| OSVDB ID | Disclosure Date | Title |
|---|
|
5407
Description:
(Description Provided by CVE) : The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager.
|
2001-11-30
|
Oracle Application Server Default SOAP Configuration Unauthorized Application Deployment
|
|
1998
Description:
Lotus Domino HTTP Server contains a flaw that may allow a remote denial of service. The issue is triggered when a SunRPC NULL string is sent to the SSL port (443), and will result in loss of availability for the service
|
2001-11-30
|
IBM Lotus Domino SunRPC NULL Command DoS
|
|
8953
Description:
(Description Provided by CVE) : Directory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Filename parameter in (1) UploadScript11.asp or (2) DirectoryListing.asp.
|
2001-11-30
|
AspUpload UploadScript11.asp Arbitrary File Upload
|
|
8954
Description:
(Description Provided by CVE) : Directory traversal vulnerability in AspUpload 2.1, in certain configurations, allows remote attackers to upload and read arbitrary files, and list arbitrary directories, via a .. (dot dot) in the Filename parameter in (1) UploadScript11.asp or (2) DirectoryListing.asp.
|
2001-11-30
|
AspUpload DirectoryListing.asp Arbitrary File / Directory Access
|
|
11639
Description:
(Description Provided by CVE) : HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2.6.18 is enabled without authentication by default, which allows remote attackers to obtain network monitoring logs with potentially sensitive information by directly requesting the eye.ini file.
|
2001-11-30
|
Alchemy Eye / Network Monitor HTTP Server eye.ini Unauthenticated Information Disclosure
|
|
19398
Description:
(Description Provided by CVE) : Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.
|
2001-11-29
|
SCO OpenServer Unspecified Local System Modication
|
|
20353
Description:
Snort contains a flaw related to the 'frag2' IP defragmenter plugin that may allow a remote attacker to crash the application. No further details have been provided.
|
2001-11-29
|
Snort frag2 IP Defragmenter Unspecified DoS
|
|
9432
Description:
A local overflow exists in Oracle. Oracle fails to perform proper bounds checking on the user supplied ORACLE_HOME variable in dbsnmp resulting in a buffer overflow. With a specially crafted request in which the value of ORACLE_HOME is more than 750 bytes, an attacker can cause execution of arbitrary code resulting in a loss of integrity.
|
2001-11-29
|
Oracle dbsnmp ORACLE_HOME Variable Local Overflow
|
|
54034
Description:
Unknown / Incomplete
|
2001-11-29
|
spin_client.cgi Remote Overflow
|
|
44600
Description:
Unknown / Incomplete
|
2001-11-29
|
Oracle Application Server soapdocs Directory Remote Information Disclosure
|
|
684
Description:
(Description Provided by CVE) : Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 through 2.6.18, or (2) a DOS device name followed by a .. in versions 2.6.19 through 3.0.10.
|
2001-11-29
|
Alchemy Eye/Network Monitor Traversal Arbitrary Command Execution
|
|
1997
Description:
(Description Provided by CVE) : Buffer overflow in Frox transparent FTP proxy 0.6.6 and earlier, with the local caching method selected, allows remote FTP servers to run arbitrary code via a long response to an MDTM request.
|
2001-11-29
|
Frox FTP Cache MDTM Request Overflow
|
|
4739
Description:
(Description Provided by CVE) : NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote attackers to bypass filtering and possibly execute arbitrary code in email clients that process the invalid attachments.
|
2001-11-29
|
McAfee WebShield SMTP MIME Attachments Bypass
|
|
9455
Description:
(Description Provided by CVE) : dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLE_HOME to an alternate directory that contains a malicious version of dbsnmp.
|
2001-11-29
|
Oracle dbsnmp ORACLE_HOME Path Subversion Privilege Escalation
|
|
9456
Description:
(Description Provided by CVE) : dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the (1) chown or (2) chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs.
|
2001-11-29
|
Oracle dbsnmp PATH Variable Subversion Privilege Escalation
|
|
11968
Description:
(Description Provided by CVE) : PGPMail.pl 1.31 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) recipient or (2) pgpuserid parameters.
|
2001-11-29
|
PGPMail.pl Multiple Parameter Arbitrary Command Execution
|
|
14265
Description:
Unknown / Incomplete
|
2001-11-29
|
netscript Multiple Option High Character Value Arbitrary Code Execution
|
|
20273
Description:
A local overflow exists in uucp on BSD. The program fails to check bounds, resulting in a buffer overflow. By passing a long string of data, an attacker can execute arbitrary code on the system with the privileges of uucp, resulting in a loss of integrity.
|
2001-11-29
|
BSDI uucp Command Line Argument Local Overflow
|
|
686
Description:
WU-FTPD contains a flaw that may allow a remote attacker to execute arbitrary code. The issue is triggered when when the 'ftpglob()' function fails to properly set the 'globerr' variable when the malformed string '~{' is inserted after a valid command by a valid user. This causes the heap to become corrupt and potentially allow a remote attacker to place and point to arbitrary commands on the heap. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
|
2001-11-28
|
WU-FTPD ftpglob Function Error Handling Arbitrary Code Execution
|
|
14053
Description:
A remote overflow exists in Cooolsoft PowerFTP server. The PowerFTP server fails to correctly check the size of incoming commands resulting in a buffer overflow. With a specially crafted request composed of a command longer than 2048 characters, an attacker can cause a denial of service to the PowerFTP server resulting in a loss of availability.
|
2001-11-28
|
Cooolsoft PowerFTP Server Long Command Parsing Remote Overflow
|
|
20269
Description:
(Description Provided by CVE) : The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication information and gain privileges.
|
2001-11-28
|
TWIG Webmail config.php Cookie Cleartext Authentication Credential Storage
|
|
808
Description:
IOS contains a flaw that may allow a malicious user to direct network traffic to a protected host. The issue is triggered when IOS fails to check the protocol type of return traffic which otherwise matches a dynamic access list entry. It is possible that the flaw may allow unauthorized traffic to pass into a protected network.
|
2001-11-28
|
Cisco IOS Firewall CBAC ACL Bypass
|
|
7756
Description:
PowerFTP contains a flaw that allows a remote attacker to access unauthorized files. The issue is due to the PowerFTP Server inproperly checking for permissions on other drives. By sending the LS or GET command with "dot dot" sequences (/../), a remote attacker can access other files outside of the FTP server root directory, resulting a loss of confidentiality and integrity.
|
2001-11-28
|
Cooolsoft PowerFTP Server Multiple Command Arbitrary File Access
|
|
13994
Description:
(Description Provided by CVE) : Buffer overflow in the permitted function of GNOME gtop daemon (libgtop_daemon) in libgtop 1.0.13 and earlier may allow remote attackers to execute arbitrary code via long authentication data.
|
2001-11-28
|
GNOME libgtop permitted Function Authentication Data Overflow
|
|
13998
Description:
WU-FTPD contains an unspecified flaw that may allow a remote attacker to execute arbitrary code. No further details have been provided.
|
2001-11-28
|
WU-FTPD Unspecified Security Issue
|
|
14054
Description:
(Description Provided by CVE) : Cooolsoft PowerFTP Server 2.03 allows remote attackers to list the contents of arbitrary drives via a ls (LIST) command that includes the drive letter as an argument, e.g. "ls C:".
|
2001-11-28
|
PowerFTP Server LIST Command Traversal Arbitrary Directory Listing
|
|
14055
Description:
(Description Provided by CVE) : Cooolsoft PowerFTP Server 2.03 allows remote attackers to obtain the physical path of the server root via the pwd command, which lists the full pathname.
|
2001-11-28
|
PowerFTP Server PWD Command Path Disclosure
|
|
3275
Description:
Unicos' Network Queuing System (NQS), part of the Network Queuing Environment (NQE), contains a flaw that allows any local user gain root privileges. The issue is due to a format string vulnerability in the NQS Daemon that incorrectly processes batch files with malcrafted names. When the name is passed to the NQS daemon via the "qsub" utility, the vulnerable function can be exploited to gain elevated privileges.
|
2001-11-27
|
UNICOS Network Queuing System (NQS) Local Format String
|
|
20225
Description:
(Description Provided by CVE) : ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to (1) child processes created with <CFEXECUTE> and (2) child processes that call the CreateProcess function and are executed with <CFOBJECT> or end with the CFX extension, which allows attackers to execute programs with the permissions of the System account.
|
2001-11-27
|
ColdFusion CFEXECUTE / CFOBJECT Child Process Privilege Escalation
|
|
24872
Description:
Unknown / Incomplete
|
2001-11-27
|
WebGlimpse URL Control Character Arbitrary Command Execution
|
|
20268
Description:
(Description Provided by CVE) : Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote attackers to obtain authentication information and gain unauthorized access via sniffing or a cross-site scripting attack.
|
2001-11-27
|
Audiogalaxy Cookie Cleartext Authentication Credential Disclosure
|
|
680
Description:
(Description Provided by CVE) : Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL.
|
2001-11-27
|
Allaire JRun Encoded JSP Request Arbitrary Directory Listing
|
|
6443
Description:
PowerPhlogger contains a flaw that may allow an attacker to access the mySQL dump of an arbitrary user. The issue is due to improper argument checking in the db_dump.php script. No further details have been provided.
|
2001-11-27
|
PowerPhlogger db_dump.php View Arbitrary mySQL Dump
|
|
6629
Description:
(Description Provided by CVE) : SSIFilter in Allaire JRun 3.1, 3.0 and 2.3.3 allows remote attackers to obtain source code for Java server pages (.jsp) and other files in the web root via an HTTP request for a non-existent SSI page, in which the request's body has an #include statement.
|
2001-11-27
|
Allaire JRun SSIFilter JSP Source Code Disclosure
|
|
7143
Description:
Interchange contains a flaw related to the Safe :base_io group default behavior. No further details have been provided.
|
2001-11-27
|
Interchange Unspecified Safe :base_io Group
|
|
13243
Description:
(Description Provided by CVE) : Sendpage.pl allows remote attackers to execute arbitrary commands via a message containing shell metacharacters.
|
2001-11-27
|
Sendpage.pl message Variable Command Execution
|
|
13993
Description:
(Description Provided by CVE) : Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message and (2) syslog_io_message functions.
|
2001-11-27
|
GNOME libgtop permitted Function Format String
|
|
1995
Description:
(Description Provided by CVE) : Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download.
|
2001-11-26
|
Microsoft IE Download Dialog File Extension Spoofing Weakness
|
|
20195
Description:
(Description Provided by CVE) : Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, whose default permissions are world-readable, which allows remote attackers to gain privileges.
|
2001-11-26
|
Xitami default.aut Cleartext Administrator Password Remote Disclosure
|
|
20219
Description:
(Description Provided by CVE) : Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' (slash), as demonstrated using ctx.
|
2001-11-26
|
Macromedia JRun Trailing Slash Duplicate Session ID Privilege Escalation
|
