| OSVDB ID | Disclosure Date | Title |
|---|
|
10179
Description:
Mambo contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate Itemid, mosmsg, and limit variables upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-09-18
|
Mambo index.php Multiple Parameter XSS
|
|
10180
Description:
Mambo contains a flaw that may allow a remote attacker to execute arbitrary commands. The problem is that the function.php script does not validate the mosConfig_absolute_path variable which can be changed to include and execute code from a remote location. It is possible that the flaw may allow a remote attacker to execute arbitrary commands resulting in a loss of integrity.
|
2004-09-18
|
Mambo Function.php Arbitrary Command Execution
|
|
10208
Description:
PostNuke contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote user requests the footer.php page, which will display an error message disclosing the installation path resulting in a loss of confidentiality.
|
2004-09-18
|
PostNuke CMS footer.php Path Disclosure
|
|
10209
Description:
PostNuke CMS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote user requests the /modules/Downloads/admin.php page, which will display an error message disclosing the installation path resulting in a loss of confidentiality.
|
2004-09-18
|
PostNuke CMS Downloads Module admin.php Path Disclosure
|
|
10210
Description:
PostNuke CMS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote user requests the /modules/FAQ/admin.php page, which will display an error message disclosing the installation path resulting in a loss of confidentiality.
|
2004-09-18
|
PostNuke CMS FAQ Module admin.php Path Disclosure
|
|
10211
Description:
PostNuke CMS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote user requests the /modules/Reviews/admin.php page, which will display an error message disclosing the installation path resulting in a loss of confidentiality.
|
2004-09-18
|
PostNuke CMS Reviews Module admin.php Path Disclosure
|
|
10212
Description:
PostNuke CMS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote user requests the /modules/Sections/admin.php page, which will display an error message disclosing the installation path resulting in a loss of confidentiality.
|
2004-09-18
|
PostNuke CMS Sections Module admin.php Path Disclosure
|
|
10213
Description:
PostNuke CMS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote user requests the /modules/Submit_News/admin.php page, which will display an error message disclosing the installation path resulting in a loss of confidentiality.
|
2004-09-18
|
PostNuke CMS Submit News Module admin.php Path Disclosure
|
|
10214
Description:
PostNuke CMS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote user requests the /modules/Top_List/admin.php page, which will display an error message disclosing the installation path resulting in a loss of confidentiality.
|
2004-09-18
|
PostNuke CMS Top List Module admin.php Path Disclosure
|
|
10215
Description:
PostNuke CMS contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a remote user requests the /modules/Web_Links/admin.php page, which will display an error message disclosing the installation path resulting in a loss of confidentiality.
|
2004-09-18
|
PostNuke CMS Web Links Module admin.php Path Disclosure
|
|
10016
Description:
WebIntelligence contains a flaw that may allow a malicious user to delete arbitrary documents. The issue is triggered when authennticated user without delete permission accesses specially crafted URL containing docuement ID and name. It is possible that the flaw may allow document deletion resulting in a loss of integrity.
|
2004-09-17
|
Business Objects WebIntelligence Restriction Bypass Arbitrary Document Deletion
|
|
10037
Description:
Google Toolbar contains a flaw that allows a cross domain scripting attack. This flaw exists because the application does not validate URI input upon submission to the browser. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and arbitrary IE domain, leading to a loss of integrity.
|
2004-09-17
|
Google Toolbar About Page Cross-Domain Command Execution
|
|
12850
Description:
Unknown / Incomplete
|
2004-09-17
|
eSvn Config File Authentication Credential Cleartext Disclosure
|
|
10017
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document.
|
2004-09-17
|
Business Objects InfoView for WebIntelligence Options Pane Personalized Picture XSS
|
|
10018
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in Business Objects InfoView 5.1.4 through 5.1.8 for WebIntelligence 2.7.0 through 2.7.4 allows remote attackers to inject arbitrary web script or HTML via document names when uploading a document.
|
2004-09-17
|
Business Objects InfoView for WebIntelligence File Upload Document Name XSS
|
|
10019
Description:
Unknown / Incomplete
|
2004-09-17
|
RsyncX Malformed defaults File Local Privilege Escalation
|
|
10024
Description:
Internet Gatekeeper contains a flaw that may allow a malicious user to bypass filters. The issue is triggered when an attacker sends messages containing malformed Content-Transfer-Encoding headers. It is possible that the flaw may allow an attacker to bypass filters resulting in the execution of an unblocked file by the client.
|
2004-09-17
|
F-Secure Internet Gatekeeper MIME Decoding Filter Bypass
|
|
10230
Description:
Unknown / Incomplete
|
2004-09-17
|
Microsoft Windows XP SP2 File/Print Share Restriction Bypass
|
|
10049
Description:
The mod_cplusplus module for apache has been reported to contain an overflow. The information comes from the vendor site where the update lists "Use length based string building to defend against buffer overruns" as one of the new features. After further examination, it was determined that the buffer for converting an integer to a string was sufficient for the MAX integer length on 32 and 64 bit platforms. This would only be exploitable on a processor that was 256-bit.
|
2004-09-16
|
mod_cplusplus For Apache HTTP Server Unspecified Overflow
|
|
44128
Description:
Unknown / Incomplete
|
2004-09-16
|
Nortel iSD-SSL Management Interface Direct Access Weakness
|
|
44127
Description:
Unknown / Incomplete
|
2004-09-16
|
Nortel iSD-SSL BBI Authentication Cleartext Password Disclosure
|
|
10068
Description:
A vulnerability has been reported in the htpasswd utility distributed with Apache. While the program may contain a local overflow, this would only be of benefit if an administrator gave it SUID permissions, placed it in a chroot style environment or made it accessable via a web page. In each scenario there is a chance the vulnerability could be used to leverage permissions.
|
2004-09-16
|
Apache HTTP Server htpasswd Local Overflow
|
|
10242
Description:
(Description Provided by CVE) : Cross-site scripting (XSS) vulnerability in YaBB.pl in YaBB 1 GOLD SP 1.3.2 allows remote attackers to inject arbitrary web script or HTML via a hex-encoded to parameter. NOTE: some sources say that the board parameter is affected, but this is incorrect.
|
2004-09-16
|
YaBB YaBB.pl to Parameter XSS
|
|
10243
Description:
(Description Provided by CVE) : Cross-site request forgery (CSRF) vulnerability in YaBB 1 GOLD SP 1.3.2 allows remote attackers to perform unauthorized actions as the administrative user via a link or IMG tag to YaBB.pl that specifies the desired action, id, and moda parameters.
|
2004-09-16
|
YaBB YaBB.pl CSRF IMG Tag Command Injection
|
|
9995
Description:
CUPS contains a flaw that may allow a remote denial of service. The issue is triggered when an empty UDP packet is sent to port 631 and will result in loss of availability for the cupsd.
|
2004-09-16
|
CUPS Internet Printing Protocol (IPP) Implementation Empty UDP Datagram Remote DoS
|
|
9996
Description:
(Description Provided by CVE) : The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.
|
2004-09-16
|
GdkPixbuf BMP Processor DoS
|
|
9998
Description:
A remote overflow exists in the GdkPixbuf library. The xpm_extract_color function contains a boundary error when decoding images which may result in a stack-based overflow. With a specially crafted XPM image, an attacker can execute arbitrary code resulting in a loss of confidentiality, integrity, or availability.
|
2004-09-16
|
GdkPixbuf xpm_extract_color Remote Overflow
|
|
9999
Description:
A remote overflow exists in GdkPixbuf. GdkPixbuf fails to properly validate input in the ICO image decoding functionality resulting in a integer overflow. With a specially crafted request, an attacker can cause a DoS on the affected application resulting in a loss of availability.
|
2004-09-16
|
GdkPixbuf ICO Image Decoding Remote Overflow
|
|
10007
Description:
Apple iChat contains a flaw that may allow a malicious user to execute arbitrary commands. The issue is triggered when a remote attacker sends a 'link' to an iChat particiant, which will run the application on the system with the user's privileges if the link is clicked. This flaw leads to a loss of integrity.
|
2004-09-16
|
Apple iChat Link Handling Arbitrary Command Execution
|
|
10008
Description:
Pigeon Server contains a flaw that may allow a remote denial of service. The issue is triggered when a login field longer than 8180 chars is sent, and will result in loss of availability for the service.
|
2004-09-16
|
Pigeon Server Login Field Overflow DoS
|
|
10023
Description:
Sudo contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when a malicious user links an arbitrary file to sudo's temporary file and calls the -u option (sudoedit) resulting in read access to the linked file, which will disclose information normally unreadable resulting in a loss of confidentiality.
|
2004-09-16
|
sudo sudoedit Restricted Local File Disclosure
|
|
10038
Description:
DNS4Me contains a flaw that allows a remote cross site scripting attack. This flaw exists because the application does not validate HTTP GET requests. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.
|
2004-09-16
|
DNS4Me GET Request XSS
|
|
10039
Description:
DNS4Me contains a flaw that may allow a remote denial of service. The issue is triggered when sending a large amount of data to port 80, which causes the service to consume all available CPU resources and eventually crash resulting in a loss of availability.
|
2004-09-16
|
DNS4Me Web Server GET Request Overflow DoS
|
|
10070
Description:
(Description Provided by CVE) : CRLF injection vulnerability in down.asp for Snitz Forums 2000 3.4.04 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via the location parameter.
|
2004-09-16
|
Snitz Forums 2000 HTTP Response Splitting
|
|
10079
Description:
It has been reported that a local overflow exists in FreeBSD. The syscall() function in 'trap.c' fails to perform proper bounds checking resulting in a buffer overflow, which could allow a malicious user to crash the kernel. It was subsequently pointed out that one must have root privileges to exploit this issue, invalidating the finding.
|
2004-09-16
|
FreeBSD trap.c syscall() Function Local Overflow
|
|
10244
Description:
(Description Provided by CVE) : Buffer overflow in the prepared statements API in libmysqlclient for MySQL 4.1.3 beta and 4.1.4 allows remote attackers to cause a denial of service via a large number of placeholders.
|
2004-09-16
|
MySQL libmysqlclient Prepared Statements API Overflow
|
|
15223
Description:
By inserting a crafted comment line in a web page, IE 6 believes that the page was previously saved locally and bypasses the protection against downloading javascript & activex provided by the information bar.
|
2004-09-15
|
Microsoft IE XHTML Formatted Comment User Confirmation Bypass
|
|
10077
Description:
Unknown / Incomplete
|
2004-09-15
|
McAfee VirusScan Scheduled Task Privilege Escalation
|
|
9994
Description:
The IPv6 URI parsing routines in the apr-util library for Apache HTTP Server and IBM HTTP Server contains a flaw that may allow a remote denial of service. With a specially crafted URI request, a remote attacker could cause a httpd child process to crash, resulting in a loss of availability for the service.
|
2004-09-15
|
Apache HTTP Server apr-util IPV6 Parsing DoS
|
|
44075
Description:
Unknown / Incomplete
|
2004-09-15
|
Phorum /include/format_functions.php Linked Author XSS
|
