Qpopper contains a flaw that may allow a malicious user to get unauthorized information. The issue is due to different error messages being output when authentication attempts are made using valid and invalid usernames. When qpopper is used in conjunction with PAM, remote attackers can enumerate valid account usernames, resulting in a loss of confidentiality.
(Description Provided by CVE) : Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak encryption to store the user password in a registry key, which allows attackers who have access to the registry key to decrypt the password and gain privileges.
(Description Provided by CVE) : Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not encrypt sensitive files and relies solely on its password feature to restrict access, which allows an attacker to read the files using a different application.
(Description Provided by CVE) : Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a small keyspace for device keys and does not impose a delay when an incorrect key is entered, which allows attackers to more quickly guess the key via a brute force attack.
Adobe Acrobat for Linux contains a flaw in the libCoolType library. The issue is triggered when the application creates the AdobeFnt.lst file with insecure permissions. With a specially crafted request, a local attacker can manipulate arbitrary files.
(Description Provided by CVE) : Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets.
(Description Provided by CVE) : Respondus 1.1.2 for WebCT uses weak encryption to remember usernames and passwords, which allows local users who can read the WEBCT.SVR file to decrypt the passwords and gain additional privileges.
(Description Provided by CVE) : UltraEdit uses weak encryption to record FTP passwords in the uedit32.ini file, which allows local users who can read the file to decrypt the passwords and gain privileges.
(Description Provided by CVE) : BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space.
(Description Provided by CVE) : Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack.
CuteFTP contains a flaw that is due to the program using what has been reported to be a insecure encoding for the sm.dat file which stores password information. This may allow a local attacker to more easily gain access to password information if the site manager password has not been set.
(Description Provided by CVE) : Buffer overflow in AOLserver 3.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via an HTTP request with a long Authorization header.
Dynu FTP Server contains a flaw that allows a remote attacker to traverse directories outside of the web path. The issue is due to the program not properly sanitizing user input, specifically traversal style attacks (../../) supplied via the CWD command.
A remote overflow exists in A-V Tronics: InetServ. The Webmail interface fails to verify the length of the 'Username' and 'Password' fields resulting in a buffer overflow. With a specially crafted request, an attacker can cause denial of service via network, execution of arbitrary code via network, or root access via network resulting in a loss of confidentiality, integrity, and availability.
Panda Antivirus Platinum contains a flaw that may allow a REMOTE denial of service. The issue is triggered when a malformed UPX packed exe examination occurs, and will result in loss of availability for the Antivirus Functionality.
BSD contains a flaw that may allow a local denial of service. The issue is triggered when a malicious user compiles and executes shell code that causes a bad system call, resulting in a reboot and loss of availability for the platform.
This host is running the IrDa service. This service provides infrared-based connectivity to Windows hosts. A buffer overflow exists in the IrDa handling code in Windows 2000. An attacker can use this to shutdown the machine if they can physically locate themselves within a few feet of the server.
linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process.
(Description Provided by CVE) : ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack.
(Description Provided by CVE) : Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 allows an attacker to read arbitrary files and directories via a ... (modified dot dot) in the CD command.
Sage Software MAS 200 contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious user telnets to port 10000 on the server and then inputs ctrl-x 10 times, and will result in loss of availability for the service.
Apache contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered when an HTTP request without a trailing '/' character returns a 3xx redirect error code. This error code contains a 'location' response-header, which may allow a remote attacker to gain access to the server's internal address.
FreeBSD contains a flaw that may lead to an unauthorized information disclosure. The issue is due to an error in the procfs file system that allows processes that initially had debugging rights to an arbitrary process to retain these rights even if the targeted process has gained escalated privileges. This may allow a local attacker to access the targeted processes memory space and gain access to potentially sensitive information.
(Description Provided by CVE) : Intego FileGuard 4.0 uses weak encryption to store user information and passwords, which allows local users to gain privileges by decrypting the information, e.g., with the Disengage tool.
(Description Provided by CVE) : Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as email@example.com (localhost), which causes Domino to enter a mail loop.
(Description Provided by CVE) : Surf-Net ASP Forum before 2.30 uses easily guessable cookies based on the UserID, which allows remote attackers to gain administrative privileges by calculating the value of the admin cookie (UserID 1), i.e. "0888888."
Check Point FireWall-1 contains a flaw that may allow a malicious administrator to execute arbitrary code on the vulnerable system. The issue is due to a buffer overflow in the GUI log view utility which can be accessed by administrators. If an attacker with permissions to view logs via the GUI interface sends specially crafted data, they may be able to execute arbitrary commands with root privileges.
Sendmail versions 8.10.0 through 8.11.5, and 8.12.0 betas, contain a signed integer overflow in the handling of large numbers passed to the '-d' command line parameter. Local attackers can execute arbitrary code with elevated privileges if sendmail is setuid/setgid (which it typically is).
(Description Provided by CVE) : glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters.
FreeBSD contains a flaw that may allow a malicious user to bypass a firewall. The issue is triggered when ipfw is used with the "me" identifier on a point to point interface. It is possible that the flaw may allow unintended access to the local system by a remote host resulting in a loss of integrity.
The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO
warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright
holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.