBB contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered due to the search dropdown list, which will list protected forums to unauthorized users resulting in a loss of confidentiality. No further details have been provided.
|
2004-06-03
|
PunBB Search Dropdown Private Forum Disclosure
|
|
6624
Description:
A remote overflow exists in Borland Interbase. The database fails to do proper bounds checking on the passed database name resulting in a buffer overflow. With a specially crafted request, an attacker can cause execute code on the remote host resulting in a loss of integrity.
|
2004-06-02
|
Borland Interbase Database Name Overflow
|
|
6608
Description:
Tripwire contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when creating a file with a specially crafted filename which may be included in the email report and passed to the fprintf() function. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
|
2004-06-02
|
Tripwire Email Report Format String Arbitrary Code Execution
|
|
27063
Description:
Unknown / Incomplete
|
2004-06-02
|
UNIX-V7 mkdir Directory Check Overflow
|
|
8275
Description:
Internet Explorer contains a flaw that may allow a malicious web site operator to execute arbitrary code on a client PC. The issue is triggered when an attacker exploits a flaw in the IE cross-domain security model by using the showModalDialog method to modify the location to execute code. This can be done via delayed HTTP redirect operations and an HTTP response with a Location: header containing a "URL:" prepended to a "ms-its" protocol URI, or modifying the location attribute of the window. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
|
2004-06-02
|
Microsoft IE Navigation Cross Domain Execution (InsiderPrototype)
|
|
6589
Description:
The Slackware PHP package contains a flaw that may allow a malicious user to gain access to unauthorized privileges. The issue is caused by linking to libraries in an insecure location (the /tmp directory). An attacker could place shared libraries in this location, and cause arbitrary code to execute as the PHP user, leading to a loss of integrity.
|
2004-06-02
|
Slackware Linux PHP Insecure Static Library Code Execution
|
|
7028
Description:
Unknown / Incomplete
|
2004-06-02
|
PHPoto picture_view.php Non-specific Image Access
|
|
6625
Description:
Various IBM Tivoli applications contain a flaw that may lead to an unauthorized information disclosure. The issue is triggered from improper handling of cookies when the session is authenticated from a form, which could possibly disclose restricted or sensitive information resulting in a loss of confidentiality.
|
2004-06-02
|
IBM Multiple Products Authentication Cookie Session Hijacking
|
|
19797
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in chat.ghp in Easy Chat Server 1.2 allows remote attackers to inject arbitrary web script or HTML via the username parameter.
|
2004-06-02
|
Easy Chat Server chat.ghp username Parameter XSS
|
|
7154
Description:
Unknown / Incomplete
|
2004-06-02
|
Trac auth.py SQL Injection
|
|
26965
Description:
Unknown / Incomplete
|
2004-06-01
|
Project EROS bbsengine forums Unspecified DoS
|
|
6846
Description:
A remote overflow exists in Kerberos 5. Kerberos fails to check the string length in the functions aname_replacer(), do_replacement() and rule_an_to_ln() resulting in a heap buffer overflow. With a specially crafted request, an attacker can gain remote access as root resulting in a loss of confidentiality, integrity, and/or availability. This vulnerability only exists when the software is used with a non-standard configuration. Please see the MIT release notes for the details.
|
2004-06-01
|
MIT Kerberos 5 krb5_aname_to_localname() Buffer Overflow
|
|
6534
Description:
(Description Provided by CVE) : Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the (1) parseQmailFromBytesLine, (2) parseQmailToRemoteLine, (3) parseQmailToLocalLine, (4) parseSendmailFromBytesLine, (5) parseSendmailToLine, (6) parseEximFromBytesLine, and (7) parseEximToLine functions in Parser.c; allow local users to execute arbitrary code via the (8) lowercase and (9) check_syslog_date functions in Parser.c, and (10) unspecified functions in Dir.c; and allow unspecified attackers to execute arbitrary code via the (11) loadconfig and (12) removespaces functions in loadconfig.c, the (13) loadLang function in LangCfg.c, and (14) unspecified functions in Html.c.
|
2004-06-01
|
EnderUNIX isoqlog Parser.c Multiple Function Remote Overflow
|
|
23576
Description:
(Description Provided by CVE) : Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the (1) parseQmailFromBytesLine, (2) parseQmailToRemoteLine, (3) parseQmailToLocalLine, (4) parseSendmailFromBytesLine, (5) parseSendmailToLine, (6) parseEximFromBytesLine, and (7) parseEximToLine functions in Parser.c; allow local users to execute arbitrary code via the (8) lowercase and (9) check_syslog_date functions in Parser.c, and (10) unspecified functions in Dir.c; and allow unspecified attackers to execute arbitrary code via the (11) loadconfig and (12) removespaces functions in loadconfig.c, the (13) loadLang function in LangCfg.c, and (14) unspecified functions in Html.c.
|
2004-06-01
|
EnderUNIX isoqlog Dir.c Unspecified Function Overflow
|
|
23577
Description:
(Description Provided by CVE) : Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the (1) parseQmailFromBytesLine, (2) parseQmailToRemoteLine, (3) parseQmailToLocalLine, (4) parseSendmailFromBytesLine, (5) parseSendmailToLine, (6) parseEximFromBytesLine, and (7) parseEximToLine functions in Parser.c; allow local users to execute arbitrary code via the (8) lowercase and (9) check_syslog_date functions in Parser.c, and (10) unspecified functions in Dir.c; and allow unspecified attackers to execute arbitrary code via the (11) loadconfig and (12) removespaces functions in loadconfig.c, the (13) loadLang function in LangCfg.c, and (14) unspecified functions in Html.c.
|
2004-06-01
|
EnderUNIX isoqlog loadconfig.c Multiple Function Overflow
|
|
23578
Description:
(Description Provided by CVE) : Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the (1) parseQmailFromBytesLine, (2) parseQmailToRemoteLine, (3) parseQmailToLocalLine, (4) parseSendmailFromBytesLine, (5) parseSendmailToLine, (6) parseEximFromBytesLine, and (7) parseEximToLine functions in Parser.c; allow local users to execute arbitrary code via the (8) lowercase and (9) check_syslog_date functions in Parser.c, and (10) unspecified functions in Dir.c; and allow unspecified attackers to execute arbitrary code via the (11) loadconfig and (12) removespaces functions in loadconfig.c, the (13) loadLang function in LangCfg.c, and (14) unspecified functions in Html.c.
|
2004-06-01
|
EnderUNIX isoqlog LangCfg.c LoadLang Function Overflow
|
|
23579
Description:
(Description Provided by CVE) : Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the (1) parseQmailFromBytesLine, (2) parseQmailToRemoteLine, (3) parseQmailToLocalLine, (4) parseSendmailFromBytesLine, (5) parseSendmailToLine, (6) parseEximFromBytesLine, and (7) parseEximToLine functions in Parser.c; allow local users to execute arbitrary code via the (8) lowercase and (9) check_syslog_date functions in Parser.c, and (10) unspecified functions in Dir.c; and allow unspecified attackers to execute arbitrary code via the (11) loadconfig and (12) removespaces functions in loadconfig.c, the (13) loadLang function in LangCfg.c, and (14) unspecified functions in Html.c.
|
2004-06-01
|
EnderUNIX isoqlog Html.c Unspecified Function Overflow
|
|
6517
Description:
TinyWeb contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when input is not properly validated, which will disclose the content of the cgi-bin directory, resulting in a loss of confidentiality.
|
2004-06-01
|
TinyWEB cgi-bin Arbitrary File/Directory Access
|
|
6593
Description:
PHP-Nuke contains a flaw that may allow a malicious user to avoid a script access restriction check which could potentially lead to a path disclosure from a resulting error message. The issue is triggered from the improper matching of a file to a URL and may result in a loss of confidentiality.
|
2004-06-01
|
PHP-Nuke eregi() Function Calling Script Access Path Disclosure
|
|
6515
Description:
Microsoft Windows 2000 contains a flaw that may allow a malicious user to authenticate with an account that has an expired password. The issue is triggered when the fully qualified domain name is exactly 8 characters. It is possible that the flaw may allow the user to authenticate resulting in a loss of integrity.
|
2004-06-01
|
Microsoft Windows 2000 Domain Expired Account Authentication
|
|
6651
Description:
JCIFS SMB/CIFS Java implementation contains a flaw that may allow a malicious user to gain access to the system. The issue is triggered when the guest account is enabled on a CIFS server, allowing access to users even after typing an invalid username or password. It is possible that the flaw may allow access to the system resulting in a loss of confidentiality.
|
2004-06-01
|
Java CIFS Client Invalid Username Authentication
|
|
6524
Description:
Gallery contains a flaw that may allow a malicious user to gain administrative access. The issue is triggered when a specially crafted URL is passed to init.php to bypass authentication. It is possible that the flaw may allow unauthorized administrative access resulting in a loss of integrity.
|
2004-06-01
|
Gallery init.php Authentication Bypass
|
|
60302
Description:
(Description Provided by CVE) : PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string.
|
2004-06-01
|
Nuke Cops eregi() Function Calling Script Access Path Disclosure
|
|
60303
Description:
(Description Provided by CVE) : PHP-Nuke 7.3, and other products that use the PHP-Nuke codebase such as the Nuke Cops betaNC PHP-Nuke Bundle, OSCNukeLite 3.1, and OSC2Nuke 7x do not properly use the eregi() PHP function with $_SERVER['PHP_SELF'] to identify the calling script, which allows remote attackers to directly access scripts, obtain path information via a PHP error message, and possibly gain access, as demonstrated using an HTTP request that contains the "admin.php" string.
|
2004-06-01
|
OSC2Nuke / OSC2NukeLite eregi() Function Calling Script Access Path Disclosure
|
